WiP! tor
This commit is contained in:
parent
67fbe1ea9a
commit
519d99af30
|
@ -1,3 +1 @@
|
||||||
{
|
{ imports = [ ./tor.nix ]; }
|
||||||
imports = [ ./tor.nix ];
|
|
||||||
}
|
|
||||||
|
|
|
@ -7,7 +7,7 @@ let Libc = Sigil.Libc
|
||||||
let VFS = Sigil.VFS
|
let VFS = Sigil.VFS
|
||||||
|
|
||||||
in λ(args : List Text) →
|
in λ(args : List Text) →
|
||||||
λ(lwipCap : Text) →
|
λ(vfs : { lwip : Text, pipe : Text }) →
|
||||||
λ(binary : Text) →
|
λ(binary : Text) →
|
||||||
Init.Child.flat
|
Init.Child.flat
|
||||||
Init.Child.Attributes::{
|
Init.Child.Attributes::{
|
||||||
|
@ -17,7 +17,7 @@ in λ(args : List Text) →
|
||||||
Libc::{
|
Libc::{
|
||||||
, args
|
, args
|
||||||
, pipe = Some "/dev/pipes"
|
, pipe = Some "/dev/pipes"
|
||||||
, rtc = Some "/dev/random"
|
, rng = Some "/dev/entropy"
|
||||||
, socket = Some "/dev/sockets"
|
, socket = Some "/dev/sockets"
|
||||||
, vfs =
|
, vfs =
|
||||||
[ VFS.dir
|
[ VFS.dir
|
||||||
|
@ -25,11 +25,18 @@ in λ(args : List Text) →
|
||||||
[ VFS.leaf "null"
|
[ VFS.leaf "null"
|
||||||
, VFS.leaf "log"
|
, VFS.leaf "log"
|
||||||
, VFS.leaf "rtc"
|
, VFS.leaf "rtc"
|
||||||
, VFS.leafAttrs "terminal" (toMap { label = "entropy" })
|
, VFS.leafAttrs
|
||||||
, VFS.dir "pipes" [ VFS.leaf "pipe" ]
|
"terminal"
|
||||||
|
(toMap { name = "entropy", label = "entropy" })
|
||||||
|
, VFS.dir
|
||||||
|
"pipes"
|
||||||
|
[ VFS.leafAttrs "plugin" (toMap { load = vfs.pipe }) ]
|
||||||
, VFS.dir
|
, VFS.dir
|
||||||
"sockets"
|
"sockets"
|
||||||
[ VFS.leafAttrs "plugin" (toMap { load = lwipCap }) ]
|
[ VFS.leafAttrs
|
||||||
|
"plugin"
|
||||||
|
(toMap { load = vfs.lwip, label = "uplink" })
|
||||||
|
]
|
||||||
]
|
]
|
||||||
, VFS.dir
|
, VFS.dir
|
||||||
"nix"
|
"nix"
|
||||||
|
@ -41,5 +48,5 @@ in λ(args : List Text) →
|
||||||
]
|
]
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
, resources = Init.Resources::{ caps = 256, ram = Sigil.units.MiB 64 }
|
, resources = Init.Resources::{ caps = 512, ram = Sigil.units.MiB 384 }
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,18 +10,19 @@ in {
|
||||||
args = lib.strings.splitString " "
|
args = lib.strings.splitString " "
|
||||||
config.systemd.services.tor.serviceConfig.ExecStart;
|
config.systemd.services.tor.serviceConfig.ExecStart;
|
||||||
tor' = lib.getEris' "bin" pkgs.tor "tor";
|
tor' = lib.getEris' "bin" pkgs.tor "tor";
|
||||||
lwip' = lib.getEris "lib" pkgs.genodePackages.lwip;
|
lwip' = lib.getEris "lib" pkgs.genodePackages.vfs_lwip;
|
||||||
|
pipe' = lib.getEris "lib" pkgs.genodePackages.vfs_pipe;
|
||||||
in {
|
in {
|
||||||
binary = builtins.head args;
|
binary = builtins.head args;
|
||||||
package = pkgs.tor;
|
package = pkgs.tor;
|
||||||
extraErisInputs = [ tor' lwip' ];
|
extraErisInputs = [ tor' lwip' pipe' ];
|
||||||
configFile = pkgs.writeText "tor.dhall"
|
configFile = pkgs.writeText "tor.dhall" "${./tor.dhall} ${toDhall args} ${
|
||||||
"${./tor.dhall} ${toDhall args} ${lwip'.cap}";
|
toDhall {
|
||||||
uplinks.eth0 = {
|
lwip = lwip'.cap;
|
||||||
driver = "virtio";
|
pipe = pipe'.cap;
|
||||||
dump = true;
|
}
|
||||||
verbose = true;
|
}";
|
||||||
};
|
uplinks.uplink.driver = "ipxe";
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,9 +2,12 @@
|
||||||
name = "tor";
|
name = "tor";
|
||||||
machine = { config, lib, pkgs, ... }: {
|
machine = { config, lib, pkgs, ... }: {
|
||||||
|
|
||||||
# genode.core.storeBackend = "fs";
|
virtualisation.memorySize = 768;
|
||||||
# hardware.genode.usb.enable = true;
|
|
||||||
# hardware.genode.usb.storage.enable = true;
|
genode.gui.consoleLog.enable = true;
|
||||||
|
genode.core.storeBackend = "fs";
|
||||||
|
hardware.genode.usb.enable = true;
|
||||||
|
hardware.genode.usb.storage.enable = true;
|
||||||
|
|
||||||
services.tor = {
|
services.tor = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
Loading…
Reference in New Issue