swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: improve qemu config

Browse source
This commit is contained in:
Swarsel 2024-12-10 18:34:03 +01:00
parent ac1d1a24e7
commit ac29f57ce0
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
3 changed files with 34 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

19
SwarselSystems.org
View file

@ -3068,7 +3068,7 @@ This ensures that all user-configuration happens here in the config file.
isNormalUser = true;
description = "Leon S";
hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path;
extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ];
extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ];
packages = with pkgs; [ ];
};
};
@ -6063,17 +6063,21 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
};
};
networking.firewall.trustedInterfaces = [ "virbr0" ];
virtualisation = {
docker.enable = true;
spiceUSBRedirection.enable = true;
libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
runAsRoot = true;
swtpm.enable = true;
vhostUserPackages = with pkgs; [ virtiofsd ];
ovmf = {
enable = true;
packages = [(pkgs.OVMF.override {
packages = [(pkgs.OVMFFull.override {
secureBoot = true;
tpmSupport = true;
}).fd];
@ -6094,10 +6098,21 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
libisoburn
govc
terraform
# vm
virt-manager
virt-viewer
virtiofsd
spice
spice-gtk
spice-protocol
win-virtio
win-spice
];
services = {
spice-vdagentd.enable = true;
openssh = {
enable = true;
extraConfig = ''

2
profiles/common/nixos/users.nix
View file

@ -8,7 +8,7 @@
isNormalUser = true;
description = "Leon S";
hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path;
extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ];
extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ];
packages = with pkgs; [ ];
};
};

17
profiles/optional/nixos/work.nix
View file

@ -42,18 +42,22 @@ in
};
};
networking.firewall.trustedInterfaces = [ "virbr0" ];
virtualisation = {
docker.enable = true;
spiceUSBRedirection.enable = true;
libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
runAsRoot = true;
swtpm.enable = true;
vhostUserPackages = with pkgs; [ virtiofsd ];
ovmf = {
enable = true;
packages = [
(pkgs.OVMF.override {
(pkgs.OVMFFull.override {
secureBoot = true;
tpmSupport = true;
}).fd
@ -75,10 +79,21 @@ in
libisoburn
govc
terraform
# vm
virt-manager
virt-viewer
virtiofsd
spice
spice-gtk
spice-protocol
win-virtio
win-spice
];
services = {
spice-vdagentd.enable = true;
openssh = {
enable = true;
extraConfig = ''