From 69857d405fcc45194b4a4c4bb1f9946c05e50631 Mon Sep 17 00:00:00 2001
From: Jon Santmyer <jon@jonsantmyer.com>
Date: Mon, 29 Apr 2024 17:05:09 -0400
Subject: add security nix, more programs for desktop

---
 modules/desktop/apps/virt.nix | 45 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 modules/desktop/apps/virt.nix

(limited to 'modules/desktop/apps/virt.nix')

diff --git a/modules/desktop/apps/virt.nix b/modules/desktop/apps/virt.nix
new file mode 100644
index 0000000..5851a0b
--- /dev/null
+++ b/modules/desktop/apps/virt.nix
@@ -0,0 +1,45 @@
+{
+    config,
+    options,
+    lib,
+    pkgs,
+    ...
+}: let
+    virtConfig = config.modules.desktop.apps.virt-manager;
+in
+{
+    options.modules.desktop.apps.virt-manager = {
+        enable = lib.mkOption {
+            type = lib.types.bool;
+            default = false;
+        };
+    };
+
+    config = lib.mkIf (virtConfig.enable) {
+        virtualisation.libvirtd = {
+            enable = true;
+            qemu = {
+                package = pkgs.qemu_kvm;
+                runAsRoot = true;
+                swtpm.enable = true;
+                ovmf = {
+                    enable = true;
+                    packages = [(pkgs.OVMF.override {
+                        secureBoot = true;
+                        tpmSupport = true;
+                    }).fd];
+                };
+            };
+        };
+        programs.virt-manager.enable = true;
+
+        home.manager.dconf.settings = {
+            "org/virt-manager/virt-manager/connections" = {
+                autoconnect = ["qemu:///system"];
+                uris = ["qemu:///system"];
+            };
+        };
+
+        user.extraGroups = ["libvirtd"];
+    };
+}
-- 
cgit v1.2.1