This commit is contained in:
Emery Hemingway 2021-04-12 21:08:24 +02:00
parent 67fbe1ea9a
commit 519d99af30
4 changed files with 30 additions and 21 deletions

View File

@ -1,3 +1 @@
{ { imports = [ ./tor.nix ]; }
imports = [ ./tor.nix ];
}

View File

@ -7,7 +7,7 @@ let Libc = Sigil.Libc
let VFS = Sigil.VFS let VFS = Sigil.VFS
in λ(args : List Text) → in λ(args : List Text) →
λ(lwipCap : Text) → λ(vfs : { lwip : Text, pipe : Text }) →
λ(binary : Text) → λ(binary : Text) →
Init.Child.flat Init.Child.flat
Init.Child.Attributes::{ Init.Child.Attributes::{
@ -17,7 +17,7 @@ in λ(args : List Text) →
Libc::{ Libc::{
, args , args
, pipe = Some "/dev/pipes" , pipe = Some "/dev/pipes"
, rtc = Some "/dev/random" , rng = Some "/dev/entropy"
, socket = Some "/dev/sockets" , socket = Some "/dev/sockets"
, vfs = , vfs =
[ VFS.dir [ VFS.dir
@ -25,11 +25,18 @@ in λ(args : List Text) →
[ VFS.leaf "null" [ VFS.leaf "null"
, VFS.leaf "log" , VFS.leaf "log"
, VFS.leaf "rtc" , VFS.leaf "rtc"
, VFS.leafAttrs "terminal" (toMap { label = "entropy" }) , VFS.leafAttrs
, VFS.dir "pipes" [ VFS.leaf "pipe" ] "terminal"
(toMap { name = "entropy", label = "entropy" })
, VFS.dir
"pipes"
[ VFS.leafAttrs "plugin" (toMap { load = vfs.pipe }) ]
, VFS.dir , VFS.dir
"sockets" "sockets"
[ VFS.leafAttrs "plugin" (toMap { load = lwipCap }) ] [ VFS.leafAttrs
"plugin"
(toMap { load = vfs.lwip, label = "uplink" })
]
] ]
, VFS.dir , VFS.dir
"nix" "nix"
@ -41,5 +48,5 @@ in λ(args : List Text) →
] ]
] ]
} }
, resources = Init.Resources::{ caps = 256, ram = Sigil.units.MiB 64 } , resources = Init.Resources::{ caps = 512, ram = Sigil.units.MiB 384 }
} }

View File

@ -10,18 +10,19 @@ in {
args = lib.strings.splitString " " args = lib.strings.splitString " "
config.systemd.services.tor.serviceConfig.ExecStart; config.systemd.services.tor.serviceConfig.ExecStart;
tor' = lib.getEris' "bin" pkgs.tor "tor"; tor' = lib.getEris' "bin" pkgs.tor "tor";
lwip' = lib.getEris "lib" pkgs.genodePackages.lwip; lwip' = lib.getEris "lib" pkgs.genodePackages.vfs_lwip;
pipe' = lib.getEris "lib" pkgs.genodePackages.vfs_pipe;
in { in {
binary = builtins.head args; binary = builtins.head args;
package = pkgs.tor; package = pkgs.tor;
extraErisInputs = [ tor' lwip' ]; extraErisInputs = [ tor' lwip' pipe' ];
configFile = pkgs.writeText "tor.dhall" configFile = pkgs.writeText "tor.dhall" "${./tor.dhall} ${toDhall args} ${
"${./tor.dhall} ${toDhall args} ${lwip'.cap}"; toDhall {
uplinks.eth0 = { lwip = lwip'.cap;
driver = "virtio"; pipe = pipe'.cap;
dump = true; }
verbose = true; }";
}; uplinks.uplink.driver = "ipxe";
}; };
}; };

View File

@ -2,9 +2,12 @@
name = "tor"; name = "tor";
machine = { config, lib, pkgs, ... }: { machine = { config, lib, pkgs, ... }: {
# genode.core.storeBackend = "fs"; virtualisation.memorySize = 768;
# hardware.genode.usb.enable = true;
# hardware.genode.usb.storage.enable = true; genode.gui.consoleLog.enable = true;
genode.core.storeBackend = "fs";
hardware.genode.usb.enable = true;
hardware.genode.usb.storage.enable = true;
services.tor = { services.tor = {
enable = true; enable = true;