nix
/
System
2
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
System/machines/levitation/passthrough.nix

102 lines
2.2 KiB
Nix
Raw Permalink Blame History

{ config, lib, pkgs, ... }:
let
gpuIDs = [
# 2080 super
"10de:1e81" # Graphics
"10de:10f8" # Audio
"10de:1ad8" # Usb ????
"10de:1ad9" # Usb ????
];
in {
##
## Packages
##
environment.systemPackages = with pkgs; [
# Looking glass, avoids the need for another monitor
looking-glass-client
# For samba
cifs-utils
];
##
## Kernel configuration
##
boot = {
kernelParams = [
# enable iommu
"amd_iommu=on"
# Isolate the nvidia gpu
("vfio-pci.ids=" + lib.concatStringsSep "," gpuIDs)
];
# Modules needed
initrd.kernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" ];
};
##
## Virtualization setup
##
virtualisation.spiceUSBRedirection.enable = true;
virtualisation.libvirtd = {
qemu = {
# Enable tpm for windows 11
swtpm.enable = true;
ovmf = {
enable = true;
# Needed for secure boot
packages = [ pkgs.OVMFFull.fd ];
};
};
};
# Looking glass shared memory
systemd.tmpfiles.rules =
[ "f /dev/shm/looking-glass 0660 nathan qemu-libvirtd -" ];
##
## Networking
##
# Setup bridge
networking.bridges = { "qemu-br0" = { interfaces = [ "enp6s0" ]; }; };
networking.interfaces.qemu-br0 = {
ipv4.addresses = [{
address = "10.0.0.247";
prefixLength = 21;
}];
};
networking.defaultGateway = "10.0.4.1";
networking.nameservers = [ "10.0.0.10" ];
##
## Samba share
##
services.samba = {
enable = true;
openFirewall = true;
extraConfig = ''
browseable = yes
smb encrypt = required
'';
shares = {
# You will still need to set up the user accounts to begin with:
# $ sudo smbpasswd -a yourusername
homes = {
browseable = "no";
"read only" = "no";
"guest ok" = "no";
};
Shared = {
path = "/home/nathan/Shared";
browesable = "yes";
"read only" = "no";
"guest ok" = "no";
"writable" = "yes";
};
Mount = {
path = "/run/media/nathan";
browesable = "yes";
"read only" = "no";
"guest ok" = "no";
"writable" = "yes";
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink