clan-munix/munix

#!/usr/bin/env bash
: "${MICROVM_SHELL:=bash}"
SCRIPT_PATH=$(dirname $(realpath -s $0))
MUVM_PATH=$(dirname $(which muvm))
PASST_PATH=$(dirname $(which passt))
export TMP=/tmp TMPDIR=/tmp TEMP=/tmp TEMPDIR=/tmp LC_ALL=C
unset DISPLAY XAUTHORITY # or: --bind /tmp/.X11-unix /tmp/.X11-unix --bind $XAUTHORITY $XAUTHORITY
exec bwrap --unshare-all --share-net \
  --uid 1001 --gid 1001 \
  --tmpfs / \
  --dir /run --dir /var --symlink /run /var/run --dir /tmp \
  --proc /proc --ro-bind /sys /sys \
  --dev /dev --dir /dev/input --dev-bind /dev/kvm /dev/kvm --dev-bind /dev/dri /dev/dri \
  --ro-bind "$MUVM_PATH" /run/munix/muvm \
  --ro-bind "$PASST_PATH" /run/munix/passt \
  --ro-bind "$1/sw/bin/env" /usr/bin/env \
  --ro-bind "$SCRIPT_PATH/munix-init-root" /usr/bin/munix-init-root \
  --ro-bind "$SCRIPT_PATH/munix-init-user" /usr/bin/munix-init-user \
  --ro-bind /nix/store /nix/store \
  --ro-bind /run/opengl-driver /run/opengl-driver \
  --ro-bind /run/systemd/resolve /run/systemd/resolve \
  --ro-bind /etc/resolv.conf /etc/resolv.conf \
  --ro-bind /etc/group /etc/group \
  --ro-bind /etc/passwd /etc/passwd \
  --dir "$XDG_RUNTIME_DIR" \
  --bind "$XDG_RUNTIME_DIR/$WAYLAND_DISPLAY" "$XDG_RUNTIME_DIR/$WAYLAND_DISPLAY" \
  --bind "$XDG_RUNTIME_DIR/pipewire-0" "$XDG_RUNTIME_DIR/pipewire-0" \
  --bind $HOME/Downloads/baseq1 $HOME/Downloads/baseq1 \
  --setenv WAYLAND_DISPLAY "$WAYLAND_DISPLAY" \
  --setenv PATH "/run/munix/muvm:/run/munix/passt:$1/sw/bin" \
  muvm \
    -x /usr/bin/munix-init-root -X /usr/bin/munix-init-user --udevd-path="$1/sw/bin/true" \
    -e WAYLAND_DISPLAY=wayland-1 \
    -e MICROVM_CLOSURE="$1" \
    -i -t "$1/sw/bin/$MICROVM_SHELL"