vfio

2025-10-25 22:00:15 +03:00 · 2025-10-25 22:00:15 +03:00 · 182f570c0e
commit 182f570c0e
parent 37b4183573
5 changed files with 49 additions and 65 deletions
--- a/hosts/virgil/configuration.nix
+++ b/hosts/virgil/configuration.nix
@ -48,7 +48,7 @@
    isNormalUser = true;
    description = "Tulga";
    initialPassword = "fuckyou";
-    extraGroups = ["networkmanager" "wheel" "libvirtd"];
+    extraGroups = ["networkmanager" "wheel" "libvirtd" "kvm"];
    packages = with pkgs; [];
  };
  programs.virt-manager.enable = true;
@ -69,6 +69,7 @@
    git
    rose-pine-gtk-theme
    virtiofsd
+    #pkgs.linuxKernel.packages.linux_6_12.kvmfr
  ];

  # Some programs need SUID wrappers, can be configured further or are
--- a/hosts/virgil/disko.nix
+++ b/hosts/virgil/disko.nix
@ -3,7 +3,7 @@
    disk = {
      nixos = {
        type = "disk";
-        device = "/dev/sda";
+        device = "/dev/vda";
        content = {
          type = "gpt";
          partitions = {
--- a/hosts/virgil/hardware-configuration.nix
+++ b/hosts/virgil/hardware-configuration.nix
@ -1,17 +1,34 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
 {
-  imports =
-    [ (modulesPath + "/profiles/qemu-guest.nix")
-    ];
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];

-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
+  boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = ["kvm-amd"];
+  boot.extraModulePackages = [];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-partlabel/disk-nixos-root";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-partlabel/disk-nixos-ESP";
+    fsType = "vfat";
+    options = ["fmask=0022" "dmask=0022"];
+  };
+
+  swapDevices = [];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
--- a/hosts/virgil/hhhardware-configuration.nix
+++ b/hosts/virgil/hhhardware-configuration.nix
@ -1,41 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}: {
-  imports = [
-    (modulesPath + "/profiles/qemu-guest.nix")
-  ];
-
-  boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"];
-  boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-amd"];
-  boot.extraModulePackages = [];
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-partlabel/disk-nixos-root";
-    fsType = "ext4";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-partlabel/disk-nixos-ESP";
-    fsType = "vfat";
-    options = ["fmask=0022" "dmask=0022"];
-  };
-
-  swapDevices = [];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-}
--- a/hosts/virgil/vfio.nix
+++ b/hosts/virgil/vfio.nix
@ -5,21 +5,13 @@
  inputs,
  ...
 }: {
-
-
  imports = [
-   inputs.nixos-vfio.nixosModules.vfio
+    inputs.nixos-vfio.nixosModules.vfio
+  ];

-
-
-   
-   ];
-
-
- 
  boot.kernelParams = ["amd_iommu=on"];
  boot.blacklistedKernelModules = ["nvidia" "nouveau"];
-  boot.extraModulePackages = [ config.boot.kernelPackages.kvmfr ];
+  boot.extraModulePackages = [config.boot.kernelPackages.kvmfr];
  boot.kernelModules = ["vfio_virqfd" "vfio_pci" "vfio_iommu_type1" "vfio"];
  boot.extraModprobeConfig = "options vfio-pci ids=10de:2705,10de:22bb";

@ -54,14 +46,29 @@
      "10de:22bb"
    ];
  };
+  systemd.tmpfiles.rules = [
+    "c /dev/kvmfr0 0660 tulg kvm -"
+  ];
  virtualisation.kvmfr = {
    enable = true;
    devices = lib.singleton {
-      size = 128;
+      size = 64;
      permissions = {
        user = "tulg";
-        mode = "0777";
+        mode = "0660";
      };
    };
  };
+  users.users.tulg.extraGroups = ["kvm"];
+  boot.initrd.services.udev.rules = ''
+    SUBSYSTEM=="kvmfr", OWNER="tulg", GROUP="kvm", MODE="0660"
+  '';
+  systemd.services.fix-kvmfr0 = {
+    description = "Fix permissions for /dev/kvmfr0";
+    wantedBy = ["multi-user.target"];
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${pkgs.bash}/bin/bash -c 'for i in {1..10}; do if [ -e /dev/kvmfr0 ]; then chown root:kvm /dev/kvmfr0 && chmod 0660 /dev/kvmfr0 && exit 0; fi; sleep 1; done; exit 1'";
+    };
+  };
 }