diff --git a/flake.lock b/flake.lock index f7dd81b..e379543 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,65 @@ { "nodes": { + "ags": { + "inputs": { + "astal": "astal", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1735485506, + "narHash": "sha256-7CWr3Q83KnGiLUn0oaboafLMOXQ0X9/fjFRVY1xopbM=", + "owner": "Aylur", + "repo": "ags", + "rev": "251d39413543264361898b02035775aa3e46fe52", + "type": "github" + }, + "original": { + "owner": "Aylur", + "repo": "ags", + "type": "github" + } + }, + "anyrun": { + "inputs": { + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs_2", + "systems": "systems" + }, + "locked": { + "lastModified": 1735301051, + "narHash": "sha256-jU88Q9tP4vuvWYGQcmOdFwI9e2uMPVYJHbXdiklIH9o=", + "owner": "Kirottu", + "repo": "anyrun", + "rev": "06017e753c8886d5296768dca80745ee09402a2d", + "type": "github" + }, + "original": { + "owner": "Kirottu", + "repo": "anyrun", + "type": "github" + } + }, + "astal": { + "inputs": { + "nixpkgs": [ + "ags", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1735172721, + "narHash": "sha256-rtEAwGsHSppnkR3Qg3eRJ6Xh/F84IY9CrBBLzYabalY=", + "owner": "aylur", + "repo": "astal", + "rev": "6c84b64efc736e039a8a10774a4a1bf772c37aa2", + "type": "github" + }, + "original": { + "owner": "aylur", + "repo": "astal", + "type": "github" + } + }, "disko": { "inputs": { "nixpkgs": [ @@ -20,6 +80,119 @@ "type": "github" } }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "anyrun", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1727826117, + "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1733312601, + "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1735381016, + "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "impermanence": { + "locked": { + "lastModified": 1734945620, + "narHash": "sha256-olIfsfJK4/GFmPH8mXMmBDAkzVQ1TWJmeGT3wBGfQPY=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "d000479f4f41390ff7cf9204979660ad5dd16176", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "impermanence", + "type": "github" + } + }, + "muse-sounds-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1711493694, + "narHash": "sha256-u6hPaeOUsV/d/kBNo1vlG6X0/gHvTkHfCECH9pjFnV8=", + "owner": "thilobillerbeck", + "repo": "muse-sounds-manager-nix", + "rev": "06b0da28c54331d5af73efd2ebf264ce914e5936", + "type": "github" + }, + "original": { + "owner": "thilobillerbeck", + "repo": "muse-sounds-manager-nix", + "rev": "06b0da28c54331d5af73efd2ebf264ce914e5936", + "type": "github" + } + }, + "nix-index-database": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1735443188, + "narHash": "sha256-AydPpRBh8+NOkrLylG7vTsHrGO2b5L7XkMEL5HlzcA8=", + "owner": "nix-community", + "repo": "nix-index-database", + "rev": "55ab1e1df5daf2476e6b826b69a82862dcbd7544", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-index-database", + "type": "github" + } + }, "nixos-facter-modules": { "locked": { "lastModified": 1734596637, @@ -35,7 +208,82 @@ "type": "github" } }, + "nixos-hardware": { + "locked": { + "lastModified": 1735388221, + "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixos-hardware", + "type": "github" + } + }, "nixpkgs": { + "locked": { + "lastModified": 1734649271, + "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1733096140, + "narHash": "sha256-1qRH7uAUsyQI7R1Uwl4T+XvdNv778H0Nb5njNrqvylY=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1730200266, + "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1734649271, + "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1735268880, "narHash": "sha256-7QEFnKkzD13SPxs+UFR5bUFN2fRw+GlL0am72ZjNre4=", @@ -53,9 +301,32 @@ }, "root": { "inputs": { + "ags": "ags", + "anyrun": "anyrun", "disko": "disko", + "flake-parts": "flake-parts_2", + "home-manager": "home-manager", + "impermanence": "impermanence", + "muse-sounds-manager": "muse-sounds-manager", + "nix-index-database": "nix-index-database", "nixos-facter-modules": "nixos-facter-modules", - "nixpkgs": "nixpkgs" + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_4" + } + }, + "systems": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" } } }, diff --git a/home/apps.nix b/home/apps.nix index 71886bb..5953aef 100644 --- a/home/apps.nix +++ b/home/apps.nix @@ -116,6 +116,7 @@ }; }; extensions = with pkgs.vscode-extensions; [ + vscodevim.vim mkhl.direnv jnoortheen.nix-ide ]; diff --git a/home/default.nix b/home/default.nix index 5692894..cb3f3e9 100644 --- a/home/default.nix +++ b/home/default.nix @@ -19,6 +19,7 @@ in { ./desktop.nix # ./emacs.nix ./apps.nix + ./vm.nix ]; home.sessionVariables = variables; diff --git a/home/vm.nix b/home/vm.nix new file mode 100644 index 0000000..81da1f1 --- /dev/null +++ b/home/vm.nix @@ -0,0 +1,18 @@ + +{ + config, + lib, + pkgs, + ... +}: { + home.packages = [ + pkgs.virtio-win + ]; + + dconf.settings = { + "org/virt-manager/virt-manager/connections" = { + autoconnect = ["qemu:///system"]; + uris = ["qemu:///system"]; + }; + }; +} diff --git a/iommu.sh b/iommu.sh new file mode 100755 index 0000000..31ca9e2 --- /dev/null +++ b/iommu.