Vagrantfile for fully automated, secure runs

Just running `vagrant up` will start a VM, build mkp224o, remove root
and internet access, then run mkp224o.  This provides an easy to use,
disposible way to generate onion services.
This commit is contained in:
Hans-Christoph Steiner 2022-04-20 10:16:37 +02:00
parent 8b2d09d1c0
commit 5f946123f2
No known key found for this signature in database
GPG key ID: 3E177817BA1B9BFA

46
contrib/vagrant/Vagrantfile vendored Normal file
View file

@ -0,0 +1,46 @@
# set this to choose the starting prefix of the onion name
filter = "prefix"
Vagrant.configure("2") do |config|
config.vm.box = "debian/bullseye64"
config.vm.provider :libvirt do |libvirt|
libvirt.cpus = 2
end
config.vm.synced_folder '.', '/vagrant', disabled: true
config.vm.provision :shell, inline: <<-SHELL
set -ex
sed -i s,http:,https:, /etc/apt/sources.list
apt-get update
apt-get -qy dist-upgrade
apt-get -qy install --no-install-recommends git gcc libc-dev libsodium-dev make autoconf htop screen
SHELL
config.vm.provision :shell, privileged: false, inline: <<-SHELL
git clone https://github.com/cathugger/mkp224o.git /home/vagrant/mkp224o
SHELL
# disable internet access
config.vm.provision "shell",
run: "always",
inline: "ip route del default || true"
# disable root
config.vm.provision "shell", inline: "passwd --lock root"
config.vm.provision "shell", inline: "SUDO_FORCE_REMOVE=yes dpkg --purge sudo"
config.vm.provision :shell, privileged: false, inline: <<-SHELL
set -ex
cd mkp224o
./autogen.sh
./configure
make
./mkp224o -h
mkdir ~/#{filter}
cd ~/#{filter}
screen -d -m -L -Logfile #{filter}.log -S run-#{filter} nice ~/mkp224o/mkp224o -S 300 #{filter}
SHELL
end