Browse Source

virtualization: fully modularized, some work on weechat

master
parent
commit
c8ece16b63
Signed by: govanify GPG Key ID: DE62E1E2A6145556
8 changed files with 108 additions and 51 deletions
  1. +1
    -1
      common/desktop.nix
  2. +0
    -44
      common/virtualization.nix
  3. +79
    -0
      component/virtualization.nix
  4. +13
    -0
      doc/virtualization.txt
  5. +3
    -0
      dotfiles/graphical/sway/config
  6. +5
    -5
      machines/alastor/default.nix
  7. +4
    -1
      machines/alastor/hardware.nix
  8. +3
    -0
      pkgs/weechat.nix

+ 1
- 1
common/desktop.nix View File

@ -6,7 +6,7 @@
./headfull.nix
./graphical.nix
./gaming.nix
./virtualization.nix
./../component/virtualization.nix
];
home-manager.users.govanify = {
home.file.".config/sway/config".source = ./../dotfiles/graphical/sway/config;

+ 0
- 44
common/virtualization.nix View File

@ -1,44 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.modules.igvt-libvirt;
in {
options = {
modules.igvt-libvirt = {
enable = mkEnableOption "Intel GVT-g for libvirtd";
gvt_pci = mkOption {
type = types.str;
default = "0000:00:02.0";
description = "PCI identifier for the Intel GPU.";
};
gvt_type = mkOption {
type = types.str;
default = "";
description = "Display type of the virtual GPU.";
};
};
};
config = mkIf cfg.enable {
virtualisation.libvirtd.enable = true;
environment = {
etc = {
"libvirt/hooks/qemu" = {
text = ''
#!/bin/sh
GVT_PCI="${cfg.gvt_pci}"
GVT_GUID="$(xmllint --xpath 'string(/domain/devices/hostdev[@type="mdev"][@display="on"]/source/address/@uuid)' -)"
MDEV_TYPE="${cfg.gvt_type}"
DOMAIN="$(xmllint --xpath 'string(/domain/name)' -)"
if [ $# -ge 3 ]; then
if [ $1 = "$DOMAIN" -a $2 = "prepare" -a $3 = "begin" ]; then
echo "$GVT_GUID" > "/sys/bus/pci/devices/$GVT_PCI/mdev_supported_types/$MDEV_TYPE/create"
elif [ $1 = "$DOMAIN" -a $2 = "release" -a $3 = "end" ]; then
echo 1 > /sys/bus/pci/devices/$GVT_PCI/$GVT_GUID/remove
fi
fi
''; mode = "744"; };
};
};
};
}

+ 79
- 0
component/virtualization.nix View File

@ -0,0 +1,79 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.modules.my.virtualization;
in {
options = {
modules.my.virtualization = {
enable = mkEnableOption "Various virtualization options";
pci_devices = mkOption {
type = types.str;
default = "";
description = "List of PCI devices to isolate, colon separated list ex: 8086:1912,8086:1913";
};
bridge_devices = mkOption {
type = types.listOf types.str;
default = [];
description = "List of interfaces the bridge binds to.";
};
gvt = mkOption {
type = types.bool;
default = false;
description = "Enable iGVT-d hooks";
};
gvt_pci = mkOption {
type = types.str;
default = "0000:00:02.0";
description = "PCI identifier for the Intel GPU.";
};
gvt_type = mkOption {
type = types.str;
default = "";
description = "Display type of the virtual GPU.";
};
};
};
config = mkIf cfg.enable {
virtualisation.libvirtd.enable = true;
# isolate iGPU for libvirtd
boot = mkIf (cfg.pci_devices != "") {
initrd.kernelModules = [ "vfio_virqfd" "vfio_pci" "vfio_iommu_type1"
"vfio" ];
kernelParams = [ "vfio-pci.ids=${cfg.pci_devices}" ];
};
networking = mkIf (cfg.bridge_devices != []) {
bridges.br0.interfaces = cfg.bridge_devices;
dhcpcd.denyInterfaces = [ "virbr0" ];
};
# iGVT hooks
systemd.services.libvirtd.preStart = mkIf cfg.gvt ''
mkdir -p /var/lib/libvirt/hooks
chmod 755 /var/lib/libvirt/hooks
# setup hook file on service startup
cp -f ${(pkgs.writeShellScriptBin "igvt_hook" ''
GVT_PCI="${cfg.gvt_pci}"
GVT_GUID="$(${pkgs.libxml2}/bin/xmllint --xpath 'string(/domain/devices/hostdev[@type="mdev"]/source/address/@uuid)' -)"
MDEV_TYPE="${cfg.gvt_type}"
if [ $# -ge 3 ]; then
if [ ! -z "$GVT_GUID" ] && [ $2 = "prepare" ] && [ $3 = "begin" ]; then
echo "$GVT_GUID" > "/sys/bus/pci/devices/$GVT_PCI/mdev_supported_types/$MDEV_TYPE/create"
elif [ ! -z "$GVT_GUID" ] && [ $2 = "release" ] && [ $3 = "end" ]; then
echo 1 > /sys/bus/pci/devices/$GVT_PCI/$GVT_GUID/remove
fi
fi
'').outPath}/bin/igvt_hook /var/lib/libvirt/hooks/qemu
# Make them executable
chmod +x /var/lib/libvirt/hooks/qemu
'';
};
}

