2023-10-17 14:12:26 +02:00
|
|
|
{ config
|
|
|
|
|
, lib
|
|
|
|
|
, pkgs
|
|
|
|
|
, ...
|
2023-10-05 17:45:31 +02:00
|
|
|
}: {
|
2024-02-02 16:13:55 +01:00
|
|
|
environment.systemPackages = with pkgs; [
|
2023-10-05 17:45:31 +02:00
|
|
|
virtiofsd
|
|
|
|
|
virt-manager
|
|
|
|
|
virt-viewer
|
|
|
|
|
virt-top
|
2023-10-15 21:50:59 +02:00
|
|
|
spice-gtk
|
2023-10-05 17:45:31 +02:00
|
|
|
];
|
|
|
|
|
|
2024-05-03 17:39:43 +02:00
|
|
|
boot.kernelModules = [ "kvm-amd" ]; # TODO check cpu and enable intel kvm if needed
|
|
|
|
|
|
2023-10-05 17:45:31 +02:00
|
|
|
virtualisation.docker = {
|
|
|
|
|
enable = true;
|
2024-02-02 16:13:55 +01:00
|
|
|
package = pkgs.docker;
|
2023-10-17 13:37:50 +02:00
|
|
|
|
2024-01-11 07:24:44 +01:00
|
|
|
storageDriver = lib.mkDefault "overlay2";
|
2024-01-16 15:21:21 +01:00
|
|
|
liveRestore = false;
|
|
|
|
|
autoPrune.enable = true;
|
2023-10-05 17:45:31 +02:00
|
|
|
};
|
2023-10-17 13:37:50 +02:00
|
|
|
|
2024-08-09 21:50:47 +02:00
|
|
|
security.wrappers.spice-client-glib-usb-acl-helper = {
|
|
|
|
|
owner = "root";
|
|
|
|
|
group = "root";
|
|
|
|
|
# capabilities = "cap_fowner+ep";
|
|
|
|
|
setuid = true;
|
|
|
|
|
source = "${pkgs.spice-gtk}/bin/spice-client-glib-usb-acl-helper";
|
|
|
|
|
};
|
|
|
|
|
|
2023-10-05 17:45:31 +02:00
|
|
|
virtualisation.libvirtd = {
|
|
|
|
|
enable = true;
|
2024-02-02 16:13:55 +01:00
|
|
|
package = pkgs.libvirt;
|
2023-10-05 17:45:31 +02:00
|
|
|
|
|
|
|
|
onShutdown = "suspend";
|
|
|
|
|
onBoot = "ignore";
|
|
|
|
|
|
|
|
|
|
qemu = {
|
|
|
|
|
package = pkgs.qemu_kvm;
|
|
|
|
|
ovmf.enable = true;
|
2023-10-17 14:12:26 +02:00
|
|
|
ovmf.packages = [ pkgs.OVMFFull.fd ];
|
2023-10-05 17:45:31 +02:00
|
|
|
swtpm.enable = true;
|
|
|
|
|
runAsRoot = false;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2023-10-15 21:50:59 +02:00
|
|
|
services.udev.extraRules = ''
|
|
|
|
|
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", MODE="0664", GROUP="wheel"
|
|
|
|
|
'';
|
2023-10-05 17:45:31 +02:00
|
|
|
}
|
