From 47bf46cb3d752a4163118741c75c56daaf2e3260 Mon Sep 17 00:00:00 2001
From: Micah Lee <micah@micahflee.com>
Date: Tue, 29 Jun 2021 16:20:54 -0700
Subject: [PATCH] Commit some work-in-progress

---
 rip_docker/README.md | 12 +++++++++--
 rip_docker/run-vm.py | 47 ++++++++++++++++++++++++++++++++++++++++++++
 rip_docker/run-vm.sh | 35 +++++++++++++++++++++++++--------
 3 files changed, 84 insertions(+), 10 deletions(-)
 create mode 100755 rip_docker/run-vm.py

diff --git a/rip_docker/README.md b/rip_docker/README.md
index ddcb358..32952c0 100644
--- a/rip_docker/README.md
+++ b/rip_docker/README.md
@@ -22,10 +22,18 @@ This takes awhile to run. It:
 ./run-vm.sh
 ```
 
-You can ssh in as the unprivileged user like this:
+You can ssh in as the unprivileged user like this (you need to `brew install socat`):
 
 ```sh
-ssh -i ./ssh-key/id_ed25519 -o StrictHostKeyChecking=no user@192.168.65.3
+ssh -i ./ssh-key/id_ed25519 \
+    -o LogLevel=FATAL \
+    -o Compression=yes \
+    -o IdentitiesOnly=yes \
+    -o StrictHostKeyChecking=no \
+    -o UserKnownHostsFile=/dev/null \
+    -o "ProxyCommand nc -U /Users/user/code/dangerzone/rip_docker/vm/connect" \
+    -v \
+    user@localhost
 ```
 
 (doesn't work yet)
diff --git a/rip_docker/run-vm.py b/rip_docker/run-vm.py
new file mode 100755
index 0000000..69a9b0d
--- /dev/null
+++ b/rip_docker/run-vm.py
@@ -0,0 +1,47 @@
+#!/usr/bin/env python3
+import subprocess
+import uuid
+import os
+
+
+def main():
+    base_dir = os.path.join(
+        os.path.dirname(os.path.dirname(os.path.abspath(__file__))), "vm"
+    )
+
+    vm_uuid = uuid.uuid4()
+
+    cmd = [
+        "hyperkit",
+        "-m",
+        "4G",
+        "-c",
+        "2",
+        "-s",
+        "0:0,hostbridge",
+        "-s",
+        "31,lpc",
+        "-s",
+        "2:0,virtio-net",
+        "-l",
+        "com1,stdio",
+        # "-F",
+        # os.path.join(base_dir, "hyperkit.pid"),
+        "-U",
+        str(vm_uuid),
+        "-s",
+        "3:0,ahci-cd," + os.path.join(base_dir, "alpine-dangerzone-v3.14-x86_64.iso"),
+        "-f",
+        "kexec,"
+        + os.path.join(base_dir, "vmlinuz-virt")
+        + ","
+        + os.path.join(base_dir, "initramfs-virt")
+        + ',"modules=virtio_net console=ttyS0"',
+    ]
+    print(" ".join(cmd))
+
+    subprocess.run(cmd)
+
+
+if __name__ == "__main__":
+    main()
diff --git a/rip_docker/run-vm.sh b/rip_docker/run-vm.sh
index 860beff..27611ce 100755
--- a/rip_docker/run-vm.sh
+++ b/rip_docker/run-vm.sh
@@ -4,19 +4,38 @@ ROOT=$(pwd)/vm
 HYPERKIT=/Applications/Docker.app/Contents/Resources/bin/com.docker.hyperkit
 VPNKIT=/Applications/Docker.app/Contents/Resources/bin/com.docker.vpnkit
 
-VPNKIT_SOCK=$ROOT/vpnkit.eth.sock
-PIDFILE=$ROOT/vpnkit.pid
-$VPNKIT --ethernet=$VPNKIT_SOCK &
-echo $! > $PIDFILE
-trap 'test -f $PIDFILE && kill `cat $PIDFILE` && rm $PIDFILE' EXIT
+# VPNKIT_SOCK=$ROOT/vpnkit.eth.sock
+# PIDFILE=$ROOT/vpnkit.pid
+# $VPNKIT \
+#     --ethernet=$VPNKIT_SOCK \
+#     --gateway-ip 192.168.65.1 \
+#     --host-ip 192.168.65.2 \
+#     --lowest-ip 192.168.65.3 \
+#     --highest-ip 192.168.65.254 &
+# echo $! > $PIDFILE
+# trap 'test -f $PIDFILE && kill `cat $PIDFILE` && rm $PIDFILE' EXIT
 
 $HYPERKIT \
+    -F $ROOT/hyperkit.pid \
     -A -u \
     -m 4G \
     -c 2 \
     -s 0:0,hostbridge -s 31,lpc \
     -l com1,stdio \
-    -s 3:0,ahci-cd,$ROOT/alpine-dangerzone-v3.14-x86_64.iso \
-    -s 2:0,virtio-vpnkit,path=$VPNKIT_SOCK \
+    -s 1:0,ahci-cd,$ROOT/alpine-dangerzone-v3.14-x86_64.iso \
+    -s 2:0,virtio-net \
     -U 9efa82d7-ebd5-4287-b1cc-ac4160a39fa7 \
-    -f kexec,$ROOT/vmlinuz-virt,$ROOT/initramfs-virt,"earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod,usb-storage"
+    -f kexec,$ROOT/vmlinuz-virt,$ROOT/initramfs-virt,"earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod,usb-storage vpnkit.connect=connect://2/1999"
+
+# hyperkit 
+#     -c 1 -m 1024M 
+#     -u -A -H 
+#     -U 386bba5a-5dc4-3ac2-95c9-cf0b9a29b352 
+#     -s 0:0,hostbridge 
+#     -s 2:0,virtio-net 
+#     -s 5,virtio-rnd 
+#     -s 31,lpc 
+#     -l com1,autopty=primary/pty,log=/Library/Logs/Multipass/primary-hyperkit.log 
+#     -s 1:0,virtio-blk,file://primary/ubuntu-20.04-server-cloudimg-amd64.img?sync=os&buffered=1,format=qcow,qcow-config=discard=true;compact_after_unmaps=262144;keep_erased=262144;runtime_asserts=false 
+#     -s 1:1,ahci-cd,primary/cloud-init-config.iso 
+#     -f kexec,primary/ubuntu-20.04-server-cloudimg-amd64-vmlinuz-generic,primary/ubuntu-20.04-server-cloudimg-amd64-initrd-generic,earlyprintk=serial console=ttyS0 root=/dev/vda1 rw panic=1 no_timer_check