diff options
author | Alex Auvolat <alex@adnab.me> | 2023-11-29 12:57:53 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2023-11-29 12:57:53 +0100 |
commit | 08d10de09d3278165755043b1b5507ce009c6441 (patch) | |
tree | 48d58f2f0d5072bfc7efdc062221b2e30be38b63 /nixos | |
parent | eea128b631c3f97731fc42f608c8856fba854331 (diff) | |
download | user-config-08d10de09d3278165755043b1b5507ce009c6441.tar.gz user-config-08d10de09d3278165755043b1b5507ce009c6441.zip |
lindy: do vfio virtualization once again
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/Makefile | 3 | ||||
-rw-r--r-- | nixos/common.nix | 5 | ||||
-rw-r--r-- | nixos/lindy.nix | 27 |
3 files changed, 31 insertions, 4 deletions
diff --git a/nixos/Makefile b/nixos/Makefile index a0f2628..9de3ebe 100644 --- a/nixos/Makefile +++ b/nixos/Makefile @@ -1,6 +1,9 @@ all: sudo nixos-rebuild switch -I nixos-config=`hostname`.nix +vfio: + sudo nixos-rebuild switch -I nixos-config=`hostname`.nix --specialisation intelVfio + boot: sudo nixos-rebuild boot -I nixos-config=`hostname`.nix diff --git a/nixos/common.nix b/nixos/common.nix index 0a66a5a..4621b38 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -102,6 +102,9 @@ # Enable touchpad support (enabled default in most desktopManager). services.xserver.libinput.enable = true; + # Enable libvirt + virtualisation.libvirtd.enable = true; + # -------------------- users --------------------- # Define a user account. Don't forget to set a password with ‘passwd’. @@ -115,6 +118,7 @@ "plugdev" "dialout" "kvm" + "libvirtd" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJpaBZdYxHqMxhv2RExAOa7nkKhPBOHupMP3mYaZ73w9" @@ -247,6 +251,7 @@ gnupg dig inetutils + pciutils file distrobox killall diff --git a/nixos/lindy.nix b/nixos/lindy.nix index aafb07b..c9331fa 100644 --- a/nixos/lindy.nix +++ b/nixos/lindy.nix @@ -120,10 +120,26 @@ Komaru UUID=caf8496f-006b-4762-bb20-506d4c7bdb51 /nix/persist/root/komaru_key services.cron.enable = true; services.cron.systemCronJobs = [ "0 20 * * * root /media/Zonz/lindy/do-backup.sh" ]; - # Nvidia graphics - boot.kernelParams = [ "i915.modeset=0" ]; - hardware.nvidia.modesetting.enable = true; - services.xserver.videoDrivers = [ "nvidia" ]; + # Graphics + specialisation = { + nvidia.configuration = { + boot.kernelParams = [ "i915.modeset=0" ]; + hardware.nvidia.modesetting.enable = true; + services.xserver.videoDrivers = [ "nvidia" ]; + }; + intelVfio.configuration = { + boot.blacklistedKernelModules = [ "nouveau" "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ]; + boot.kernelParams = [ "intel_iommu=on" "iommu=pt" "vfio-pci.ids=10de:17c2,10de:0fb0,8086:0c01" ]; + boot.initrd.availableKernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" ]; + services.xserver.videoDrivers = [ "modesetting" ]; + systemd.tmpfiles.rules = [ + "f /dev/shm/looking-glass 0660 lx kvm -" + ]; + environment.systemPackages = with pkgs; [ + looking-glass-client + ]; + }; + }; hardware.opengl.enable = true; # Docker, VirtualBox @@ -136,6 +152,9 @@ Komaru UUID=caf8496f-006b-4762-bb20-506d4c7bdb51 /nix/persist/root/komaru_key # 8910 8920 # web dev 4317 4318 # jaeger container ]; + networking.firewall.allowedUDPPorts = [ + 4010 # scream + ]; # GnuPG agent at system level, if at home level conflicts with arch programs.gnupg.agent = { |