Vagrantfile for fully automated, secure runs

Just running `vagrant up` will start a VM, build mkp224o, remove root and internet access, then run mkp224o. This provides an easy to use, disposible way to generate onion services.
moongazer07 · May 16, 2022 · 5f94612 · 5f94612
1 parent 8b2d09d
commit 5f94612
Showing 1 changed file with 46 additions and 0 deletions.
diff --git a/contrib/vagrant/Vagrantfile b/contrib/vagrant/Vagrantfile
@@ -0,0 +1,46 @@
+
+# set this to choose the starting prefix of the onion name
+filter = "prefix"
+
+Vagrant.configure("2") do |config|
+ config.vm.box = "debian/bullseye64"
+ config.vm.provider :libvirt do |libvirt|
+ libvirt.cpus = 2
+ end
+ config.vm.synced_folder '.', '/vagrant', disabled: true
+ config.vm.provision :shell, inline: <<-SHELL
+ set -ex
+
+ sed -i s,http:,https:, /etc/apt/sources.list
+ apt-get update
+ apt-get -qy dist-upgrade
+ apt-get -qy install --no-install-recommends git gcc libc-dev libsodium-dev make autoconf htop screen
+SHELL
+
+ config.vm.provision :shell, privileged: false, inline: <<-SHELL
+ git clone https://github.com/cathugger/mkp224o.git /home/vagrant/mkp224o
+SHELL
+
+ # disable internet access
+ config.vm.provision "shell",
+ run: "always",
+ inline: "ip route del default || true"
+
+ # disable root
+ config.vm.provision "shell", inline: "passwd --lock root"
+ config.vm.provision "shell", inline: "SUDO_FORCE_REMOVE=yes dpkg --purge sudo"
+
+ config.vm.provision :shell, privileged: false, inline: <<-SHELL
+ set -ex
+
+ cd mkp224o
+ ./autogen.sh
+ ./configure
+ make
+ ./mkp224o -h
+
+ mkdir ~/#{filter}
+ cd ~/#{filter}
+ screen -d -m -L -Logfile #{filter}.log -S run-#{filter} nice ~/mkp224o/mkp224o -S 300 #{filter}
+SHELL
+end