M flake.nix => flake.nix +7 -0
@@ 211,6 211,13 @@
# Modules for composing Genode and NixOS
import ./nixos-modules { flake = self; };
+ nixosConfigurations =
+ # Demo NixOS configurations
+ import ./nixos-configurations {
+ inherit nixpkgs;
+ genodepkgs = self;
+ };
+
checks =
# Checks for continous testing
let tests = import ./tests;
A nixos-configurations/default.nix => nixos-configurations/default.nix +49 -0
@@ 0,0 1,49 @@
+{ nixpkgs, genodepkgs }:
+
+{
+ torDemo = nixpkgs.lib.nixosSystem {
+ system = "x86_64-genode";
+ modules = [
+ genodepkgs.nixosModules.x86_64
+ genodepkgs.nixosModules.nova
+
+ (import ./tor-relay.nix)
+
+ ({ config, pkgs, ... }: {
+ system.build.libvirtDomain = with pkgs;
+ stdenv.mkDerivation {
+ name = config.system.name + ".libvirt";
+
+ # nativeBuildInputs = with pkgs.buildPackages; [ libvirt ];
+
+ buildCommand = ''
+ mkdir -p $out
+ virtXml=$out/libvirt-domain.xml
+ cat > $virtXml << EOF
+ <?xml version="1.0"?>
+ <domain type="qemu">
+ <name>${config.system.name}</name>
+ <memory>${toString config.virtualisation.memorySize}</memory>
+ <vcpu>${toString config.virtualisation.cores}</vcpu>
+ <os>
+ <type arch="x86_64" machine="pc">hvm</type>
+ <kernel>${config.virtualisation.qemu.kernel}</kernel>
+ <initrd>${config.virtualisation.qemu.initrd}</initrd>
+ <cmdline>${config.virtualisation.qemu.cmdline}</cmdline>
+ </os>
+ <devices>
+ <emulator>qemu-system-x86_64</emulator>
+ <interface type="network">
+ <source network="default"/>
+ </interface>
+ </devices>
+ </domain>
+ EOF
+
+ # virt-xml-validate $virtXml
+ '';
+ };
+ })
+ ];
+ };
+}
A nixos-configurations/tor-relay.nix => nixos-configurations/tor-relay.nix +36 -0
@@ 0,0 1,36 @@
+{ config, lib, pkgs, ... }:
+
+{
+ genode.boot.storeBackend = "ahci";
+
+ networking.interfaces.eth0 = {
+ genode.driver = "virtio";
+ useDHCP = true;
+ };
+
+ services.tor = {
+ enable = true;
+ client.enable = false;
+ extraConfig = ''
+ Log [general,net,config,fs]debug stdout
+ '';
+ relay = {
+ enable = true;
+ port = 80;
+ role = "relay";
+ bridgeTransports = [ ];
+ };
+ };
+
+ systemd.services.tor.genode = {
+ enable = true;
+ interface = "eth0";
+ ramQuota = 1024;
+ extraVfs = pkgs.writeText "tor.vfs.dhall" ''
+ let VFS = (env:DHALL_GENODE).VFS
+
+ in [ VFS.dir "var" [ VFS.dir "lib" [ VFS.leaf "ram" ] ] ]
+ '';
+ };
+
+}
M tests/default.nix => tests/default.nix +1 -0
@@ 13,6 13,7 @@ let
./hello.nix
./log.nix
./networking.nix
+ ./tor.nix
./vmm_x86.nix
./x86.nix
];
A tests/tor.nix => tests/tor.nix +27 -0
@@ 0,0 1,27 @@
+{
+ name = "tor";
+ machine = { config, pkgs, ... }: {
+ imports = [ ../nixos-modules/hardware.nix ../nixos-modules/systemd.nix ];
+ genode.boot.storeBackend = "ahci";
+ services.tor = {
+ enable = true;
+ client.enable = false;
+ extraConfig = ''
+ Log [general,net,config,fs]debug stdout
+ '';
+ relay = {
+ enable = true;
+ contactInfo = "genodepkgs-junk@spam.works";
+ port = 80;
+ role = "relay";
+ bridgeTransports = [ ];
+ };
+ };
+ systemd.services.tor.genode = {
+ enable = true;
+ interface = "eth1";
+ ramQuota = 300;
+ fsPersistence = true;
+ };
+ };
+}