limeburst/configuration.nix

## configuration.nix
# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];

  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  # networking.hostName = "nixos"; # Define your hostname.
  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

  # Configure network proxy if necessary
  # networking.proxy.default = "http://user:password@proxy:port/";
  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";

  # Select internationalisation properties.
  # i18n = {
  #   consoleFont = "Lat2-Terminus16";
  #   consoleKeyMap = "us";
  #   defaultLocale = "en_US.UTF-8";
  # };

  # Set your time zone.
  # time.timeZone = "Europe/Amsterdam";

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  # environment.systemPackages = with pkgs; [
  #   wget vim
  # ];

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };

  # List services that you want to enable:

  # Enable the OpenSSH daemon.
  # services.openssh.enable = true;

  # Open ports in the firewall.
  # networking.firewall.allowedTCPPorts = [ ... ];
  # networking.firewall.allowedUDPPorts = [ ... ];
  # Or disable the firewall altogether.
  # networking.firewall.enable = false;

  # Enable CUPS to print documents.
  # services.printing.enable = true;

  # Enable sound.
  # sound.enable = true;
  # hardware.pulseaudio.enable = true;
  hardware.opengl.enable = true;

  # Enable the X11 windowing system.
  # services.xserver.enable = true;
  # services.xserver.layout = "us";
  # services.xserver.xkbOptions = "eurosign:e";

  # Enable touchpad support.
  # services.xserver.libinput.enable = true;

  # Enable the KDE Desktop Environment.
  # services.xserver.displayManager.sddm.enable = true;
  # services.xserver.desktopManager.plasma5.enable = true;

  # Define a user account. Don't forget to set a password with ‘passwd’.
  # users.users.guest = {
  #   isNormalUser = true;
  #   uid = 1000;
  # };

  # This value determines the NixOS release with which your system is to be
  # compatible, in order to avoid breaking some software such as database
  # servers. You should change this only after NixOS release notes say you
  # should.
  system.stateVersion = "18.09"; # Did you read the comment?

  boot.initrd.luks.devices = [
    {
      name = "root";
      device = "/dev/sda2";
      preLVM = true;
    }
  ];

  boot.kernelParams = ["intel_iommu=on" "hugepages=4096"];
  boot.blacklistedKernelModules = ["nvidia" "nouveau"];
  boot.kernelModules = ["vfio_virqfd" "vfio_pci" "vfio_iommu_type1" "vfio"];
  boot.extraModprobeConfig = "options vfio-pci ids=10de:1c02,10de:10f1";
  virtualisation = {
    libvirtd = {
      enable = true;
      qemuOvmf = true;
    };
  };

  users.extraUsers.limeburst = {
    createHome = true;
    extraGroups = ["wheel" "video" "audio" "disk" "libvirtd"];
    group = "users";
    home = "/home/limeburst";
    isNormalUser = true;
    uid = 1000;
  };

  environment.systemPackages = (with pkgs; [
    # for virt-manager to remember connections
    # https://github.com/NixOS/nixpkgs/issues/42433
    gnome3.dconf

    firefox
    git
    htop
    neovim
    wget
  ]);

  fonts.fonts = with pkgs; [
    noto-fonts
    noto-fonts-cjk
    noto-fonts-emoji
  ];
}