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +shopt -s nullglob +for g in $(find /sys/kernel/iommu_groups/* -maxdepth 0 -type d | sort -V); do + echo "IOMMU Group ${g##*/}:" + for d in $g/devices/*; do + echo -e "\t$(lspci -nns ${d##*/})" + done; +done; \ No newline at end of file diff --git a/nixos/default.nix b/nixos/default.nix index 9133472..411f419 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -23,13 +23,21 @@ ./users.nix ./user-system-config.nix + + ./vm.nix ]; + vfio = { + enable = true; + earlyKMS = true; + applyACSpatch = true; + }; + # Allows referring to this flake by the shorthand `nixos-config`, which lets you do e.g. # nix repl nixos-config nix.registry.nixos-config.to = { type = "git"; - url = "file://${config.users.users.evar.home}/dev/nix/config"; + url = "file://${config.users.users.evar.home}/git/nixos-framework-laptop-config"; }; # In order to catch all logs, we need to mount this early enough in the boot process. diff --git a/nixos/impermanence.nix b/nixos/impermanence.nix index 91f23c9..09dc1c3 100644 --- a/nixos/impermanence.nix +++ b/nixos/impermanence.nix @@ -16,6 +16,7 @@ "/var/lib/fprint" "/var/lib/upower" "/var/lib/tailscale" + "/var/lib/libvirt" "/var/lib/systemd/coredump" "/etc/NetworkManager/system-connections" "/var/lib/iwd" # Known networks and keys diff --git a/nixos/vm.nix b/nixos/vm.nix new file mode 100644 index 0000000..38ee19f --- /dev/null +++ b/nixos/vm.nix @@ -0,0 +1,72 @@ +{ + config, + lib, + pkgs, + ... +}: +let + gpuIDs = [ + "1002:7480" # Graphics + "1002:ab30" # Audio + "1022:15c0" # Top Right physical USB C port + ]; +in { + options.vfio.enable = with lib; + mkEnableOption "Configure the machine for VFIO"; + + options.vfio.earlyKMS = with lib; + mkEnableOption "Configure the machine to load the GPU driver during initramfs"; + + options.vfio.applyACSpatch = with lib; + mkEnableOption + ''If set, the following things will happen: + - The ACS override patch is applied + - Applies the i915-vga-arbiter patch + - Adds pcie_acs_override=downstream to the command line + ''; + + config = let cfg = config.vfio; + in { + networking.bridges = { + "winvm0" = { + interfaces = [ "eth0" ]; + }; + }; + networking.interfaces.eth0.useDHCP = true; + networking.interfaces.winvm0.useDHCP = true; + + programs.virt-manager.enable = true; + users.groups.libvirtd.members = ["evar"]; + hardware.graphics.enable = true; + virtualisation.libvirtd.enable = true; + virtualisation.libvirtd.qemu.swtpm.enable = true; # for TPM 2.0 support + virtualisation.spiceUSBRedirection.enable = true; + + boot = { + initrd.kernelModules = [ + "vfio_pci" + "vfio" + "vfio_iommu_type1" + # "vfio_virqfd" # This is apparently a part of the kernel now + ] ++ lib.optional cfg.earlyKMS "amdgpu"; + + # kernelPatches = [] ++ lib.optional cfg.applyACSpatch + # { + # name = "add-acs-overrides"; + # patch = pkgs.fetchurl { + # name = "add-acs-overrides.patch"; + # url = "https://aur.archlinux.org/cgit/aur.git/plain/1001-6.8.0-add-acs-overrides.patch?h=linux-vfio"; + # sha256 = "1qd68s9r0ppynksbffqn2qbp1whqpbfp93dpccp9griwhx5srx6v"; + # }; + # }; + + kernelParams = [ + # enable IOMMU + "amd_iommu=on" + ] ++ lib.optional cfg.enable + # isolate the GPU + ("vfio-pci.ids=" + lib.concatStringsSep "," gpuIDs); + # ++ lib.optional cfg.applyACSpatch "pcie_acs_override=downstream,multifunction"; + }; + }; +} \ No newline at end of file diff --git a/usbiommu.sh b/usbiommu.sh new file mode 100755 index 0000000..551cf5d --- /dev/null +++ b/usbiommu.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash +shopt -s nullglob +for usb_ctrl in /sys/bus/pci/devices/*/usb*; do + pci_path=${usb_ctrl%/*} + iommu_group=$(readlink $pci_path/iommu_group) + echo "Bus $(cat $usb_ctrl/busnum) --> ${pci_path##*/} (IOMMU group ${iommu_group##*/})" + lsusb -s ${usb_ctrl#*/usb}: + echo +done \ No newline at end of file