mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2025-01-12 15:26:44 +01:00
bac9658293
This way, we do not always need to use vagrant to start a vm.
62 lines
2.2 KiB
Ruby
62 lines
2.2 KiB
Ruby
# -*- mode: ruby -*-
|
|
# apparmor.d - Full set of apparmor profiles
|
|
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
|
|
# SPDX-License-Identifier: GPL-2.0-only
|
|
|
|
require 'yaml'
|
|
|
|
machines = YAML.load_file(File.join(File.dirname(__FILE__), 'boxes.yml'))
|
|
default = machines['defaults']
|
|
|
|
Vagrant.require_version '>= 2.0.0'
|
|
|
|
Vagrant.configure("2") do |config|
|
|
|
|
config.ssh.keys_only = true
|
|
config.ssh.insert_key = false
|
|
config.ssh.private_key_path = [ '~/.ssh/id_ed25519' ]
|
|
config.ssh.username = 'user'
|
|
|
|
machines['boxes'].each do |instance|
|
|
|
|
# Configure the VMs per details in boxes.yml
|
|
config.vm.define instance['name'] do |srv|
|
|
srv.vm.box = instance['box']
|
|
srv.vm.box_check_update = false
|
|
srv.vm.post_up_message = instance.to_yaml
|
|
srv.vm.synced_folder '.', '/vagrant', disabled: true
|
|
if !ENV['AA_INTEGRATION']
|
|
srv.vm.synced_folder '../', '/home/user/Projects/apparmor.d', type: 'virtiofs', mount: false
|
|
end
|
|
|
|
# Configure Libvirt provider
|
|
srv.vm.provider 'libvirt' do |libvirt|
|
|
libvirt.driver = 'kvm'
|
|
libvirt.default_prefix = 'aa-'
|
|
libvirt.connect_via_ssh = false
|
|
libvirt.storage_pool_name = 'ssd'
|
|
libvirt.memory = instance.fetch('ram', default['ram'])
|
|
libvirt.cpus = instance.fetch('cpu', default['cpu'])
|
|
libvirt.cpu_mode = 'host-passthrough'
|
|
libvirt.machine_type = 'q35'
|
|
libvirt.video_type = 'virtio'
|
|
libvirt.graphics_type = 'spice'
|
|
libvirt.sound_type = 'ich9'
|
|
libvirt.tpm_model = 'tpm-crb'
|
|
libvirt.tpm_type = 'emulator'
|
|
libvirt.tpm_version = '2.0'
|
|
libvirt.random model: 'random'
|
|
libvirt.memorybacking 'source', type: 'memfd'
|
|
libvirt.memorybacking 'access', mode: 'shared'
|
|
libvirt.channel type: 'unix', target_name: 'org.qemu.guest_agent.0', target_type: 'virtio'
|
|
(1..2).each do
|
|
libvirt.redirdev :type => "spicevmc"
|
|
end
|
|
if instance.fetch('uefi', default['uefi'])
|
|
libvirt.loader = '/usr/share/edk2-ovmf/x64/OVMF_CODE.fd'
|
|
end
|
|
end
|
|
|
|
end
|
|
end
|
|
end
|