## win10.xml
<domain type='kvm'>
  <name>win10</name>
  <uuid>798acfd6-41da-4852-9328-0a7be3c52c06</uuid>
  <metadata>
    <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
      <libosinfo:os id="http://microsoft.com/win/10"/>
    </libosinfo:libosinfo>
  </metadata>
  <memory unit='KiB'>8388608</memory>
  <currentMemory unit='KiB'>8388608</currentMemory>
  <memoryBacking>
    <hugepages/>
  </memoryBacking>
  <vcpu placement='static'>4</vcpu>
  <cputune>
    <vcpupin vcpu='0' cpuset='2'/>
    <vcpupin vcpu='1' cpuset='6'/>
    <vcpupin vcpu='2' cpuset='3'/>
    <vcpupin vcpu='3' cpuset='7'/>
    <emulatorpin cpuset='0-1,4-5'/>
    <vcpusched vcpus='0' scheduler='fifo' priority='1'/>
    <vcpusched vcpus='1' scheduler='fifo' priority='1'/>
    <vcpusched vcpus='2' scheduler='fifo' priority='1'/>
    <vcpusched vcpus='3' scheduler='fifo' priority='1'/>
  </cputune>
  <os>
    <type arch='x86_64' machine='pc-q35-3.0'>hvm</type>
    <loader readonly='yes' type='pflash'>/run/libvirt/nix-ovmf/OVMF_CODE.fd</loader>
    <nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
    <hyperv>
      <relaxed state='on'/>
      <vapic state='on'/>
      <spinlocks state='on' retries='8191'/>
      <vendor_id state='on' value='NvidiaFckYou'/>
    </hyperv>
    <kvm>
      <hidden state='on'/>
    </kvm>
    <vmport state='off'/>
  </features>
  <cpu mode='host-passthrough' check='partial'>
    <topology sockets='1' cores='2' threads='2'/>
  </cpu>
  <clock offset='localtime'>
    <timer name='rtc' tickpolicy='catchup'/>
    <timer name='pit' tickpolicy='delay'/>
    <timer name='hpet' present='no'/>
    <timer name='hypervclock' present='yes'/>
  </clock>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>destroy</on_crash>
  <pm>
    <suspend-to-mem enabled='no'/>
    <suspend-to-disk enabled='no'/>
  </pm>
  <devices>
    <emulator>/run/libvirt/nix-emulators/qemu-kvm</emulator>
    <disk type='file' device='disk'>
      <driver name='qemu' type='qcow2'/>
      <source file='/var/lib/libvirt/images/win10.qcow2'/>
      <target dev='sda' bus='sata'/>
      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
    </disk>
    <controller type='usb' index='0' model='qemu-xhci' ports='15'>
      <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
    </controller>
    <controller type='sata' index='0'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
    </controller>
    <controller type='pci' index='0' model='pcie-root'/>
    <controller type='pci' index='1' model='pcie-root-port'>
      <model name='pcie-root-port'/>
      <target chassis='1' port='0x10'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
    </controller>
    <controller type='pci' index='2' model='pcie-root-port'>
      <model name='pcie-root-port'/>
      <target chassis='2' port='0x11'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
    </controller>
    <controller type='pci' index='3' model='pcie-root-port'>
      <model name='pcie-root-port'/>
      <target chassis='3' port='0x12'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
    </controller>
    <controller type='pci' index='4' model='pcie-root-port'>
      <model name='pcie-root-port'/>
      <target chassis='4' port='0x13'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
    </controller>
    <controller type='pci' index='5' model='pcie-root-port'>
      <model name='pcie-root-port'/>
      <target chassis='5' port='0x14'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
    </controller>
    <controller type='pci' index='6' model='pcie-root-port'>
      <model name='pcie-root-port'/>
      <target chassis='6' port='0x15'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
    </controller>
    <interface type='network'>
      <mac address='52:54:00:30:f8:65'/>
      <source network='default'/>
      <model type='e1000e'/>
      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
    </interface>
    <serial type='pty'>
      <target type='isa-serial' port='0'>
        <model name='isa-serial'/>
      </target>
    </serial>
    <console type='pty'>
      <target type='serial' port='0'/>
    </console>
    <input type='mouse' bus='ps2'/>
    <input type='keyboard' bus='ps2'/>
    <hostdev mode='subsystem' type='pci' managed='yes'>
      <source>
        <address domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
      </source>
      <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
    </hostdev>
    <hostdev mode='subsystem' type='pci' managed='yes'>
      <source>
        <address domain='0x0000' bus='0x01' slot='0x00' function='0x1'/>
      </source>
      <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
    </hostdev>
    <hostdev mode='subsystem' type='usb' managed='yes'>
      <source>
        <vendor id='0x0853'/>
        <product id='0x0100'/>
      </source>
      <address type='usb' bus='0' port='4'/>
    </hostdev>
    <hostdev mode='subsystem' type='usb' managed='yes'>
      <source>
        <vendor id='0x046d'/>
        <product id='0xc52b'/>
      </source>
      <address type='usb' bus='0' port='1'/>
    </hostdev>
    <memballoon model='virtio'>
      <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
    </memballoon>
  </devices>
</domain>
	# Edit this configuration file to define what should be installed on
	# your system. Help is available in the configuration.nix(5) man page
	# and in the NixOS manual (accessible by running ‘nixos-help’).

