#!$(PAL)

loader.preload = file:$(SHIMPATH)
loader.exec = file:build/sbin/nginx
loader.execname = nginx
loader.env.LD_LIBRARY_PATH = /lib:/lib/x86_64-linux-gnu:/usr/lib:/usr/lib/x86_64-linux-gnu
loader.debug_type = none

fs.mount.lib1.type = chroot
fs.mount.lib1.path = /lib
fs.mount.lib1.uri = file:$(LIBCDIR)

fs.mount.lib2.type = chroot
fs.mount.lib2.path = /lib/x86_64-linux-gnu
fs.mount.lib2.uri = file:/lib/x86_64-linux-gnu

fs.mount.usr.type = chroot
fs.mount.usr.path = /usr
fs.mount.usr.uri = file:/usr

fs.mount.cwd.type = chroot
fs.mount.cwd.path = $(PWD)
fs.mount.cwd.uri = file:

fs.mount.etc.type = chroot
fs.mount.etc.path = /etc
fs.mount.etc.uri = file:etc

# allow to bind on port for listening
net.allow_bind.1 = $(HOST):$(PORT)

sgx.enclave_size = 512M

sgx.trusted_files.ld = file:$(LIBCDIR)/ld-linux-x86-64.so.2
sgx.trusted_files.libc = file:$(LIBCDIR)/libc.so.6
sgx.trusted_files.libdl = file:$(LIBCDIR)/libdl.so.2
sgx.trusted_files.libm = file:$(LIBCDIR)/libm.so.6
sgx.trusted_files.libpthread = file:$(LIBCDIR)/libpthread.so.0
sgx.trusted_files.libcrypt = file:/lib/x86_64-linux-gnu/libcrypt.so.1
sgx.trusted_files.libpcre = file:/lib/x86_64-linux-gnu/libpcre.so.3
sgx.trusted_files.libcrypto = file:/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
sgx.trusted_files.libz = file:/lib/x86_64-linux-gnu/libz.so.1
sgx.trusted_files.libnssdns = file:/lib/x86_64-linux-gnu/libnss_dns.so.2
sgx.trusted_files.libnssfiles = file:/lib/x86_64-linux-gnu/libnss_files.so.2
sgx.trusted_files.libnsscompact = file:/lib/x86_64-linux-gnu/libnss_compat.so.2
sgx.trusted_files.libnssnis = file:/lib/x86_64-linux-gnu/libnss_nis.so.2
sgx.trusted_files.libgnutls = file:/usr/lib/x86_64-linux-gnu/libgnutls.so.26
sgx.trusted_files.libgcrypt = file:/lib/x86_64-linux-gnu/libgcrypt.so.11
sgx.trusted_files.libnsl = file:/lib/x86_64-linux-gnu/libnsl.so.1

sgx.trusted_files.conf = file:http.t

sgx.allowed_files.root = file:build
sgx.allowed_files.etc = file:etc