From 182f570c0e661b7851555e46162b95309b859f8e Mon Sep 17 00:00:00 2001 From: tulg Date: Sat, 25 Oct 2025 22:00:15 +0300 Subject: [PATCH] vfio --- hosts/virgil/configuration.nix | 3 +- hosts/virgil/disko.nix | 2 +- hosts/virgil/hardware-configuration.nix | 35 ++++++++++++++----- hosts/virgil/hhhardware-configuration.nix | 41 ----------------------- hosts/virgil/vfio.nix | 33 +++++++++++------- 5 files changed, 49 insertions(+), 65 deletions(-) delete mode 100644 hosts/virgil/hhhardware-configuration.nix diff --git a/hosts/virgil/configuration.nix b/hosts/virgil/configuration.nix index 3c0a440..d808a86 100644 --- a/hosts/virgil/configuration.nix +++ b/hosts/virgil/configuration.nix @@ -48,7 +48,7 @@ isNormalUser = true; description = "Tulga"; initialPassword = "fuckyou"; - extraGroups = ["networkmanager" "wheel" "libvirtd"]; + extraGroups = ["networkmanager" "wheel" "libvirtd" "kvm"]; packages = with pkgs; []; }; programs.virt-manager.enable = true; @@ -69,6 +69,7 @@ git rose-pine-gtk-theme virtiofsd + #pkgs.linuxKernel.packages.linux_6_12.kvmfr ]; # Some programs need SUID wrappers, can be configured further or are diff --git a/hosts/virgil/disko.nix b/hosts/virgil/disko.nix index 88fd9a6..8125cd3 100644 --- a/hosts/virgil/disko.nix +++ b/hosts/virgil/disko.nix @@ -3,7 +3,7 @@ disk = { nixos = { type = "disk"; - device = "/dev/sda"; + device = "/dev/vda"; content = { type = "gpt"; partitions = { diff --git a/hosts/virgil/hardware-configuration.nix b/hosts/virgil/hardware-configuration.nix index f9c2647..7613335 100644 --- a/hosts/virgil/hardware-configuration.nix +++ b/hosts/virgil/hardware-configuration.nix @@ -1,17 +1,34 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-partlabel/disk-nixos-root"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-partlabel/disk-nixos-ESP"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + + swapDevices = []; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/virgil/hhhardware-configuration.nix b/hosts/virgil/hhhardware-configuration.nix deleted file mode 100644 index 7613335..0000000 --- a/hosts/virgil/hhhardware-configuration.nix +++ /dev/null @@ -1,41 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-partlabel/disk-nixos-root"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-partlabel/disk-nixos-ESP"; - fsType = "vfat"; - options = ["fmask=0022" "dmask=0022"]; - }; - - swapDevices = []; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/virgil/vfio.nix b/hosts/virgil/vfio.nix index a29f7d5..aa86dfe 100644 --- a/hosts/virgil/vfio.nix +++ b/hosts/virgil/vfio.nix @@ -5,21 +5,13 @@ inputs, ... }: { - - imports = [ - inputs.nixos-vfio.nixosModules.vfio + inputs.nixos-vfio.nixosModules.vfio + ]; - - - - ]; - - - boot.kernelParams = ["amd_iommu=on"]; boot.blacklistedKernelModules = ["nvidia" "nouveau"]; - boot.extraModulePackages = [ config.boot.kernelPackages.kvmfr ]; + boot.extraModulePackages = [config.boot.kernelPackages.kvmfr]; boot.kernelModules = ["vfio_virqfd" "vfio_pci" "vfio_iommu_type1" "vfio"]; boot.extraModprobeConfig = "options vfio-pci ids=10de:2705,10de:22bb"; @@ -54,14 +46,29 @@ "10de:22bb" ]; }; + systemd.tmpfiles.rules = [ + "c /dev/kvmfr0 0660 tulg kvm -" + ]; virtualisation.kvmfr = { enable = true; devices = lib.singleton { - size = 128; + size = 64; permissions = { user = "tulg"; - mode = "0777"; + mode = "0660"; }; }; }; + users.users.tulg.extraGroups = ["kvm"]; + boot.initrd.services.udev.rules = '' + SUBSYSTEM=="kvmfr", OWNER="tulg", GROUP="kvm", MODE="0660" + ''; + systemd.services.fix-kvmfr0 = { + description = "Fix permissions for /dev/kvmfr0"; + wantedBy = ["multi-user.target"]; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.bash}/bin/bash -c 'for i in {1..10}; do if [ -e /dev/kvmfr0 ]; then chown root:kvm /dev/kvmfr0 && chmod 0660 /dev/kvmfr0 && exit 0; fi; sleep 1; done; exit 1'"; + }; + }; }