matej.nix

Author	SHA1	Message	Date
Matej Janežič	fbcded1f9d	feat: ephvm-run.sh virtio devices, require kvm explicit virtio-blk-pci (cache=writeback, discard=unmap, detect-zeroes=unmap, aio=threads), virtio-net-pci, virtio-rng-pci for guest entropy. hard-require /dev/kvm and always pass -cpu host; drop the tcg fallback since this host always has kvm.	2026-04-23 21:29:57 +00:00
Matej Janežič	082057226d	feat: ephvm-run.sh resilience poll for real SSH banner instead of TCP accept (qemu's user-mode nic accepts before guest sshd is listening), preserve qemu log on abnormal exit for inspection, use a throwaway ed25519 key since the guest accepts any key.	2026-04-23 21:29:24 +00:00
Matej Janežič	620acf68a6	feat: harden ephvm-run.sh reject running as root, bind ssh hostfwd to 127.0.0.1 only, reject commas in --mount and claude paths (prevents -virtfs csv injection), pre-check --mount path exists, enable qemu seccomp sandbox.	2026-04-23 21:28:51 +00:00
Matej Janežič	f7d86e7718	feat: improve ephvm ux	2026-04-13 11:48:18 +02:00
Matej Janežič	d8ab6207d5	feat: improve scripts setup (lint, format, refactor)	2026-03-21 17:38:19 +01:00
Matej Janežič	1975659715	feat: ephvm improvements	2026-03-16 09:49:55 +01:00
Matej Janežič	c5afcb10f7	feat: add ephvm related scripts	2026-03-07 23:17:45 +01:00
Matej Janežič	8406979975	feat: extract initrd-ssh module from hardware config	2026-02-21 20:45:24 +01:00