Commit 1c7471c8787b
Changed files (5)
systems
systems/aomi/extra.nix
@@ -15,6 +15,7 @@
../common/services/containers.nix
../common/services/docker.nix
../common/services/lxd.nix
+ ../common/services/libvirt.nix
../common/desktop/binfmt.nix # TODO: move to something else than desktop
# ../common/services/buildkit.nix # maybe ?
# ../common/services/oci-image-mirroring.nixi
systems/common/services/libvirt.nix
@@ -0,0 +1,29 @@
+{ lib, pkgs, ... }:
+{
+ boot.kernelParams = [ "kvm_intel.nested=1" ];
+ environment.etc."modprobe.d/kvm.conf".text = ''
+ options kvm_intel nested=1
+ '';
+ virtualisation.libvirtd = {
+ enable = true;
+ qemu.ovmf.enable = true;
+ allowedBridges = [ "br1" ]; # Could be different dependinng on the host ?
+ extraConfig = ''
+ listen_tls = 0
+ listen_tcp = 1
+ auth_tcp="none"
+ tcp_port = "16509"
+ '';
+ # extraOptions = [ "--listen" ];
+ };
+ networking.firewall.allowedTCPPorts = [ 16509 ];
+ security.polkit.enable = true; # 22.11: libvirtd requires poltkit to be enabled
+ environment.systemPackages = with pkgs; [
+ qemu
+ vde2
+ libosinfo
+ ];
+ boot.kernel.sysctl = {
+ "net.ipv4.ip_forward" = lib.mkDefault 1;
+ };
+}
systems/kobe/extra.nix
@@ -10,6 +10,7 @@
../common/services/containers.nix
../common/services/docker.nix
../common/services/lxd.nix
+ ../common/services/libvirt.nix
];
# networking.firewall.enable = false;
systems/kyushu/extra.nix
@@ -69,6 +69,7 @@
# backup
restic # TODO: will probably move this to it's own configuration some day
monolith # TODO: move into =desktop= ?
+ virt-manager
];
# Make sure we don't start docker until required
systems/shikoku/extra.nix
@@ -9,7 +9,7 @@
../common/services/containers.nix
../common/services/docker.nix
../common/services/lxd.nix
- # ../common/services/libvirt.nix
+ ../common/services/libvirt.nix
];
age.secrets."aria2RPCSecret" = {