Skip to content

mkulke/mkosi-playground

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
.github/workflows
.github/workflows
 
 
initrd
initrd
 
 
launch-vm
launch-vm
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
mkosi.conf
mkosi.conf
 
 
uplosi.conf
uplosi.conf
 
 

Repository files navigation

mkosi playground

Building azure images with mkosi

Requirements

nix w/ flakes support (https://nixos.org/nix/)

Build

Enter development environment

nix develop

Create secure boot key

mkosi genkey

Build raw image

mkosi -C ./initrd build
mkosi build

Test in qemu

Use root for KVM acceleration

sudo $(which mkosi) qemu

Publish to Azure

Convert secure boot certificate

openssl x509 -in mkosi.crt -out additionalsignature.der -outform DER
base64 -w0 additionalsignature.der

Edit uplosi.conf

Populate the uplosi.conf values according to the image gallery and image definition. Put the base64 encoded certificate string into the additionalSignatures list.

Note: The image definition has to support trusted launch.

Publish

uplosi upload image.raw

Deploy

cd launch-vm
go mod tidy
go build
./launch-vm -h

About

Building azure images with mkosi

Topics

azure mkosi secureboot confidential-computing

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages