virt changes including new NixVirt input

flake.lock

@@ -1,23 +1,23 @@
 {
   "nodes": {
-    "disko": {
+    "NixVirt": {
       "inputs": {
         "nixpkgs": [
           "nixpkgs"
-        ]
+        ],
+        "nixpkgs-ovmf": "nixpkgs-ovmf"
       },
       "locked": {
-        "lastModified": 1733168902,
+        "lastModified": 1712439808,
-        "narHash": "sha256-8dupm9GfK+BowGdQd7EHK5V61nneLfr9xR6sc5vtDi0=",
+        "narHash": "sha256-QoONoZPBpNTw5cia05QSvDlaxXo3moKAJQOw7c5hMXA=",
-        "owner": "nix-community",
+        "rev": "9f1cdca730d92461075709e867c1e9ad93d58a8d",
-        "repo": "disko",
+        "revCount": 284,
-        "rev": "785c1e02c7e465375df971949b8dcbde9ec362e5",
+        "type": "tarball",
-        "type": "github"
+        "url": "https://api.flakehub.com/f/pinned/AshleyYakeley/NixVirt/0.5.0/018eb55e-7beb-75c5-919f-5b5b26136e06/source.tar.gz"
       },
       "original": {
-        "owner": "nix-community",
+        "type": "tarball",
-        "repo": "disko",
+        "url": "https://flakehub.com/f/AshleyYakeley/NixVirt/%2A.tar.gz"
-        "type": "github"
       }
     },
     "flake-compat": {
@@ -135,6 +135,22 @@
         "type": "github"
       }
     },
+    "nixpkgs-ovmf": {
+      "locked": {
+        "lastModified": 1708984720,
+        "narHash": "sha256-gJctErLbXx4QZBBbGp78PxtOOzsDaQ+yw1ylNQBuSUY=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "13aff9b34cc32e59d35c62ac9356e4a41198a538",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixpkgs_2": {
       "locked": {
         "lastModified": 1733759999,
@@ -173,7 +189,7 @@
     },
     "root": {
       "inputs": {
-        "disko": "disko",
+        "NixVirt": "NixVirt",
         "home-manager": "home-manager",
         "nixos-wsl": "nixos-wsl",
         "nixpkgs": "nixpkgs",

flake.nix

@@ -15,13 +15,13 @@
       url = "github:nix-community/NixOS-WSL/2405.5.4";
       inputs.nixpkgs.follows = "nixpkgs";
     };
-    disko = {
+    NixVirt = {
-      url = "github:nix-community/disko";
+      url = "https://flakehub.com/f/AshleyYakeley/NixVirt/*.tar.gz";
       inputs.nixpkgs.follows = "nixpkgs";
     };
   };
 
-  outputs = { self, nixpkgs, nur, home-manager, nixos-wsl, disko }:
+  outputs = { self, nixpkgs, nur, home-manager, nixos-wsl, NixVirt }:
   let
     system = "x86_64-linux";
     pkgs = import nixpkgs {
@@ -53,6 +53,8 @@
           ./src/system/machines/workstation
           home-manager.nixosModules.home-manager
             (import ./src/system/machines/workstation/modules/home-manager)
+          NixVirt.nixosModules.default
+            (import ./src/system/VMs)
         ];
       };
 
@@ -82,8 +84,6 @@
           ./src/system/machines/vm
           home-manager.nixosModules.home-manager
             (import ./src/system/machines/vm/modules/home-manager)
-          disko.nixosModules.disko
-            (import ./src/system/machines/vm/modules/disko)
         ];
       };
     };

justfile

@@ -27,6 +27,7 @@ out TYPE SYSTEM="desktop":
     "nix")
       if
         [ "{{SYSTEM}}" = "desktop" ] || \
+        [ "{{SYSTEM}}" = "workstation" ] || \
         [ "{{SYSTEM}}" = "server" ] || \
         [ "{{SYSTEM}}" = "wsl" ] || \
         [ "{{SYSTEM}}" = "vm" ] || \
@@ -40,6 +41,7 @@ out TYPE SYSTEM="desktop":
   Error: Unknown argument - '{{SYSTEM}}'
   Use one of:
     desktop
+    workstation
     server
     laptop
     vm
@@ -72,6 +74,7 @@ test TYPE SYSTEM="desktop":
     "nix")
       if
         [ "{{SYSTEM}}" = "desktop" ] || \
+        [ "{{SYSTEM}}" = "workstation" ] || \
         [ "{{SYSTEM}}" = "server" ] || \
         [ "{{SYSTEM}}" = "wsl" ] || \
         [ "{{SYSTEM}}" = "vm" ] || \
@@ -85,6 +88,7 @@ test TYPE SYSTEM="desktop":
   Error: Unknown argument - '{{SYSTEM}}'
   Use one of:
     desktop
+    workstation
     server
     laptop
     vm
@@ -117,6 +121,7 @@ build TYPE SYSTEM="desktop":
     "nix")
       if
         [ "{{SYSTEM}}" = "desktop" ] || \
+        [ "{{SYSTEM}}" = "workstation" ] || \
         [ "{{SYSTEM}}" = "server" ] || \
         [ "{{SYSTEM}}" = "wsl" ] || \
         [ "{{SYSTEM}}" = "vm" ] || \
@@ -132,6 +137,7 @@ build TYPE SYSTEM="desktop":
   Error: Unknown argument - '{{SYSTEM}}'
   Use one of:
     desktop
+    workstation
     server
     laptop
     vm
@@ -162,6 +168,7 @@ vm SYSTEM:
   set -euo pipefail
   if
     [ "{{SYSTEM}}" = "desktop" ] || \
+    [ "{{SYSTEM}}" = "workstation" ] || \
     [ "{{SYSTEM}}" = "server" ] || \
     [ "{{SYSTEM}}" = "wsl" ] || \
     [ "{{SYSTEM}}" = "vm" ] || \
@@ -182,6 +189,7 @@ vm SYSTEM:
   Error: Unknown argument - '{{SYSTEM}}'
   Use one of:
     desktop
+    workstation
     server
     laptop
     vm

