yaroslav
7850408607
with zfs Note: this is probably the first commit with coq-nvim working again, don't remove uder any circumstances
48 lines
1.4 KiB
Nix
48 lines
1.4 KiB
Nix
{ pkgs, config, lib, ... }:
|
|
|
|
{
|
|
environment = {
|
|
systemPackages = [ pkgs.qemu pkgs.virt-manager ];
|
|
};
|
|
systemd.tmpfiles.rules = [ "L+ /var/lib/qemu/firmware - - - - ${pkgs.qemu}/share/qemu/firmware" ];
|
|
boot.binfmt.emulatedSystems = [
|
|
"aarch64-linux"
|
|
"riscv64-linux"
|
|
];
|
|
virtualisation.libvirtd = {
|
|
enable = true;
|
|
qemu = {
|
|
package = pkgs.qemu_kvm;
|
|
runAsRoot = true;
|
|
swtpm.enable = true;
|
|
ovmf = {
|
|
enable = true;
|
|
packages = [(pkgs.OVMF.override {
|
|
secureBoot = true;
|
|
tpmSupport = true;
|
|
}).fd];
|
|
};
|
|
};
|
|
};
|
|
virtualisation.containers.enable = true;
|
|
virtualisation = {
|
|
podman = {
|
|
enable = true;
|
|
|
|
# Create a `docker` alias for podman, to use it as a drop-in replacement
|
|
dockerCompat = true;
|
|
|
|
# Required for containers under podman-compose to be able to talk to each other.
|
|
defaultNetwork.settings.dns_enabled = true;
|
|
};
|
|
incus = {
|
|
enable = true;
|
|
ui.enable = true;
|
|
};
|
|
};
|
|
networking.firewall.interfaces.incusbr0.allowedTCPPorts = [ 53 67 ];
|
|
networking.firewall.interfaces.incusbr0.allowedUDPPorts = [ 53 67 ];
|
|
networking.firewall.interfaces.virbr0.allowedTCPPorts = [ 53 67 ];
|
|
networking.firewall.interfaces.virbr0.allowedUDPPorts = [ 53 67 ];
|
|
}
|