lindy: do vfio virtualization once again

1 files changed, 23 insertions, 4 deletions

diff --git a/nixos/lindy.nix b/nixos/lindy.nix
index aafb07b..c9331fa 100644
--- a/nixos/lindy.nix
+++ b/nixos/lindy.nix
@@ -120,10 +120,26 @@ Komaru UUID=caf8496f-006b-4762-bb20-506d4c7bdb51 /nix/persist/root/komaru_key
   services.cron.enable = true;
   services.cron.systemCronJobs = [ "0 20 * * * root /media/Zonz/lindy/do-backup.sh" ];
 
-  # Nvidia graphics
-  boot.kernelParams = [ "i915.modeset=0" ];
-  hardware.nvidia.modesetting.enable = true;
-  services.xserver.videoDrivers = [ "nvidia" ];
+  # Graphics
+  specialisation = {
+    nvidia.configuration = {
+      boot.kernelParams = [ "i915.modeset=0" ];
+      hardware.nvidia.modesetting.enable = true;
+      services.xserver.videoDrivers = [ "nvidia" ];
+    };
+    intelVfio.configuration = {
+      boot.blacklistedKernelModules = [ "nouveau" "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ];
+      boot.kernelParams = [ "intel_iommu=on" "iommu=pt" "vfio-pci.ids=10de:17c2,10de:0fb0,8086:0c01" ];
+      boot.initrd.availableKernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" ];
+      services.xserver.videoDrivers = [ "modesetting" ];
+      systemd.tmpfiles.rules = [
+        "f	/dev/shm/looking-glass	0660	lx	kvm	-"
+      ];
+      environment.systemPackages = with pkgs; [
+        looking-glass-client
+      ];
+    };
+  };
   hardware.opengl.enable = true;
 
   # Docker, VirtualBox
@@ -136,6 +152,9 @@ Komaru UUID=caf8496f-006b-4762-bb20-506d4c7bdb51 /nix/persist/root/komaru_key
     # 8910 8920 # web dev
     4317 4318 # jaeger container
   ];
+  networking.firewall.allowedUDPPorts = [
+    4010 # scream
+  ];
 
   # GnuPG agent at system level, if at home level conflicts with arch
   programs.gnupg.agent = {