src/system/VMs/config/machines/Test_Bench1.xml

@@ -0,0 +1,192 @@
+<domain type='kvm'>
+  <name>Test_Bench1</name>
+  <uuid>6dab32d2-aa81-469f-a0d7-dbe4a12c2337</uuid>
+  <description>
+  Rocky 9.2 
+  Redhawk 9.2
+  SimWB 2024.2-0
+  </description>
+  <metadata>
+    <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
+      <libosinfo:os id="http://rockylinux.org/rocky/9"/>
+    </libosinfo:libosinfo>
+  </metadata>
+  <memory unit='KiB'>4194304</memory>
+  <currentMemory unit='KiB'>4194304</currentMemory>
+  <vcpu placement='static'>4</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-q35-9.1'>hvm</type>
+    <loader readonly='yes' type='pflash'>/run/libvirt/nix-ovmf/OVMF_CODE.fd</loader>
+    <nvram template='/run/libvirt/nix-ovmf/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/Test_Bench1_VARS.fd</nvram>
+    <bootmenu enable='yes'/>
+  </os>
+  <features>
+    <acpi/>
+    <apic/>
+    <vmport state='off'/>
+  </features>
+  <cpu mode='host-passthrough' check='none' migratable='on'/>
+  <clock offset='utc'>
+    <timer name='rtc' tickpolicy='catchup'/>
+    <timer name='pit' tickpolicy='delay'/>
+    <timer name='hpet' present='no'/>
+  </clock>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <pm>
+    <suspend-to-mem enabled='no'/>
+    <suspend-to-disk enabled='no'/>
+  </pm>
+  <devices>
+    <emulator>/run/libvirt/nix-emulators/qemu-system-x86_64</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='/var/lib/libvirt/images/rocky9.qcow2'/>
+      <target dev='vda' bus='virtio'/>
+      <boot order='2'/>
+      <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
+    </disk>
+    <disk type='file' device='cdrom'>
+      <driver name='qemu' type='raw'/>
+      <target dev='sda' bus='sata'/>
+      <readonly/>
+      <boot order='1'/>
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+    </disk>
+    <controller type='usb' index='0' model='qemu-xhci' ports='15'>
+      <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
+    </controller>
+    <controller type='pci' index='0' model='pcie-root'/>
+    <controller type='pci' index='1' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='1' port='0x10'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
+    </controller>
+    <controller type='pci' index='2' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='2' port='0x11'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
+    </controller>
+    <controller type='pci' index='3' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='3' port='0x12'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
+    </controller>
+    <controller type='pci' index='4' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='4' port='0x13'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
+    </controller>
+    <controller type='pci' index='5' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='5' port='0x14'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
+    </controller>
+    <controller type='pci' index='6' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='6' port='0x15'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
+    </controller>
+    <controller type='pci' index='7' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='7' port='0x16'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/>
+    </controller>
+    <controller type='pci' index='8' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='8' port='0x17'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/>
+    </controller>
+    <controller type='pci' index='9' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='9' port='0x18'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/>
+    </controller>
+    <controller type='pci' index='10' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='10' port='0x19'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/>
+    </controller>
+    <controller type='pci' index='11' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='11' port='0x1a'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/>
+    </controller>
+    <controller type='pci' index='12' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='12' port='0x1b'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/>
+    </controller>
+    <controller type='pci' index='13' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='13' port='0x1c'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/>
+    </controller>
+    <controller type='pci' index='14' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='14' port='0x1d'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/>
+    </controller>
+    <controller type='sata' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
+    </controller>
+    <controller type='virtio-serial' index='0'>
+      <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
+    </controller>
+    <interface type='network'>
+      <mac address='52:54:00:b9:fb:c0'/>
+      <source network='default'/>
+      <model type='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
+    </interface>
+    <serial type='pty'>
+      <target type='isa-serial' port='0'>
+        <model name='isa-serial'/>
+      </target>
+    </serial>
+    <console type='pty'>
+      <target type='serial' port='0'/>
+    </console>
+    <channel type='unix'>
+      <target type='virtio' name='org.qemu.guest_agent.0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='1'/>
+    </channel>
+    <channel type='spicevmc'>
+      <target type='virtio' name='com.redhat.spice.0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='2'/>
+    </channel>
+    <input type='tablet' bus='usb'>
+      <address type='usb' bus='0' port='1'/>
+    </input>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <graphics type='spice' autoport='yes'>
+      <listen type='address'/>
+      <image compression='off'/>
+    </graphics>
+    <sound model='ich9'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
+    </sound>
+    <audio id='1' type='spice'/>
+    <video>
+      <model type='virtio' heads='1' primary='yes'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
+    </video>
+    <redirdev bus='usb' type='spicevmc'>
+      <address type='usb' bus='0' port='2'/>
+    </redirdev>
+    <redirdev bus='usb' type='spicevmc'>
+      <address type='usb' bus='0' port='3'/>
+    </redirdev>
+    <watchdog model='itco' action='reset'/>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
+    </memballoon>
+    <rng model='virtio'>
+      <backend model='random'>/dev/urandom</backend>
+      <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
+    </rng>
+  </devices>
+</domain>
+

src/system/VMs/config/networks/virbr0.xml

@@ -0,0 +1,17 @@
+<network>
+  <name>default</name>
+  <uuid>14667e27-1e89-40fb-ba5a-381a6c79bd5f</uuid>
+  <forward mode='nat'>
+    <nat>
+      <port start='1024' end='65535'/>
+    </nat>
+  </forward>
+  <bridge name='virbr0' stp='on' delay='0'/>
+  <mac address='52:54:00:f4:a4:3d'/>
+  <ip address='192.168.122.1' netmask='255.255.255.0'>
+    <dhcp>
+      <range start='192.168.122.2' end='192.168.122.254'/>
+    </dhcp>
+  </ip>
+</network>
+

src/system/VMs/config/storage/pools/default.xml

@@ -0,0 +1,18 @@
+<pool type='dir'>
+  <name>default</name>
+  <uuid>70edbae5-7ea6-4996-a457-bc1d450b6be4</uuid>
+  <capacity unit='bytes'>536608768000</capacity>
+  <allocation unit='bytes'>31873052672</allocation>
+  <available unit='bytes'>504735715328</available>
+  <source>
+  </source>
+  <target>
+    <path>/var/lib/libvirt/images</path>
+    <permissions>
+      <mode>0711</mode>
+      <owner>0</owner>
+      <group>0</group>
+    </permissions>
+  </target>
+</pool>
+

