starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-03-26 03:11:32 +01:00
Code Issues Packages Projects Releases 10 Wiki Activity

feat: enable libvirt(qemu/kvm) for ai

Browse Source
This commit is contained in:
Ryan Yin
2023-07-01 22:28:31 +08:00
parent 9bd5cac675
commit 4c53b59e89
3 changed files with 49 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/idols/ai/default.nix
View File

@@ -15,6 +15,7 @@
../../../modules/nixos/fhs-fonts.nix
# ../../../modules/nixos/hyprland.nix
../../../modules/nixos/i3.nix
../../../modules/nixos/libvirt.nix
../../../modules/nixos/core-desktop.nix
../../../modules/nixos/remote-building.nix
../../../modules/nixos/user-group.nix

38
modules/nixos/libvirt.nix Normal file
View File

@@ -0,0 +1,38 @@
{ lib, pkgs, ... }:
{
###################################################################################
#
# Enable Libvirt(QEMU/KVM)
#
###################################################################################
virtualisation = {
libvirtd = {
enable = true;
# hanging this option to false may cause file permission issues for existing guests.
# To fix these, manually change ownership of affected files in /var/lib/libvirt/qemu to qemu-libvirtd.
qemu.runAsRoot = true;
};
qemu = {
# default to QEMU/KVM
package = pkgs.qemu_kvm;
};
};
programs.dconf.enable = true;
environment.systemPackages = with pkgs; [ virt-manager ];
boot.kernelModules = [ "kvm-amd" "kvm-intel" ];
# Enable nested virsualization, required by security containers and nested vm.
boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu
# boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu
# NixOS VM should enable this:
# services.qemuGuest = {
# enable = true;
# package = pkgs.qemu_kvm.ga;
# };
}

11
modules/nixos/user-group.nix
View File

@@ -13,7 +13,16 @@
home = "/home/ryan";
isNormalUser = true;
description = "ryan";
extraGroups = [ "ryan" "users" "networkmanager" "wheel" "docker" "wireshark" "adbusers" ];
extraGroups = [
"ryan"
"users"
"networkmanager"
"wheel"
"docker"
"wireshark"
"adbusers"
"libvirtd"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDiipi59EnVbi6bK1bGrcbfEM263wgdNfbrt6VBC1rHx ryan@ai-idols"
];