diff --git a/base/debloat.sh b/base/debloat.sh index 89a3b103..fd4f827f 100755 --- a/base/debloat.sh +++ b/base/debloat.sh @@ -39,7 +39,7 @@ debloat_paths=( "/nix" ) -if [[ ! "$PROFILES" == *"devtools"* ]]; then +if [[ "${PROFILES:-}" != *"devtools"* ]]; then debloat_paths+=( "/usr/share/bash-completion" ) diff --git a/base/mkosi.skeleton/etc/systemd/system/persistent-mount.service b/bob-common/mkosi.extra/etc/systemd/system/persistent-mount.service similarity index 100% rename from base/mkosi.skeleton/etc/systemd/system/persistent-mount.service rename to bob-common/mkosi.extra/etc/systemd/system/persistent-mount.service diff --git a/scripts/build_rust_package.sh b/scripts/build_rust_package.sh index 58f313fc..008092c1 100755 --- a/scripts/build_rust_package.sh +++ b/scripts/build_rust_package.sh @@ -50,10 +50,10 @@ build_rust_package() { CARGO_TERM_COLOR='never' cd '/build/$package' cargo fetch - cargo build --release --frozen ${extra_features:+--features $extra_features} + cargo build -p $package --release --frozen ${extra_features:+--features $extra_features} " # Cache and install the built binary install -m 755 "$build_dir/target/release/$package" "$cached_binary" install -m 755 "$cached_binary" "$dest_path" -} \ No newline at end of file +} diff --git a/tdx-dummy-azure.conf b/tdx-dummy-azure.conf new file mode 100644 index 00000000..87c6d859 --- /dev/null +++ b/tdx-dummy-azure.conf @@ -0,0 +1,6 @@ +[Include] +Include=base/mkosi.conf +Include=tdx-dummy-azure/mkosi.conf + +[Config] +Profiles=azure diff --git a/tdx-dummy-azure/dummy-tdx-azure.service b/tdx-dummy-azure/dummy-tdx-azure.service new file mode 100644 index 00000000..f0f28ba2 --- /dev/null +++ b/tdx-dummy-azure/dummy-tdx-azure.service @@ -0,0 +1,17 @@ +[Unit] +Description=Dummy TDX server for azure attestation +After=network-setup.service +Wants=network-setup.service + +[Service] +Type=exec +User=root +Group=root +ExecStart=/usr/bin/dummy-attestation-server server --listen-addr 0.0.0.0:8080 --server-attestation-type azure-tdx +Restart=on-failure +RestartSec=10 +StandardOutput=journal +StandardError=journal + +[Install] +WantedBy=minimal.target diff --git a/tdx-dummy-azure/mkosi.build b/tdx-dummy-azure/mkosi.build new file mode 100755 index 00000000..1496a131 --- /dev/null +++ b/tdx-dummy-azure/mkosi.build @@ -0,0 +1,18 @@ +#!/bin/bash +set -euxo pipefail + +source scripts/build_rust_package.sh + +# local package="$1" +# local version="$2" +# local git_url="$3" +# local provided_binary="$4" +# local extra_features="${5:-}" +# local extra_rustflags="${6:-}" +build_rust_package \ + "dummy-attestation-server" \ + "azure-attest-test02" \ + "https://github.com/flashbots/attested-tls-proxy.git" \ + "" \ + "" \ + "-l z -l zstd" diff --git a/tdx-dummy-azure/mkosi.conf b/tdx-dummy-azure/mkosi.conf new file mode 100644 index 00000000..69d0db52 --- /dev/null +++ b/tdx-dummy-azure/mkosi.conf @@ -0,0 +1,14 @@ +[Content] +WithNetwork=true +BuildScripts=tdx-dummy-azure/mkosi.build + +Packages=libtss2-esys-3.0.2-0t64 + libtss2-tctildr0t64 + +BuildPackages=ca-certificates + cargo + git + libtss2-dev + zlib1g-dev + +PostInstallationScripts=tdx-dummy-azure/mkosi.postinst diff --git a/tdx-dummy-azure/mkosi.postinst b/tdx-dummy-azure/mkosi.postinst new file mode 100755 index 00000000..dad181f3 --- /dev/null +++ b/tdx-dummy-azure/mkosi.postinst @@ -0,0 +1,8 @@ +#!/bin/bash +set -euxo pipefail + +# Install systemd service units +SERVICE_DIR="$BUILDROOT/etc/systemd/system" +mkdir -p "$SERVICE_DIR" + +install -m 644 "tdx-dummy-azure/dummy-tdx-azure.service" "$SERVICE_DIR/"