95 lines
2.0 KiB
Nix
95 lines
2.0 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
gpuIDs = [
|
|
# 2080 super
|
|
"10de:1e81" # Graphics
|
|
"10de:10f8" # Audio
|
|
"10de:1ad8" # Usb ????
|
|
"10de:1ad9" # Usb ????
|
|
];
|
|
in {
|
|
##
|
|
## Packages
|
|
##
|
|
environment.systemPackages = with pkgs; [
|
|
# Looking glass, avoids the need for another monitor
|
|
looking-glass-client
|
|
# For samba
|
|
cifs-utils
|
|
];
|
|
##
|
|
## Kernel configuration
|
|
##
|
|
boot = {
|
|
kernelParams = [
|
|
# enable iommu
|
|
"amd_iommu=on"
|
|
# Isolate the nvidia gpu
|
|
("vfio-pci.ids=" + lib.concatStringsSep "," gpuIDs)
|
|
];
|
|
# Modules needed
|
|
initrd.kernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" ];
|
|
};
|
|
|
|
##
|
|
## Virtualization setup
|
|
##
|
|
virtualisation.spiceUSBRedirection.enable = true;
|
|
virtualisation.libvirtd = {
|
|
qemu = {
|
|
# Enable tpm for windows 11
|
|
swtpm.enable = true;
|
|
ovmf = {
|
|
enable = true;
|
|
# Needed for secure boot
|
|
packages = [ pkgs.OVMFFull.fd ];
|
|
};
|
|
};
|
|
};
|
|
# Looking glass shared memory
|
|
systemd.tmpfiles.rules =
|
|
[ "f /dev/shm/looking-glass 0660 nathan qemu-libvirtd -" ];
|
|
|
|
##
|
|
## Networking
|
|
##
|
|
# Setup bridge
|
|
networking.bridges = { "qemu-br0" = { interfaces = [ "enp6s0" ]; }; };
|
|
networking.interfaces.qemu-br0 = {
|
|
ipv4.addresses = [{
|
|
address = "10.0.0.247";
|
|
prefixLength = 21;
|
|
}];
|
|
};
|
|
networking.defaultGateway = "10.0.4.1";
|
|
networking.nameservers = [ "10.0.0.10" ];
|
|
|
|
##
|
|
## Samba share
|
|
##
|
|
services.samba = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
extraConfig = ''
|
|
browseable = yes
|
|
smb encrypt = required
|
|
'';
|
|
shares = {
|
|
# You will still need to set up the user accounts to begin with:
|
|
# $ sudo smbpasswd -a yourusername
|
|
homes = {
|
|
browseable = "no";
|
|
"read only" = "no";
|
|
"guest ok" = "no";
|
|
};
|
|
Shared = {
|
|
path = "/home/nathan/Shared";
|
|
browesable = "yes";
|
|
"read only" = "no";
|
|
"guest ok" = "no";
|
|
"writable" = "yes";
|
|
};
|
|
};
|
|
};
|
|
}
|