{ config
, lib
, pkgs
, ...
}: {
  environment.systemPackages = with pkgs; [
    virtiofsd
    virt-manager
    virt-viewer
    virt-top
    spice-gtk
    gnome.gnome-boxes
  ];

  virtualisation.docker = {
    enable = true;
    package = pkgs.docker;

    storageDriver = lib.mkDefault "overlay2";
    liveRestore = false;
    autoPrune.enable = true;
  };

  virtualisation.libvirtd = {
    enable = true;
    package = pkgs.libvirt;

    onShutdown = "suspend";
    onBoot = "ignore";

    qemu = {
      package = pkgs.qemu_kvm;
      ovmf.enable = true;
      ovmf.packages = [ pkgs.OVMFFull.fd ];
      swtpm.enable = true;
      runAsRoot = false;
    };
  };

  services.udev.extraRules = ''
    SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", MODE="0664", GROUP="wheel"
  '';
}