Tinfoil Confidential VM

Tinfoil CVM is an AMD SEV-SNP confidential virtual machine for secure inference and custom compute workloads.

Configuration

The CVM image expects a YAML config file mounted as the second disk (/dev/sdb in the guest). The SHA256 hash of the config file must be provided as the tinfoil-config-hash=HASH kernel cmdline parameter to the VM for boot-time verification. The VM will fail startup if the hash does not match the config file.

models:
  - [model_name]:[version]  # OLLAMA model identifier and tag

shim:
  upstream-port: 8080       # Shim upstream proxy port
  paths:                    # API paths to handle (optional)
    - /api/chat
    - /v1/chat/completions
    - /api/generate

containers:
  - name: container_name
    image: [container_image]  # Docker image

Name		Name	Last commit message	Last commit date
Latest commit History 61 Commits
.github/workflows		.github/workflows
mkosi.extra		mkosi.extra
mkosi.repart		mkosi.repart
mkosi.sandbox		mkosi.sandbox
.gitignore		.gitignore
Makefile		Makefile
README.md		README.md
mkosi.conf		mkosi.conf
mkosi.postinst.chroot		mkosi.postinst.chroot

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Tinfoil Confidential VM

Configuration

About

Releases 7

Packages

Contributors 2

Languages

tinfoilsh/cvmimage

Folders and files

Latest commit

History

Repository files navigation

Tinfoil Confidential VM

Configuration

About

Resources

Stars

Watchers

Forks

Releases 7

Packages 0

Contributors 2

Languages

Packages