Start to support building for M1 chips, using Docker Desktop instead of vagrant

.gitignore

@@ -139,3 +139,4 @@ share/vm
 share/container
 vm-builder/vm
 vm-builder/.vagrant
+vm-builder/dangerzone.docker_image

BUILD.md

@@ -77,8 +77,7 @@ poetry install
 Install [Homebrew](https://brew.sh/) dependencies:
 
 ```sh
-brew install vagrant create-dmg
+brew install create-dmg wget pkg-config opam dune ocaml
-brew install wget pkg-config opam dune ocaml
 ```
 
 Install opam dependencies:

install/macos/make-vm.sh

@@ -15,12 +15,16 @@ mkdir -p share/bin
 cp vendor/hyperkit/build/hyperkit share/bin/hyperkit
 cp vendor/vpnkit/_build/install/default/bin/vpnkit share/bin/vpnkit
 
-# Build ISO
+# Build the dangerzone-converter image
-cd vm-builder
+echo "Building dangerzone-converter image"
-vagrant up
+docker build dangerzone-converter --tag dangerzone.rocks/dangerzone
-vagrant ssh -- /vagrant/build-iso.sh
+echo "Saving dangerzone-converter image"
-vagrant halt
+docker save dangerzone.rocks/dangerzone -o vm-builder/dangerzone-converter.tar
-cd ..
+echo "Compressing dangerzone-converter image"
+gzip vm-builder/dangerzone-converter.tar
+
+# Build the ISO
+docker run -v $(pwd)/vm-builder:/vm-builder alpine:latest /vm-builder/build-iso.sh
 
 # Copy the ISO to resources
 mkdir -p share/vm

vm-builder/Vagrantfile

@@ -1,25 +0,0 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-Vagrant.configure("2") do |config|
-  config.vm.box = "generic/alpine314"
-  config.vm.synced_folder "../dangerzone-converter", "/opt/dangerzone-converter"
-  config.vm.synced_folder ".", "/vagrant"
-  config.vm.provision "shell", inline: <<-SHELL
-    apk update
-    apk add alpine-sdk build-base apk-tools alpine-conf busybox fakeroot syslinux xorriso squashfs-tools sudo
-    apk add mtools dosfstools grub-efi
-    apk add podman p7zip
-    echo "user:100000:65536" >> /etc/subuid
-    echo "user:100000:65536" >> /etc/subgid
-    adduser user -D -G abuild
-    echo "%abuild ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/abuild
-    sudo -u user abuild-keygen -i -a -n
-  SHELL
-
-  # Workaround VirtualBox bug in macOS Monterey
-  # https://github.com/hashicorp/vagrant/issues/12557#issuecomment-952026455
-  config.vm.provider "virtualbox" do |v|
-    v.gui = true
-  end
-end

vm-builder/build-iso.sh

@@ -2,52 +2,43 @@
 
 ALPINE_TAG=v3.14.3
 
-# Set up podman
+# Install dependencies
-sudo modprobe fuse
+apk add alpine-sdk build-base apk-tools alpine-conf busybox fakeroot xorriso squashfs-tools mtools dosfstools grub-efi p7zip abuild sudo
-sudo modprobe tun
-sudo rc-update add cgroups
-sudo rc-service cgroups start
-sudo -u user podman system prune -a -f
 
-# Build the podman container
+# Make keys for build
-cd /opt/dangerzone-converter
+abuild-keygen -i -a -n
-sudo -u user podman build . --tag dangerzone.rocks/dangerzone
 
