# -*- mode: ruby -*-
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only

require 'yaml'

machines = YAML.load_file(File.join(File.dirname(__FILE__), 'boxes.yml'))
default = machines['defaults']

Vagrant.require_version '>= 2.0.0'

Vagrant.configure("2") do |config|

  config.ssh.keys_only        = true
  config.ssh.insert_key       = false
  config.ssh.private_key_path = [ '~/.ssh/id_ed25519' ]
  config.ssh.username         = 'user'

  machines['boxes'].each do |instance|

    # Configure the VMs per details in boxes.yml
    config.vm.define instance['name'] do |srv|
      srv.vm.box              = instance['box']
      srv.vm.box_check_update = false
      srv.vm.post_up_message  = instance.to_yaml
      srv.vm.synced_folder '.', '/vagrant', disabled: true
      if !ENV['AA_INTEGRATION']
        srv.vm.synced_folder '../', '/home/user/Projects/apparmor.d', type: 'virtiofs', mount: false
      end

      # Configure Libvirt provider
      srv.vm.provider 'libvirt' do |libvirt|
        libvirt.driver            = 'kvm'
        libvirt.default_prefix    = 'aa-'
        libvirt.connect_via_ssh   = false
        libvirt.storage_pool_name = 'ssd'
        libvirt.memory            = instance.fetch('ram', default['ram'])
        libvirt.cpus              = instance.fetch('cpu', default['cpu'])
        libvirt.cpu_mode          = 'host-passthrough'
        libvirt.machine_type      = 'q35'
        libvirt.video_type        = 'virtio'
        libvirt.graphics_type     = 'spice'
        libvirt.sound_type        = 'ich9'
        libvirt.tpm_model         = 'tpm-crb'
        libvirt.tpm_type          = 'emulator'
        libvirt.tpm_version       = '2.0'
        libvirt.random model: 'random'
        libvirt.memorybacking 'source', type: 'memfd'
        libvirt.memorybacking 'access', mode: 'shared'
        libvirt.channel type: 'unix', target_name: 'org.qemu.guest_agent.0', target_type: 'virtio'
        (1..2).each do
          libvirt.redirdev :type => "spicevmc"
        end
        if instance.fetch('uefi', default['uefi'])
          libvirt.loader = '/usr/share/edk2-ovmf/x64/OVMF_CODE.fd'
        end
      end

    end
  end
end