+ 13
- 0
doc/virtualization.txt View File

@ -34,3 +34,16 @@ over baremetal functionalities.
TODO: difference between sandboxed and virtualized software execution env
You can use the script below to generate blabla
#!/bin/sh
UUID=$(uuidgen)
cat << EOF
<hostdev mode='subsystem' type='mdev' managed='no' model='vfio-pci' display='on'>
<source>
<address uuid='$UUID'/>
</source>
</hostdev>
EOF

+ 3
- 0
dotfiles/graphical/sway/config View File

@ -17,7 +17,10 @@ output * bg ~/Pictures/wallpaper.png fill
output eDP-1 scale 2.0
output DP-2 scale 2.0
output DP-2 pos 1920 0 res 3840x2160
output DP-4 scale 2.0
output DP-4 pos 1920 0 res 3840x2160
output HDMI-A-2 pos 0 0 res 1920x1080
output HDMI-A-5 pos 0 0 res 1920x1080
# all you need to have a good day
exec swaymsg "workspace 1; exec ibus-daemon -dr"

+ 5
- 5
machines/alastor/default.nix View File

@ -35,13 +35,13 @@
# enable = true;
# interface = "wlp1s0";
# };
networking.bridges.br0.interfaces = [ "wlp3s0" ];
networking.dhcpcd.denyInterfaces = [ "virbr0" ];
modules.igvt-libvirt = {
modules.my.virtualization = {
enable = true;
gvt_type = "i915-GVTg_V5_1";
gvt_pci = "0000:00:02.0";
pci_devices = "8086:1912";
bridge_devices = [ "wlp3s0" ];
};
# otherwise stalls on boot for some reason
systemd.services.sys-subsystem-net-devices-enp0s20f0u2.enable = lib.mkForce false;
home-manager.users.govanify = {
home.file."Pictures/wallpaper.png".source = ./wallpaper.png;

+ 4
- 1
machines/alastor/hardware.nix View File

@ -23,10 +23,13 @@
};
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
# virtualization and iGVT-g
boot.kernelModules = [ "kvm-intel" "ieee80211_crypt_tkip" "vfio_pci" "kvmgt"
"vfio-iommu-type1" "vfio-mdev"];
# isolate iGPU for libvirtd
boot.initrd.kernelModules = [ "vfio_virqfd" "vfio_pci" "vfio_iommu_type1"
"vfio" "dm-snapshot" ];
boot.kernelParams = [ "vfio-pci.ids=8086:1912" ];
boot.extraModulePackages = [ ];
boot.initrd.luks.devices =

+ 3
- 0
pkgs/weechat.nix View File

@ -3,6 +3,9 @@ let
weechat = pkgs.weechat.override {
configure = {availablePlugins, ...}:
{
plugins = with availablePlugins; [
(python.withPackages (_: [ pkgs.weechatScripts.weechat-matrix ]))
];
scripts = with pkgs.weechatScripts; [ weechat-autosort weechat-matrix ];
};
};

Loading…
Cancel
Save