{ config, pkgs, ... }:{ # Boot configuration boot.kernelParams = [ "inte

1. { config, pkgs, ... }:
2. {
3. # Boot configuration
4. boot.kernelParams = [ "intel_iommu=on" "iommu=pt" ];
5. boot.kernelModules = [ "kvm-intel" "vfio-pci" ];
6.  
7. # User accounts
8. users.users.owner = {
9. extraGroups = [ "libvirtd" ];
10. };
11.  
12. # Enable libvirtd
13. virtualisation.libvirtd = {
14. enable = true;
15. onBoot = "ignore";
16. onShutdown = "shutdown";
17. qemuOvmf = true;
18. qemuRunAsRoot = true;
19. };
20.  
21. # Add binaries to path so that hooks can use it
22. systemd.services.libvirtd = {
23. path = let
24. env = pkgs.buildEnv {
25. name = "qemu-hook-env";
26. paths = with pkgs; [
27. bash
28. libvirt
29. kmod
30. systemd
31. ripgrep
32. sd
33. ];
34. };
35. in
36. [ env ];
37. };
38.  
39. # Link hooks to the correct directory
40. system.activationScripts.libvirt-hooks.text =
41. ''
42. ln -Tfs /etc/libvirt/hooks /var/lib/libvirt/hooks
43. '';
44.  
45. # Enable xrdp
46. services.xrdp.enable = true; # use remote_logout and remote_unlock
47. services.xrdp.defaultWindowManager = "i3";
48. systemd.services.pcscd.enable = false;
49. systemd.sockets.pcscd.enable = false;
50.  
51. # VFIO Packages installed
52. environment.systemPackages = with pkgs; [
53. virt-manager
54. gnome3.dconf # needed for saving settings in virt-manager
55. libguestfs # needed to virt-sparsify qcow2 files
56. ];
57.  
58. environment.etc = {
59. "libvirt/hooks/qemu" = {
60. text =
61. ''
62. #!/run/current-system/sw/bin/bash
63. #
64. # Author: Sebastiaan Meijer ([email protected])
65. #
66. # Copy this file to /etc/libvirt/hooks, make sure it's called "qemu".
67. # After this file is installed, restart libvirt.
68. # From now on, you can easily add per-guest qemu hooks.
69. # Add your hooks in /etc/libvirt/hooks/qemu.d/vm_name/hook_name/state_name.
70. # For a list of available hooks, please refer to https://www.libvirt.org/hooks.html
71. #
72.  
73. GUEST_NAME="$1"
74. HOOK_NAME="$2"
75. STATE_NAME="$3"
76. MISC="''${@:4}"
77.  
78. BASEDIR="$(dirname $0)"
79.  
80. HOOKPATH="$BASEDIR/qemu.d/$GUEST_NAME/$HOOK_NAME/$STATE_NAME"
81.  
82. set -e # If a script exits with an error, we should as well.
83.  
84. # check if it's a non-empty executable file
85. if [ -f "$HOOKPATH" ] && [ -s "$HOOKPATH"] && [ -x "$HOOKPATH" ]; then
86. eval \"$HOOKPATH\" "$@"
87. elif [ -d "$HOOKPATH" ]; then
88. while read file; do
89. # check for null string
90. if [ ! -z "$file" ]; then
91. eval \"$file\" "$@"
92. fi
93. done <<< "$(find -L "$HOOKPATH" -maxdepth 1 -type f -executable -print;)"
94. fi
95. '';
96. mode = "0755";
97. };
98.  
99. "libvirt/hooks/kvm.conf" = {
100. text =
101. ''
102. VIRSH_GPU_VIDEO=pci_0000_01_00_0
103. VIRSH_GPU_AUDIO=pci_0000_01_00_1
104. '';
105. mode = "0755";
106. };
107.  
108. "libvirt/hooks/qemu.d/win10/prepare/begin/start.sh" = {
109. text =
110. ''
111. #!/run/current-system/sw/bin/bash
112.  
113. # Debugging
114. # exec 19>/home/owner/Desktop/startlogfile
115. # BASH_XTRACEFD=19
116. # set -x
117.  
118. # Load variables we defined
119. source "/etc/libvirt/hooks/kvm.conf"
120.  
121. # Change to performance governor
122. echo performance | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
123.  
124. # Isolate host to core 0
125. systemctl set-property --runtime -- user.slice AllowedCPUs=0
126. systemctl set-property --runtime -- system.slice AllowedCPUs=0
127. systemctl set-property --runtime -- init.scope AllowedCPUs=0
128.  
129. # Logout
130. source "/home/owner/Desktop/Sync/Files/Tools/logout.sh"
131.  
132. # Stop display manager
133. systemctl stop display-manager.service
134.  
135. # Unbind VTconsoles
136. echo 0 > /sys/class/vtconsole/vtcon0/bind
137. echo 0 > /sys/class/vtconsole/vtcon1/bind
138.  
139. # Unbind EFI Framebuffer
140. echo efi-framebuffer.0 > /sys/bus/platform/drivers/efi-framebuffer/unbind
141.  
142. # Avoid race condition
143. # sleep 5
144.  
145. # Unload NVIDIA kernel modules
146. modprobe -r nvidia_drm nvidia_modeset nvidia_uvm nvidia
147.  
148. # Detach GPU devices from host
149. virsh nodedev-detach $VIRSH_GPU_VIDEO
150. virsh nodedev-detach $VIRSH_GPU_AUDIO
151.  
152. # Load vfio module
153. modprobe vfio-pci
154. '';
155. mode = "0755";
156. };
157.  
158. "libvirt/hooks/qemu.d/win10/release/end/stop.sh" = {
159. text =
160. ''
161. #!/run/current-system/sw/bin/bash
162.  
163. # Debugging
164. # exec 19>/home/owner/Desktop/stoplogfile
165. # BASH_XTRACEFD=19
166. # set -x
167.  
168. # Load variables we defined
169. source "/etc/libvirt/hooks/kvm.conf"
170.  
171. # Unload vfio module
172. modprobe -r vfio-pci
173.  
174. # Attach GPU devices from host
175. virsh nodedev-reattach $VIRSH_GPU_VIDEO
176. virsh nodedev-reattach $VIRSH_GPU_AUDIO
177.  
178. # Read nvidia x config
179. nvidia-xconfig --query-gpu-info > /dev/null 2>&1
180.  
181. # Load NVIDIA kernel modules
182. modprobe nvidia_drm nvidia_modeset nvidia_uvm nvidia
183.  
184. # Avoid race condition
185. # sleep 5
186.  
187. # Bind EFI Framebuffer
188. echo efi-framebuffer.0 > /sys/bus/platform/drivers/efi-framebuffer/bind
189.  
190. # Bind VTconsoles
191. echo 1 > /sys/class/vtconsole/vtcon0/bind
192. echo 1 > /sys/class/vtconsole/vtcon1/bind
193.  
194. # Start display manager
195. systemctl start display-manager.service
196.  
197. # Return host to all cores
198. systemctl set-property --runtime -- user.slice AllowedCPUs=0-3
199. systemctl set-property --runtime -- system.slice AllowedCPUs=0-3
200. systemctl set-property --runtime -- init.scope AllowedCPUs=0-3
201.  
202. # Change to powersave governor
203. echo powersave | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
204. '';
205. mode = "0755";
206. };
207.  
208. "libvirt/vgabios/patched.rom".source = /home/owner/Desktop/Sync/Files/Linux_Config/symlinks/patched.rom;
209. };
210. }