6 files changed, 67 insertions, 13 deletions

diff --git a/flake.lock b/flake.lock
index f566bec..123f38c 100644
--- a/flake.lock
+++ b/flake.lock
@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1710164657,
-        "narHash": "sha256-l64+ZjaQAVkHDVaK0VHwtXBdjcBD6nLBD+p7IfyBp/w=",
+        "lastModified": 1710532761,
+        "narHash": "sha256-SUXGZNrXX05YA9G6EmgupxhOr3swI1gcxLUeDMUhrEY=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "017b12de5b899ef9b64e2c035ce257bfe95b8ae2",
+        "rev": "206f457fffdb9a73596a4cb2211a471bd305243d",
         "type": "github"
       },
       "original": {
@@ -22,11 +22,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1709961763,
-        "narHash": "sha256-6H95HGJHhEZtyYA3rIQpvamMKAGoa8Yh2rFV29QnuGw=",
+        "lastModified": 1710451336,
+        "narHash": "sha256-pP86Pcfu3BrAvRO7R64x7hs+GaQrjFes+mEPowCfkxY=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "3030f185ba6a4bf4f18b87f345f104e6a6961f34",
+        "rev": "d691274a972b3165335d261cc4671335f5c67de9",
         "type": "github"
       },
       "original": {
diff --git a/machines/x/configuration.nix b/machines/x/configuration.nix
index 33245d1..8a58bcb 100644
--- a/machines/x/configuration.nix
+++ b/machines/x/configuration.nix
@@ -31,12 +31,7 @@
   networking.hostName = "x";
 
   home-manager.users.compromyse = import ./home.nix;
-  services.xserver.desktopManager.plasma6.enable = true;
-
-  environment.plasma5.excludePackages = with pkgs.kdePackages; [
-    konsole
-    oxygen
-  ];
+  services.desktopManager.plasma6.enable = true;
 
   networking.extraHosts =
   ''
diff --git a/modules/compromyse.nix b/modules/compromyse.nix
index f822b46..a19b643 100644
--- a/modules/compromyse.nix
+++ b/modules/compromyse.nix
@@ -5,6 +5,6 @@
     initialPassword = "changeme";
     isNormalUser = true;
     # openssh.authorizedKeys.keys = [];
-    extraGroups = [ "wheel" "video" "storage" "input" "plugdev" "libvirtd" "docker" ];
+    extraGroups = [ "wheel" "video" "storage" "input" "plugdev" "libvirtd" "docker" "kvm" ];
   };
 }
diff --git a/modules/login.nix b/modules/login.nix
index 67cd6d9..58e4ac4 100644
--- a/modules/login.nix
+++ b/modules/login.nix
@@ -43,4 +43,9 @@
   };
 
   programs.dconf.enable = true;
+
+  environment.sessionVariables = {
+    __EGL_VENDOR_LIBRARY_FILENAMES = "${pkgs.mesa_drivers.outPath}/share/glvnd/egl_vendor.d/50_mesa.json";
+    __GLX_VENDOR_LIBRARY_NAME = "mesa";
+  };
 }
diff --git a/modules/passthrough.nix b/modules/passthrough.nix
index 28c64f2..3629ef9 100644
--- a/modules/passthrough.nix
+++ b/modules/passthrough.nix
@@ -3,6 +3,7 @@
 {
   environment.systemPackages = with pkgs; [
     supergfxctl
+    lsof
   ];
 
   services.supergfxd.enable = true;
diff --git a/modules/virtualization.nix b/modules/virtualization.nix
index 2d4937e..f3935c2 100644
--- a/modules/virtualization.nix
+++ b/modules/virtualization.nix
@@ -14,4 +14,57 @@
   };
   services.spice-vdagentd.enable = true;
   programs.virt-manager.enable = true;
+
+  systemd.tmpfiles.rules = [ "f /dev/shm/looking-glass 0660 compromyse kvm -" ];
+
+  environment.systemPackages = [
+    pkgs.looking-glass-client
+
+    (pkgs.writeShellScriptBin "bind-vfio" ''
+      modprobe -r nvidia_drm nvidia_modeset nvidia_uvm i2c_nvidia_gpu nvidia
+
+      modprobe vfio
+      modprobe vfio_iommu_type1
+      modprobe vfio_pci
+
+      systemctl --user -M compromyse@ stop pipewire.service pipewire.socket
+
+      virsh nodedev-detach pci_0000_01_00_0
+      virsh nodedev-detach pci_0000_01_00_1
+
+      systemctl --user -M compromyse@ restart pipewire.service pipewire.socket
+    '')
+
+    (pkgs.writeShellScriptBin "unbind-vfio" ''
+      systemctl --user -M compromyse@ stop pipewire.service pipewire.socket
+
+      virsh nodedev-reattach pci_0000_01_00_0
+      virsh nodedev-reattach pci_0000_01_00_1
+
+      systemctl --user -M compromyse@ restart pipewire.service pipewire.socket
+
+      modprobe -r vfio_pci
+      modprobe -r vfio_iommu_type1
+      modprobe -r vfio
+
+      modprobe nvidia_drm nvidia_modeset nvidia_uvm i2c_nvidia_gpu nvidia
+    '')
+
+    (pkgs.writeShellScriptBin "pin-cpu" ''
+      if [[ $1 == "" ]]; then
+        cpus="8-15"
+      else
+        cpus=$1
+      fi
+      systemctl set-property --runtime -- user.slice AllowedCPUs="$cpus"
+      systemctl set-property --runtime -- system.slice AllowedCPUs="$cpus"
+      systemctl set-property --runtime -- init.scope AllowedCPUs="$cpus"
+    '')
+
+    (pkgs.writeShellScriptBin "unpin-cpu" ''
+      systemctl set-property --runtime -- user.slice AllowedCPUs=""
+      systemctl set-property --runtime -- system.slice AllowedCPUs=""
+      systemctl set-property --runtime -- init.scope AllowedCPUs=""
+    '')
+  ];
 }