93 lines
3.6 KiB
Bash
Executable File
93 lines
3.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
[ -f /var/lib/whonix-libvirt/install.done ] && exit 0
|
|
|
|
## Copyright (C) 2019 - 2020 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
|
|
## See the file COPYING for copying conditions.
|
|
|
|
set -x
|
|
set -e
|
|
|
|
## {{ Taken from qemu-system-common.postinst.
|
|
# Add the kvm group unless it's already there
|
|
if ! getent group kvm >/dev/null; then
|
|
addgroup --quiet --system kvm || true
|
|
fi
|
|
## }} Taken from qemu-system-common.postinst.
|
|
|
|
## {{ Taken from libvirt-bin.postinst.
|
|
if ! getent group libvirt >/dev/null; then
|
|
addgroup --system libvirt
|
|
fi
|
|
## }} Taken from libvirt-bin.postinst.
|
|
|
|
## Existence of user "user" is not guaranteed at this point.
|
|
## XXX: Or is it?
|
|
grep -q ^kvm /etc/group || addgroup user kvm
|
|
grep -q ^libvirt /etc/group || addgroup user libvirt
|
|
|
|
## Create shared directory and adjust permissions
|
|
[ -d /mnt/gateway-shared ] || mkdir --parents /mnt/gateway-shared
|
|
[ -d /mnt/workstation-shared ] || mkdir --parents /mnt/workstation-shared
|
|
chmod 1777 /mnt/gateway-shared
|
|
chmod 1777 /mnt/workstation-shared
|
|
|
|
## TODO: proper error handling. '|| true' can probably be removed.
|
|
|
|
virsh -c qemu:///system net-autostart "default" || true
|
|
virsh -c qemu:///system net-start "default" || true
|
|
virsh -c qemu:///system net-define "/usr/local/share/whonix-libvirt/xml/Whonix-External.xml" || true
|
|
virsh -c qemu:///system net-define "/usr/local/share/whonix-libvirt/xml/Whonix-Internal.xml" || true
|
|
virsh -c qemu:///system net-autostart "Whonix-External" || true
|
|
virsh -c qemu:///system net-start "Whonix-External" || true
|
|
virsh -c qemu:///system net-autostart "Whonix-Internal" || true
|
|
virsh -c qemu:///system net-start "Whonix-Internal" || true
|
|
|
|
## Doing the following in a temporary directory to avoid modified files should
|
|
## this be interrupted in the middle.
|
|
temp_dir="$(mktemp --directory)"
|
|
cp -r /usr/local/share/whonix-libvirt/xml "$temp_dir"
|
|
|
|
if virsh capabilities | grep "<domain type='kvm'>" ; then
|
|
true "OK: found KVM"
|
|
else
|
|
## replace the 'kvm' domain type with 'qemu'
|
|
search="<domain type='kvm'>"
|
|
replace="<domain type='qemu'>"
|
|
str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Gateway.xml"
|
|
str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Workstation.xml"
|
|
|
|
search="<cpu mode='host-passthrough'/>"
|
|
replace=""
|
|
str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Gateway.xml"
|
|
str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Workstation.xml"
|
|
|
|
## https://forums.whonix.org/t/whonix-host-operating-system/3931/251
|
|
search="<pvspinlock state='on'/>"
|
|
replace=""
|
|
str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Gateway.xml"
|
|
str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Workstation.xml"
|
|
|
|
## https://forums.whonix.org/t/whonix-host-operating-system/3931/284
|
|
search="<vcpu placement='static' cpuset='0'>1</vcpu>"
|
|
replace=""
|
|
str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Gateway.xml"
|
|
|
|
## https://forums.whonix.org/t/whonix-host-operating-system/3931/284
|
|
search="<vcpu placement='static' cpuset='1'>1</vcpu>"
|
|
replace=""
|
|
str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Workstation.xml"
|
|
fi
|
|
|
|
test -f "$temp_dir/xml/Whonix-Gateway.xml"
|
|
test -f "$temp_dir/xml/Whonix-Workstation.xml"
|
|
|
|
virsh -c qemu:///system define "$temp_dir/xml/Whonix-Gateway.xml" || true
|
|
virsh -c qemu:///system define "$temp_dir/xml/Whonix-Workstation.xml" || true
|
|
|
|
virt-xml "Whonix-Gateway" --add-device --filesystem source=/mnt/gateway-shared,target=shared,type=mount,accessmode=mapped || true
|
|
virt-xml "Whonix-Workstation" --add-device --filesystem source=/mnt/workstation-shared,target=shared,type=mount,accessmode=mapped || true
|
|
|
|
mkdir --parents /var/lib/whonix-libvirt
|
|
touch /var/lib/whonix-libvirt/install.done
|