virgil/vfio

hosts/archangel/hardware-configuration.nix

@@ -1,11 +1,15 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
 {
-  imports =
+  config,
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
   ];
 
   boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod"];
@@ -13,13 +17,13 @@
   boot.kernelModules = ["kvm-amd"];
   boot.extraModulePackages = [];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/48340a1a-5055-4d72-b83b-db57a3a7e230";
+    device = "/dev/disk/by-uuid/48340a1a-5055-4d72-b83b-db57a3a7e230";
     fsType = "ext4";
   };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    { device = "/dev/disk/by-uuid/5292-3A27";
+    device = "/dev/disk/by-uuid/5292-3A27";
     fsType = "vfat";
     options = ["fmask=0022" "dmask=0022"];
   };

hosts/virgil/configuration.nix

@@ -1,18 +1,19 @@
 # Edit this configuration file to define what should be installed on
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, self, ... }:
-
 {
-  imports =
+  config,
-    [ # Include the results of the hardware scan.
+  pkgs,
+  self,
+  ...
+}: {
+  imports = [
+    # Include the results of the hardware scan.
     #      ./disko.nix
     ./hardware-configuration.nix
+    ./vfio.nix
   ];
 
-
-
   # Bootloader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
@@ -28,7 +29,12 @@
       listen_addresses = ["127.0.0.1:53" "[::1]:53"];
     };
   };
-
+  virtualisation = {
+    libvirtd = {
+      enable = true;
+      qemuOvmf = true;
+    };
+  };
   services.zapret = {
     enable = true;
     params = [
@@ -137,5 +143,4 @@
   nix.settings.experimental-features = ["nix-command" "flakes"];
   services.displayManager.ly.enable = true;
   system.stateVersion = "25.05"; # Did you read the comment?
-
 }

hosts/virgil/hardware-configuration.nix

@@ -1,11 +1,15 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
 {
-  imports =
+  config,
-    [ (modulesPath + "/profiles/qemu-guest.nix")
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
   ];
 
   boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"];
@@ -13,13 +17,13 @@
   boot.kernelModules = ["kvm-amd"];
   boot.extraModulePackages = [];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-partlabel/disk-nixos-root";
+    device = "/dev/disk/by-partlabel/disk-nixos-root";
     fsType = "ext4";
   };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    { device = "/dev/disk/by-partlabel/disk-nixos-ESP";
+    device = "/dev/disk/by-partlabel/disk-nixos-ESP";
     fsType = "vfat";
     options = ["fmask=0022" "dmask=0022"];
   };

hosts/virgil/vfio.nix

@@ -0,0 +1,10 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  boot.kernelparams = ["amd_iommu=on"];
+  boot.blacklistedKernelModules = ["nvidia" "nouveau"];
+  boot.kernelModules = ["vfio_virqfd" "vfio_pci" "vfio_iommu_type1" "vfio"];
+  boot.extraModprobeConfig = "options vfio-pci ids=10de:2705,10de:22bb";
+}

modules/home.nix

@@ -1,6 +1,5 @@
 {
   config,
-  lib,
   pkgs,
   inputs,
   ...