virtualization.nix (1420B)
1 { config, lib, pkgs, ... }: 2 3 with lib; 4 let 5 cfg = config.profiles.virtualization; 6 in 7 { 8 options = { 9 profiles.virtualization = { 10 enable = mkEnableOption "Enable virtualization profile"; 11 nested = mkOption { 12 default = false; 13 description = "Enable nested virtualization"; 14 type = types.bool; 15 }; 16 listenTCP = mkOption { 17 default = false; 18 description = "Make libvirt listen to TCP"; 19 type = types.bool; 20 }; 21 }; 22 }; 23 config = mkIf cfg.enable (mkMerge [ 24 { 25 virtualisation.libvirtd = { 26 enable = true; 27 }; 28 environment.systemPackages = with pkgs; [ 29 qemu 30 vde2 31 libosinfo 32 ]; 33 } 34 (mkIf cfg.nested { 35 boot.kernelParams = [ "kvm_intel.nested=1" ]; 36 environment.etc."modprobe.d/kvm.conf".text = '' 37 options kvm_intel nested=1 38 ''; 39 }) 40 (mkIf config.profiles.desktop.enable { 41 environment.systemPackages = with pkgs; [ virtmanager ]; 42 }) 43 (mkIf cfg.listenTCP { 44 boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; }; 45 virtualisation.libvirtd = { 46 allowedBridges = [ "br1" ]; 47 extraConfig = '' 48 listen_tls = 0 49 listen_tcp = 1 50 auth_tcp="none" 51 tcp_port = "16509" 52 ''; 53 # extraOptions = [ "--listen" ]; 54 }; 55 networking.firewall.allowedTCPPorts = [ 16509 ]; 56 }) 57 ]); 58 }