···
ovmfFilePrefix = if pkgs.stdenv.isAarch64 then "AAVMF" else "OVMF";
qemuConfigFile = pkgs.writeText "qemu.conf" ''
16
-
${optionalString cfg.qemuOvmf ''
16
+
${optionalString cfg.qemu.ovmf.enable ''
nvram = [ "/run/libvirt/nix-ovmf/${ovmfFilePrefix}_CODE.fd:/run/libvirt/nix-ovmf/${ovmfFilePrefix}_VARS.fd" ]
19
-
${optionalString (!cfg.qemuRunAsRoot) ''
19
+
${optionalString (!cfg.qemu.runAsRoot) ''
23
-
${cfg.qemuVerbatimConfig}
23
+
${cfg.qemu.verbatimConfig}
subDirs = list: [ dirName ] ++ map (e: "${dirName}/${e}") list;
28
+
ovmfModule = types.submodule {
34
+
Allows libvirtd to take advantage of OVMF when creating new
35
+
QEMU VMs with UEFI boot.
39
+
package = mkOption {
40
+
type = types.package;
41
+
default = pkgs.OVMF;
42
+
defaultText = literalExpression "pkgs.OVMF";
43
+
example = literalExpression "pkgs.OVMFFull";
45
+
OVMF package to use.
51
+
swtpmModule = types.submodule {
57
+
Allows libvirtd to use swtpm to create an emulated TPM.
61
+
package = mkOption {
62
+
type = types.package;
63
+
default = pkgs.swtpm;
64
+
defaultText = literalExpression "pkgs.swtpm";
66
+
swtpm package to use.
72
+
qemuModule = types.submodule {
74
+
package = mkOption {
75
+
type = types.package;
76
+
default = pkgs.qemu;
77
+
defaultText = literalExpression "pkgs.qemu";
79
+
Qemu package to use with libvirt.
80
+
`pkgs.qemu` can emulate alien architectures (e.g. aarch64 on x86)
81
+
`pkgs.qemu_kvm` saves disk space allowing to emulate only host architectures.
85
+
runAsRoot = mkOption {
89
+
If true, libvirtd runs qemu as root.
90
+
If false, libvirtd runs qemu as unprivileged user qemu-libvirtd.
91
+
Changing this option to false may cause file permission issues
92
+
for existing guests. To fix these, manually change ownership
93
+
of affected files in /var/lib/libvirt/qemu to qemu-libvirtd.
97
+
verbatimConfig = mkOption {
103
+
Contents written to the qemu configuration file, qemu.conf.
104
+
Make sure to include a proper namespace configuration when
105
+
supplying custom configuration.
113
+
QEMU's OVMF options.
118
+
type = swtpmModule;
121
+
QEMU's swtpm options.
(mkRemovedOptionModule [ "virtualisation" "libvirtd" "enableKVM" ]
32
-
"Set the option `virtualisation.libvirtd.qemuPackage' instead.")
131
+
"Set the option `virtualisation.libvirtd.qemu.package' instead.")
132
+
(mkRenamedOptionModule
133
+
[ "virtualisation" "libvirtd" "qemuPackage" ]
134
+
[ "virtualisation" "libvirtd" "qemu" "package" ])
135
+
(mkRenamedOptionModule
136
+
[ "virtualisation" "libvirtd" "qemuRunAsRoot" ]
137
+
[ "virtualisation" "libvirtd" "qemu" "runAsRoot" ])
138
+
(mkRenamedOptionModule
139
+
[ "virtualisation" "libvirtd" "qemuVerbatimConfig" ]
140
+
[ "virtualisation" "libvirtd" "qemu" "verbatimConfig" ])
141
+
(mkRenamedOptionModule
142
+
[ "virtualisation" "libvirtd" "qemuOvmf" ]
143
+
[ "virtualisation" "libvirtd" "qemu" "ovmf" "enable" ])
144
+
(mkRenamedOptionModule
145
+
[ "virtualisation" "libvirtd" "qemuOvmfPackage" ]
146
+
[ "virtualisation" "libvirtd" "qemu" "ovmf" "package" ])
147
+
(mkRenamedOptionModule
148
+
[ "virtualisation" "libvirtd" "qemuSwtpm" ]
149
+
[ "virtualisation" "libvirtd" "qemu" "swtpm" "enable" ])
···
59
-
qemuPackage = mkOption {
60
-
type = types.package;
61
-
default = pkgs.qemu;
62
-
defaultText = literalExpression "pkgs.qemu";
64
-
Qemu package to use with libvirt.
65
-
`pkgs.qemu` can emulate alien architectures (e.g. aarch64 on x86)
66
-
`pkgs.qemu_kvm` saves disk space allowing to emulate only host architectures.
···
79
-
qemuRunAsRoot = mkOption {
83
-
If true, libvirtd runs qemu as root.
84
-
If false, libvirtd runs qemu as unprivileged user qemu-libvirtd.
85
-
Changing this option to false may cause file permission issues
86
-
for existing guests. To fix these, manually change ownership
87
-
of affected files in /var/lib/libvirt/qemu to qemu-libvirtd.
91
-
qemuVerbatimConfig = mkOption {
97
-
Contents written to the qemu configuration file, qemu.conf.