	{ config, pkgs, ... }:

	{
	imports =
	[ # Include the results of the hardware scan.
	./hardware-configuration.nix
	];

	# Use the systemd-boot EFI boot loader.
	boot.loader.systemd-boot.enable = true;
	boot.loader.efi.canTouchEfiVariables = true;

	# networking.hostName = "nixos"; # Define your hostname.
	# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.

	# Configure network proxy if necessary
	# networking.proxy.default = "http://user:password@proxy:port/";
	# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";

	# Select internationalisation properties.
	# i18n = {
	# consoleFont = "Lat2-Terminus16";
	# consoleKeyMap = "us";
	# defaultLocale = "en_US.UTF-8";
	# };

	# Set your time zone.
	# time.timeZone = "Europe/Amsterdam";

	# List packages installed in system profile. To search, run:
	# $ nix search wget
	# environment.systemPackages = with pkgs; [
	# wget vim
	# ];

	# Some programs need SUID wrappers, can be configured further or are
	# started in user sessions.
	# programs.mtr.enable = true;
	# programs.gnupg.agent = { enable = true; enableSSHSupport = true; };

	# List services that you want to enable:

	# Enable the OpenSSH daemon.
	# services.openssh.enable = true;

	# Open ports in the firewall.
	# networking.firewall.allowedTCPPorts = [ ... ];
	# networking.firewall.allowedUDPPorts = [ ... ];
	# Or disable the firewall altogether.
	# networking.firewall.enable = false;

	# Enable CUPS to print documents.
	# services.printing.enable = true;

	# Enable sound.
	# sound.enable = true;
	# hardware.pulseaudio.enable = true;
	hardware.opengl.enable = true;

	# Enable the X11 windowing system.
	# services.xserver.enable = true;
	# services.xserver.layout = "us";
	# services.xserver.xkbOptions = "eurosign:e";

	# Enable touchpad support.
	# services.xserver.libinput.enable = true;

	# Enable the KDE Desktop Environment.
	# services.xserver.displayManager.sddm.enable = true;
	# services.xserver.desktopManager.plasma5.enable = true;

	# Define a user account. Don't forget to set a password with ‘passwd’.
	# users.users.guest = {
	# isNormalUser = true;
	# uid = 1000;
	# };

	# This value determines the NixOS release with which your system is to be
	# compatible, in order to avoid breaking some software such as database
	# servers. You should change this only after NixOS release notes say you
	# should.
	system.stateVersion = "18.09"; # Did you read the comment?

	boot.initrd.luks.devices = [
	{
	name = "root";
	device = "/dev/sda2";
	preLVM = true;
	}
	];

	boot.kernelParams = ["intel_iommu=on" "hugepages=4096"];
	boot.blacklistedKernelModules = ["nvidia" "nouveau"];
	boot.kernelModules = ["vfio_virqfd" "vfio_pci" "vfio_iommu_type1" "vfio"];
	boot.extraModprobeConfig = "options vfio-pci ids=10de:1c02,10de:10f1";
	virtualisation = {
	libvirtd = {
	enable = true;
	qemuOvmf = true;
	};
	};

	users.extraUsers.limeburst = {
	createHome = true;
	extraGroups = ["wheel" "video" "audio" "disk" "libvirtd"];
	group = "users";
	home = "/home/limeburst";
	isNormalUser = true;
	uid = 1000;
	};

	environment.systemPackages = (with pkgs; [
	# for virt-manager to remember connections
	# https://github.com/NixOS/nixpkgs/issues/42433
	gnome3.dconf

	firefox
	git
	htop
	neovim
	wget
	]);