src/system/VMs/config/storage/volumes/rocky9.xml

@@ -0,0 +1,28 @@
+<volume type='file'>
+  <name>rocky9.qcow2</name>
+  <key>/var/lib/libvirt/images/rocky9.qcow2</key>
+  <capacity unit='bytes'>107374182400</capacity>
+  <allocation unit='bytes'>10468622336</allocation>
+  <physical unit='bytes'>107390828544</physical>
+  <target>
+    <path>/var/lib/libvirt/images/rocky9.qcow2</path>
+    <format type='qcow2'/>
+    <permissions>
+      <mode>0600</mode>
+      <owner>0</owner>
+      <group>0</group>
+    </permissions>
+    <timestamps>
+      <atime>1738001245.563436511</atime>
+      <mtime>1738001224.380580475</mtime>
+      <ctime>1738001224.667578536</ctime>
+      <btime>0</btime>
+    </timestamps>
+    <compat>1.1</compat>
+    <clusterSize unit='B'>65536</clusterSize>
+    <features>
+      <lazy_refcounts/>
+    </features>
+  </target>
+</volume>
+

src/system/VMs/default.nix

@@ -0,0 +1,35 @@
+{ pkgs, lib, config, ... }:
+
+{
+  virtualisation.libvirt = {
+    enable = true;
+    verbose = true;
+
+    connections."qemu:///system" = {
+      domains = [
+        {
+          definition = ./config/machines/Test_Bench1.xml;
+        }
+      ];
+
+      pools = [
+        {
+          definition = ./config/storage/pools/default.xml;
+          active = true;
+          volumes = [
+            {
+              definition = ./config/storage/volumes/rocky9.xml;
+            }
+          ];
+        }
+      ];
+
+      networks = [
+        {
+          definition = ./config/networks/virbr0.xml;
+          active = true;
+        }
+      ];
+    };
+  };
+}

src/system/machines/workstation/hardware.nix

@@ -60,14 +60,6 @@
     };
   };
   
-  virtualisation.libvirtd = {
-    enable = true;
-    qemu = {
-      runAsRoot = true;
-      ovmf.enable = true;
-    };
-  };
-
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
 }

src/system/machines/workstation/system.nix

@@ -1,5 +1,6 @@
 { pkgs, lib, config, ... }:
 
+with lib;
 { system.stateVersion = "23.11";
 
   users.users = {
@@ -9,7 +10,7 @@
         ++ [ "video" "audio" "kvm" "libvirtd" "dialout" ];
       openssh.authorizedKeys.keys = [ 
         "${config.user.keys.ssh.primary}" 
-        "${config.user.keys.ssh.ccur}" 
+        "${config.user.keys.ssh.work}" 
       ];
     };
   };
@@ -98,6 +99,7 @@
         "3.pool.ntp.org"
       ];
     };
+
     pipewire = {
       enable = true;
       audio.enable = true;
@@ -109,6 +111,7 @@
       alsa.enable = true;
       alsa.support32Bit = true;
     };
+
     openssh = {
       enable = true;
       startWhenNeeded = false;

src/user/modules/bash/config/prompt.nix

@@ -32,13 +32,12 @@ check_venv() {
   js="js"
   nix="nix"
 
-  ${if gui.enable then ''
+  ${optionalString gui.enable ''
   if [ -n "$DISPLAY" ]; then
     py=""
     js="󰌞"
     nix=""
   fi
-  '' else ''
   ''}
 
   python_icon="\[\033[01;33m\]$py\[\033[00m\]"

src/user/modules/security/modules/gpg/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, lib, config, osConfig, ... }:
 
 with lib;
 let
@@ -18,10 +18,12 @@ in
           text = "${config.user.keys.pgp.primary}";
           trust = 5;
         }
+      ] ++ optionals (osConfig.networking.hostName == "desktop") [
         {
           text = "${config.user.keys.pgp.windows}";
           trust = 5;
         }
+      ] ++ optionals (osConfig.networking.hostName == "workstation") [
         {
           text = "${config.user.keys.pgp.work}";
           trust = 5;

src/user/modules/utils/modules/dev/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, lib, config, osConfig, ... }:
 
 with lib;
 let
@@ -16,6 +16,7 @@ in
       qrencode
 
       docker
+    ] ++ optionals (osConfig.virtualisation.libvirt.enable) [
       virt-manager
     ];