# -*- mode: ruby -*- # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io> # SPDX-License-Identifier: GPL-2.0-only require 'yaml' machines = YAML.load_file(File.join(File.dirname(__FILE__), 'boxes.yml')) default = machines['defaults'] Vagrant.require_version '>= 2.0.0' Vagrant.configure("2") do |config| config.ssh.keys_only = true config.ssh.insert_key = false config.ssh.private_key_path = [ '~/.ssh/id_ed25519' ] config.ssh.username = 'user' machines['boxes'].each do |instance| # Configure the VMs per details in boxes.yml config.vm.define instance['name'] do |srv| srv.vm.box = instance['box'] srv.vm.box_check_update = false srv.vm.post_up_message = instance.to_yaml srv.vm.synced_folder '.', '/vagrant', disabled: true if !ENV['AA_INTEGRATION'] srv.vm.synced_folder '../', '/home/user/Projects/apparmor.d', type: 'virtiofs', mount: false end # Configure Libvirt provider srv.vm.provider 'libvirt' do |libvirt| libvirt.driver = 'kvm' libvirt.default_prefix = 'aa-' libvirt.connect_via_ssh = false libvirt.storage_pool_name = 'ssd' libvirt.memory = instance.fetch('ram', default['ram']) libvirt.cpus = instance.fetch('cpu', default['cpu']) libvirt.cpu_mode = 'host-passthrough' libvirt.machine_type = 'q35' libvirt.video_type = 'virtio' libvirt.graphics_type = 'spice' libvirt.sound_type = 'ich9' libvirt.tpm_model = 'tpm-crb' libvirt.tpm_type = 'emulator' libvirt.tpm_version = '2.0' libvirt.random model: 'random' libvirt.memorybacking 'source', type: 'memfd' libvirt.memorybacking 'access', mode: 'shared' libvirt.channel type: 'unix', target_name: 'org.qemu.guest_agent.0', target_type: 'virtio' (1..2).each do libvirt.redirdev :type => "spicevmc" end if instance.fetch('uefi', default['uefi']) libvirt.loader = '/usr/share/edk2-ovmf/x64/OVMF_CODE.fd' end end end end end