	fonts.fonts = with pkgs; [
	noto-fonts
	noto-fonts-cjk
	noto-fonts-emoji
	];
	}
	<domain type='kvm'>
	<name>win10</name>
	<uuid>798acfd6-41da-4852-9328-0a7be3c52c06</uuid>
	<metadata>
	<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
	<libosinfo:os id="http://microsoft.com/win/10"/>
	</libosinfo:libosinfo>
	</metadata>
	<memory unit='KiB'>8388608</memory>
	<currentMemory unit='KiB'>8388608</currentMemory>
	<memoryBacking>
	<hugepages/>
	</memoryBacking>
	<vcpu placement='static'>4</vcpu>
	<cputune>
	<vcpupin vcpu='0' cpuset='2'/>
	<vcpupin vcpu='1' cpuset='6'/>
	<vcpupin vcpu='2' cpuset='3'/>
	<vcpupin vcpu='3' cpuset='7'/>
	<emulatorpin cpuset='0-1,4-5'/>
	<vcpusched vcpus='0' scheduler='fifo' priority='1'/>
	<vcpusched vcpus='1' scheduler='fifo' priority='1'/>
	<vcpusched vcpus='2' scheduler='fifo' priority='1'/>
	<vcpusched vcpus='3' scheduler='fifo' priority='1'/>
	</cputune>
	<os>
	<type arch='x86_64' machine='pc-q35-3.0'>hvm</type>
	<loader readonly='yes' type='pflash'>/run/libvirt/nix-ovmf/OVMF_CODE.fd</loader>
	<nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram>
	<boot dev='hd'/>
	</os>
	<features>
	<acpi/>
	<apic/>
	<hyperv>
	<relaxed state='on'/>
	<vapic state='on'/>
	<spinlocks state='on' retries='8191'/>
	<vendor_id state='on' value='NvidiaFckYou'/>
	</hyperv>
	<kvm>
	<hidden state='on'/>
	</kvm>
	<vmport state='off'/>
	</features>
	<cpu mode='host-passthrough' check='partial'>
	<topology sockets='1' cores='2' threads='2'/>
	</cpu>
	<clock offset='localtime'>
	<timer name='rtc' tickpolicy='catchup'/>
	<timer name='pit' tickpolicy='delay'/>
	<timer name='hpet' present='no'/>
	<timer name='hypervclock' present='yes'/>
	</clock>
	<on_poweroff>destroy</on_poweroff>
	<on_reboot>restart</on_reboot>
	<on_crash>destroy</on_crash>
	<pm>
	<suspend-to-mem enabled='no'/>
	<suspend-to-disk enabled='no'/>
	</pm>
	<devices>
	<emulator>/run/libvirt/nix-emulators/qemu-kvm</emulator>
	<disk type='file' device='disk'>
	<driver name='qemu' type='qcow2'/>
	<source file='/var/lib/libvirt/images/win10.qcow2'/>
	<target dev='sda' bus='sata'/>
	<address type='drive' controller='0' bus='0' target='0' unit='0'/>
	</disk>
	<controller type='usb' index='0' model='qemu-xhci' ports='15'>
	<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
	</controller>
	<controller type='sata' index='0'>
	<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
	</controller>
	<controller type='pci' index='0' model='pcie-root'/>
	<controller type='pci' index='1' model='pcie-root-port'>
	<model name='pcie-root-port'/>
	<target chassis='1' port='0x10'/>
	<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
	</controller>
	<controller type='pci' index='2' model='pcie-root-port'>
	<model name='pcie-root-port'/>
	<target chassis='2' port='0x11'/>
	<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
	</controller>
	<controller type='pci' index='3' model='pcie-root-port'>
	<model name='pcie-root-port'/>
	<target chassis='3' port='0x12'/>
	<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
	</controller>
	<controller type='pci' index='4' model='pcie-root-port'>
	<model name='pcie-root-port'/>
	<target chassis='4' port='0x13'/>
	<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
	</controller>
	<controller type='pci' index='5' model='pcie-root-port'>
	<model name='pcie-root-port'/>
	<target chassis='5' port='0x14'/>
	<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
	</controller>
	<controller type='pci' index='6' model='pcie-root-port'>
	<model name='pcie-root-port'/>
	<target chassis='6' port='0x15'/>
	<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
	</controller>
	<interface type='network'>
	<mac address='52:54:00:30:f8:65'/>
	<source network='default'/>
	<model type='e1000e'/>
	<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
	</interface>
	<serial type='pty'>
	<target type='isa-serial' port='0'>
	<model name='isa-serial'/>
	</target>
	</serial>
	<console type='pty'>
	<target type='serial' port='0'/>
	</console>
	<input type='mouse' bus='ps2'/>
	<input type='keyboard' bus='ps2'/>
	<hostdev mode='subsystem' type='pci' managed='yes'>
	<source>
	<address domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
	</source>
	<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
	</hostdev>
	<hostdev mode='subsystem' type='pci' managed='yes'>
	<source>
	<address domain='0x0000' bus='0x01' slot='0x00' function='0x1'/>
	</source>
	<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
	</hostdev>
	<hostdev mode='subsystem' type='usb' managed='yes'>
	<source>
	<vendor id='0x0853'/>
	<product id='0x0100'/>
	</source>
	<address type='usb' bus='0' port='4'/>
	</hostdev>
	<hostdev mode='subsystem' type='usb' managed='yes'>
	<source>
	<vendor id='0x046d'/>
	<product id='0xc52b'/>
	</source>
	<address type='usb' bus='0' port='1'/>
	</hostdev>
	<memballoon model='virtio'>
	<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
	</memballoon>
	</devices>
	</domain>