swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: improve qemu config

Browse source
This commit is contained in:
Swarsel 2024-12-10 18:34:03 +01:00
parent ac1d1a24e7
commit ac29f57ce0
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
3 changed files with 34 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

19
SwarselSystems.org
View file

@ -3068,7 +3068,7 @@ This ensures that all user-configuration happens here in the config file.
isNormalUser = true; isNormalUser = true;
description = "Leon S"; description = "Leon S";
hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path; hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path;
extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ]; extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ];
packages = with pkgs; [ ]; packages = with pkgs; [ ];
}; };
}; };
@ -6063,17 +6063,21 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
}; };
}; };
networking.firewall.trustedInterfaces = [ "virbr0" ];
virtualisation = { virtualisation = {
docker.enable = true; docker.enable = true;
spiceUSBRedirection.enable = true;
libvirtd = { libvirtd = {
enable = true; enable = true;
qemu = { qemu = {
package = pkgs.qemu_kvm; package = pkgs.qemu_kvm;
runAsRoot = true; runAsRoot = true;
swtpm.enable = true; swtpm.enable = true;
vhostUserPackages = with pkgs; [ virtiofsd ];
ovmf = { ovmf = {
enable = true; enable = true;
packages = [(pkgs.OVMF.override { packages = [(pkgs.OVMFFull.override {
secureBoot = true; secureBoot = true;
tpmSupport = true; tpmSupport = true;
}).fd]; }).fd];
@ -6094,10 +6098,21 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
libisoburn libisoburn
govc govc
terraform terraform
# vm
virt-manager
virt-viewer
virtiofsd
spice
spice-gtk
spice-protocol
win-virtio
win-spice
]; ];
services = { services = {
spice-vdagentd.enable = true;
openssh = { openssh = {
enable = true; enable = true;
extraConfig = '' extraConfig = ''

2
profiles/common/nixos/users.nix
View file

@ -8,7 +8,7 @@
isNormalUser = true; isNormalUser = true;
description = "Leon S"; description = "Leon S";
hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path; hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path;
extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ]; extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ];
packages = with pkgs; [ ]; packages = with pkgs; [ ];
}; };
}; };

17
profiles/optional/nixos/work.nix
View file

@ -42,18 +42,22 @@ in
}; };
}; };
networking.firewall.trustedInterfaces = [ "virbr0" ];
virtualisation = { virtualisation = {
docker.enable = true; docker.enable = true;
spiceUSBRedirection.enable = true;
libvirtd = { libvirtd = {
enable = true; enable = true;
qemu = { qemu = {
package = pkgs.qemu_kvm; package = pkgs.qemu_kvm;
runAsRoot = true; runAsRoot = true;
swtpm.enable = true; swtpm.enable = true;
vhostUserPackages = with pkgs; [ virtiofsd ];
ovmf = { ovmf = {
enable = true; enable = true;
packages = [ packages = [
(pkgs.OVMF.override { (pkgs.OVMFFull.override {
secureBoot = true; secureBoot = true;
tpmSupport = true; tpmSupport = true;
}).fd }).fd
@ -75,10 +79,21 @@ in
libisoburn libisoburn
govc govc
terraform terraform
# vm
virt-manager
virt-viewer
virtiofsd
spice
spice-gtk
spice-protocol
win-virtio
win-spice
]; ];
services = { services = {
spice-vdagentd.enable = true;
openssh = { openssh = {
enable = true; enable = true;
extraConfig = '' extraConfig = ''