98
-
Make sure to include a proper namespace configuration when
99
-
supplying custom configuration.
103
-
qemuOvmf = mkOption {
107
-
Allows libvirtd to take advantage of OVMF when creating new
108
-
QEMU VMs with UEFI boot.
112
-
qemuOvmfPackage = mkOption {
113
-
type = types.package;
114
-
default = pkgs.OVMF;
115
-
defaultText = literalExpression "pkgs.OVMF";
116
-
example = literalExpression "pkgs.OVMFFull";
118
-
OVMF package to use.
121
-
qemuSwtpm = mkOption {
125
-
Allows libvirtd to use swtpm to create an emulated TPM.
extraOptions = mkOption {
type = types.listOf types.str;
···
139
-
type = types.enum ["start" "ignore" ];
195
+
type = types.enum [ "start" "ignore" ];
Specifies the action to be done to / on the guests when the host boots.
···
151
-
type = types.enum ["shutdown" "suspend" ];
207
+
type = types.enum [ "shutdown" "suspend" ];
When shutting down / restarting the host what method should
···
229
+
QEMU related options.
···
message = "The libvirtd module currently requires Polkit to be enabled ('security.polkit.enable = true').";
182
-
assertion = builtins.elem "fd" cfg.qemuOvmfPackage.outputs;
245
+
assertion = builtins.elem "fd" cfg.qemu.ovmf.package.outputs;
message = "The option 'virtualisation.libvirtd.qemuOvmfPackage' needs a package that has an 'fd' output.";
# this file is expected in /etc/qemu and not sysconfdir (/var/lib)
189
-
etc."qemu/bridge.conf".text = lib.concatMapStringsSep "\n" (e:
190
-
"allow ${e}") cfg.allowedBridges;
191
-
systemPackages = with pkgs; [ libressl.nc iptables cfg.package cfg.qemuPackage ];
252
+
etc."qemu/bridge.conf".text = lib.concatMapStringsSep "\n"
255
+
cfg.allowedBridges;
256
+
systemPackages = with pkgs; [ libressl.nc iptables cfg.package cfg.qemu.package ];
etc.ethertypes.source = "${pkgs.ebtables}/etc/ethertypes";
···
cp -f ${qemuConfigFile} /var/lib/${dirName}/qemu.conf
# stable (not GC'able as in /nix/store) paths for using in <emulator> section of xml configs
233
-
for emulator in ${cfg.package}/libexec/libvirt_lxc ${cfg.qemuPackage}/bin/qemu-kvm ${cfg.qemuPackage}/bin/qemu-system-*; do
298
+
for emulator in ${cfg.package}/libexec/libvirt_lxc ${cfg.qemu.package}/bin/qemu-kvm ${cfg.qemu.package}/bin/qemu-system-*; do
ln -s --force "$emulator" /run/${dirName}/nix-emulators/
for helper in libexec/qemu-bridge-helper bin/qemu-pr-helper; do
238
-
ln -s --force ${cfg.qemuPackage}/$helper /run/${dirName}/nix-helpers/
303
+
ln -s --force ${cfg.qemu.package}/$helper /run/${dirName}/nix-helpers/
241
-
${optionalString cfg.qemuOvmf ''
242
-
ln -s --force ${cfg.qemuOvmfPackage.fd}/FV/${ovmfFilePrefix}_CODE.fd /run/${dirName}/nix-ovmf/
243
-
ln -s --force ${cfg.qemuOvmfPackage.fd}/FV/${ovmfFilePrefix}_VARS.fd /run/${dirName}/nix-ovmf/
306
+
${optionalString cfg.qemu.ovmf.enable ''
307
+
ln -s --force ${cfg.qemu.ovmf.package.fd}/FV/${ovmfFilePrefix}_CODE.fd /run/${dirName}/nix-ovmf/
308
+
ln -s --force ${cfg.qemu.ovmf.package.fd}/FV/${ovmfFilePrefix}_VARS.fd /run/${dirName}/nix-ovmf/
···
systemd.services.libvirtd = {
requires = [ "libvirtd-config.service" ];
after = [ "libvirtd-config.service" ]
259
-
++ optional vswitch.enable "ovs-vswitchd.service";
324
+
++ optional vswitch.enable "ovs-vswitchd.service";
environment.LIBVIRTD_ARGS = escapeShellArgs (
262
-
[ "--config" configFile
263
-
"--timeout" "120" # from ${libvirt}/var/lib/sysconfig/libvirtd
264
-
] ++ cfg.extraOptions);
331
+
"120" # from ${libvirt}/var/lib/sysconfig/libvirtd
332
+
] ++ cfg.extraOptions
266
-
path = [ cfg.qemuPackage ] # libvirtd requires qemu-img to manage disk images
267
-
++ optional vswitch.enable vswitch.package
268
-
++ optional cfg.qemuSwtpm pkgs.swtpm;
335
+
path = [ cfg.qemu.package ] # libvirtd requires qemu-img to manage disk images
336
+
++ optional vswitch.enable vswitch.package
337
+
++ optional cfg.qemu.swtpm.enable cfg.qemu.swtpm.package;
pyrox.dev