 # Setup aports
 cd ~/
-if [ -d ~/aports ]; then
-    echo "already downloaded"
-else
 wget https://gitlab.alpinelinux.org/alpine/aports/-/archive/master/aports-master.tar.gz
 tar -xf ~/aports-master.tar.gz
 mv ~/aports-master ~/aports
-fi
+cp /vm-builder/mkimg.dz.sh ~/aports/scripts/
-cp /vagrant/mkimg.dangerzone.sh ~/aports/scripts/
+cp /vm-builder/genapkovl-dz.sh ~/aports/scripts/
-cp /vagrant/genapkovl-dangerzone.sh ~/aports/scripts/
+chmod +x ~/aports/scripts/mkimg.dz.sh
-chmod +x ~/aports/scripts/mkimg.dangerzone.sh
+chmod +x ~/aports/scripts/genapkovl-dz.sh
-chmod +x ~/aports/scripts/genapkovl-dangerzone.sh
 
 # Set up the vm dir
-rm -r /vagrant/vm
+rm -r /vm-builder/vm
-mkdir -p /vagrant/vm
+mkdir -p /vm-builder/vm
-chmod 777 /vagrant/vm
+chmod 777 /vm-builder/vm
 
 # Make the iso
 cd ~/aports/scripts
-sudo -u user sh mkimage.sh --tag "$ALPINE_TAG" \
+./mkimage.sh --tag "$ALPINE_TAG" \
-    --outdir /vagrant/vm \
+    --outdir /vm-builder/vm \
-    --arch x86_64 \
+    --arch $(uname -m) \
     --repository http://dl-cdn.alpinelinux.org/alpine/v3.14/main \
     --repository http://dl-cdn.alpinelinux.org/alpine/v3.14/community \
-    --profile dangerzone
+    --profile dz
-mv /vagrant/vm/alpine-dangerzone-${ALPINE_TAG}-x86_64.iso /vagrant/vm/dangerzone.iso
+mv /vm-builder/vm/alpine-dz-${ALPINE_TAG}-$(uname -m).iso /vm-builder/vm/dangerzone.iso
 
 # Fix permissions
-chmod 755 /vagrant/vm
+chmod 755 /vm-builder/vm
-chmod 644 /vagrant/vm/*
+chmod 644 /vm-builder/vm/*
 
 # Extract vmlinuz and initramfs
-cd /vagrant/vm
+cd /vm-builder/vm
 7z x dangerzone.iso boot/vmlinuz-virt
 7z x dangerzone.iso boot/initramfs-virt
 mv boot/* .

vm-builder/etc/init.d/dangerzone

@@ -25,10 +25,8 @@ EOF
     # Create user
     /usr/sbin/adduser -D -u 1001 user
 
-	# Move containers into home dir
+	# Load the dangerzone container
-	mkdir -p /home/user/.local/share
+	sudo -u user podman load -i /etc/dangerzone-converter.tar.gz
-	mv /etc/container-data /home/user/.local/share/containers
-	chown -R user:user /home/user/.local
 
 	# Allow podman containers to run
 	echo "user:100000:65536" >> /etc/subuid

vm-builder/genapkovl-dz.sh

@@ -19,14 +19,11 @@ tmp="$(mktemp -d)"
 trap cleanup EXIT
 
 # Copy /etc
-cp -r /vagrant/etc "$tmp"
+cp -r /vm-builder/etc "$tmp"
 chown -R root:root "$tmp"/etc
 
-# Fix permissions and add containers to /etc/container-data, temporarily
+# Copy container image to /etc, temporarily
-for WEIRD_FILE in $(find /home/user/.local/share/containers -perm 000); do
+cp /vm-builder/dangerzone-converter.tar.gz "$tmp"/etc
-	chmod 600 $WEIRD_FILE
-done
-cp -r /home/user/.local/share/containers "$tmp"/etc/container-data
 
 # Start cgroups, required by podman
 rc_add cgroups default

vm-builder/mkimg.dz.sh

@@ -1,8 +1,8 @@
-profile_dangerzone() {
+profile_dz() {
 	profile_virt
-	profile_abbrev="dangerzone"
+	profile_abbrev="dz"
 	title="Dangerzone"
 	desc="Copied from virt but with extra apks and an apkovl"
-	apkovl="genapkovl-dangerzone.sh"
+	apkovl="genapkovl-dz.sh"
 	apks="$apks podman dropbear autossh python3 sudo"
 }