tulg/nixdots
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

vfio

Browse source
This commit is contained in:
tulg 2025-10-25 22:00:15 +03:00
parent 37b4183573
commit 182f570c0e
5 changed files with 49 additions and 65 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/virgil/configuration.nix
View file

@ -48,7 +48,7 @@
isNormalUser = true; isNormalUser = true;
description = "Tulga"; description = "Tulga";
initialPassword = "fuckyou"; initialPassword = "fuckyou";
extraGroups = ["networkmanager" "wheel" "libvirtd"]; extraGroups = ["networkmanager" "wheel" "libvirtd" "kvm"];
packages = with pkgs; []; packages = with pkgs; [];
}; };
programs.virt-manager.enable = true; programs.virt-manager.enable = true;
@ -69,6 +69,7 @@
git git
rose-pine-gtk-theme rose-pine-gtk-theme
virtiofsd virtiofsd
#pkgs.linuxKernel.packages.linux_6_12.kvmfr
]; ];
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are

2
hosts/virgil/disko.nix
View file

@ -3,7 +3,7 @@
disk = { disk = {
nixos = { nixos = {
type = "disk"; type = "disk";
device = "/dev/sda"; device = "/dev/vda";
content = { content = {
type = "gpt"; type = "gpt";
partitions = { partitions = {

35
hosts/virgil/hardware-configuration.nix
View file

@ -1,17 +1,34 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/profiles/qemu-guest.nix") lib,
]; pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-partlabel/disk-nixos-root";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-partlabel/disk-nixos-ESP";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

41
hosts/virgil/hhhardware-configuration.nix
View file

@ -1,41 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-partlabel/disk-nixos-root";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-partlabel/disk-nixos-ESP";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

33
hosts/virgil/vfio.nix
View file

@ -5,21 +5,13 @@
inputs, inputs,
... ...
}: { }: {
imports = [ imports = [
inputs.nixos-vfio.nixosModules.vfio inputs.nixos-vfio.nixosModules.vfio
];
];
boot.kernelParams = ["amd_iommu=on"]; boot.kernelParams = ["amd_iommu=on"];
boot.blacklistedKernelModules = ["nvidia" "nouveau"]; boot.blacklistedKernelModules = ["nvidia" "nouveau"];
boot.extraModulePackages = [ config.boot.kernelPackages.kvmfr ]; boot.extraModulePackages = [config.boot.kernelPackages.kvmfr];
boot.kernelModules = ["vfio_virqfd" "vfio_pci" "vfio_iommu_type1" "vfio"]; boot.kernelModules = ["vfio_virqfd" "vfio_pci" "vfio_iommu_type1" "vfio"];
boot.extraModprobeConfig = "options vfio-pci ids=10de:2705,10de:22bb"; boot.extraModprobeConfig = "options vfio-pci ids=10de:2705,10de:22bb";
@ -54,14 +46,29 @@
"10de:22bb" "10de:22bb"
]; ];
}; };
systemd.tmpfiles.rules = [
"c /dev/kvmfr0 0660 tulg kvm -"
];
virtualisation.kvmfr = { virtualisation.kvmfr = {
enable = true; enable = true;
devices = lib.singleton { devices = lib.singleton {
size = 128; size = 64;
permissions = { permissions = {
user = "tulg"; user = "tulg";
mode = "0777"; mode = "0660";
}; };
}; };
}; };
users.users.tulg.extraGroups = ["kvm"];
boot.initrd.services.udev.rules = ''
SUBSYSTEM=="kvmfr", OWNER="tulg", GROUP="kvm", MODE="0660"
'';
systemd.services.fix-kvmfr0 = {
description = "Fix permissions for /dev/kvmfr0";
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.bash}/bin/bash -c 'for i in {1..10}; do if [ -e /dev/kvmfr0 ]; then chown root:kvm /dev/kvmfr0 && chmod 0660 /dev/kvmfr0 && exit 0; fi; sleep 1; done; exit 1'";
};
};
} }