commit a102b900be9c616b1c6e89e4098b314f1089b0ac · pyrox.dev/nixpkgs

nixos/modules/misc/ids.nix

···

       325
       325
        
             hydron = 298;

     

       326
       326
        
             cfssl = 299;

     

       327
       327
        
             cassandra = 300;

     

       328
       328
       +
             qemu-libvirtd = 301;

     

       328
       329
        
       

     

       329
       330
        
             # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!

     

       330
       331
        
       

     
···

       610
       611
        
             hydron = 298;

     

       611
       612
        
             cfssl = 299;

     

       612
       613
        
             cassandra = 300;

     

       614
       614
       +
             qemu-libvirtd = 301;

     

       613
       615
        
       

     

       614
       616
        
             # When adding a gid, make sure it doesn't match an existing

     

       615
       617
        
             # uid. Users and groups with the same name should have equal

+24

nixos/modules/virtualisation/libvirtd.nix

···

       17
       17
        
           ${optionalString cfg.qemuOvmf ''

     

       18
       18
        
             nvram = ["/run/libvirt/nix-ovmf/OVMF_CODE.fd:/run/libvirt/nix-ovmf/OVMF_VARS.fd"]

     

       19
       19
        
           ''}

     

       20
       20
       +
           ${optionalString (!cfg.qemuRunAsRoot) ''

     

       21
       21
       +
             user = "qemu-libvirtd"

     

       22
       22
       +
             group = "qemu-libvirtd"

     

       23
       23
       +
           ''}

     

       20
       24
        
           ${cfg.qemuVerbatimConfig}

     

       21
       25
        
         '';

     

       22
       26
        
       

     
···

       56
       60
        
             '';

     

       57
       61
        
           };

     

       58
       62
        
       

     

       63
       63
       +
           virtualisation.libvirtd.qemuRunAsRoot = mkOption {

     

       64
       64
       +
             type = types.bool;

     

       65
       65
       +
             default = true;

     

       66
       66
       +
             description = ''

     

       67
       67
       +
               If true,  libvirtd runs qemu as root.

     

       68
       68
       +
               If false, libvirtd runs qemu as unprivileged user qemu-libvirtd.

     

       69
       69
       +
               Changing this option to false may cause file permission issues

     

       70
       70
       +
               for existing guests. To fix these, manually change ownership

     

       71
       71
       +
               of affected files in /var/lib/libvirt/qemu to qemu-libvirtd.

     

       72
       72
       +
             '';

     

       73
       73
       +
           };

     

       74
       74
       +
       

     

       59
       75
        
           virtualisation.libvirtd.qemuVerbatimConfig = mkOption {

     

       60
       76
        
             type = types.lines;

     

       61
       77
        
             default = ''

     
···

       109
       125
        
           boot.kernelModules = [ "tun" ];

     

       110
       126
        
       

     

       111
       127
        
           users.groups.libvirtd.gid = config.ids.gids.libvirtd;

     

       128
       128
       +
       

     

       129
       129
       +
           # libvirtd runs qemu as this user and group by default

     

       130
       130
       +
           users.extraGroups.qemu-libvirtd.gid = config.ids.gids.qemu-libvirtd;

     

       131
       131
       +
           users.extraUsers.qemu-libvirtd = {

     

       132
       132
       +
             uid = config.ids.uids.qemu-libvirtd;

     

       133
       133
       +
             isNormalUser = false;

     

       134
       134
       +
             group = "qemu-libvirtd";

     

       135
       135
       +
           };

     

       112
       136
        
       

     

       113
       137
        
           systemd.packages = [ pkgs.libvirt ];

     

       114
       138