appvm
appvm copied to clipboard
Nix-based app VMs
Currently It works on application level. It's will be much more better if we block all connections on iptables level (e.g. use user id for filtering etc.) inside VM.
Thank you for publishing this really cool project. It seems to be inspired on the AppVMs in Qubes OS. I would like to know what are the differences between this...
Currently appvm uses X11/Xorg. This issue is for experimentation with Wayland, with eventual goal being to have optional Wayland support without Xorg on the guest, and maybe to pass windows...
There are some command line (e.g. `--min-memory` and `--adj-memory` for autoballooning, also `--networking-model` in #20) switches that are better to have **also** in the configuration file that not introduced yet....
appvm start chromium /nix/store/gr8x944bv3cwhk4i5751yhbqix1b16lh-nixos-vm 2020/07/14 22:20:52 internal error: process exited while connecting to monitor: 2020-07-14T21:20:52.185266Z qemu-system-x86_64: -blockdev {"node-name":"libvirt-1-format","read-only":false,"cache":{"direct":false,"no-flush":false},"driver":"qcow2","file":"libvirt-1-storage","backing":null}: Could not reopen file: Permission denied
Libvirt available in home-brew, and qemu on macOS since v2.12 (24 April 2018) supports Hypervisor.framework. Which means it's possible to port appvm to macOS.
- [x] I tested it locally. - [x] I tried to run at least one application VM and it works. resolves #15 BTC{1AYoK2TScSpD5bhf67mv9AxHDJ2RidRvjD} (I promised this guy $10 and didn't...