Skip to content

nspin/whonix-now

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Whonix on KVM in Linux containers

This repository contains a collection of Nix expressions and shell scripts for running Whonix virtual machines on KVM via libvirt inside of Docker containers. Docker serves to simplify the configuration and management of the network and filesystem resources associated with Whonix virtual machines.

!!! WARNING !!!

This repository includes a patch [1] to the Whonix-Gateway firewall to work
around an unresolved libvirt-related networking issue.

Do not use this repository for anonymization unless you understand the
consequences of both this patch and the mere fact of its presence.

[1] ./nix/whonix.nix#80

Quickstart

No need to clone this repository.

First, install Nix.

Then, run:

echo "FROM scratch" | docker build --label whonix-now-demo -t whonix-now-demo -f - /var/empty

docker run --rm -it --name whonix-now-demo --label whonix-now-demo \
    --cap-add=NET_ADMIN \
    --device /dev/kvm \
    --device /dev/net/tun \
    --mount type=bind,src=/nix/store,dst=/nix/store,ro \
    --mount type=bind,src=/tmp/.X11-unix,dst=/tmp/.X11-unix,ro \
    --mount type=bind,src=$XAUTHORITY,dst=/host.Xauthority,ro \
    --env KVM_GID=$(stat -c '%g' /dev/kvm) \
    --env DISPLAY \
    whonix-now-demo \
    $(nix build 'github:nspin/whonix-now?dir=nix#entryScript' --print-out-paths \
        --extra-experimental-features nix-command --extra-experimental-features flakes)

See ./Makefile and ./nix/whonix.nix for more features such as shared directories, audio support, and support for Kali Linux as an alternative to the Whonix Workstation.

About

Whonix on KVM in Linux containers

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published