From 1059aa00264e31343cf021f0029734dbfc6e4617 Mon Sep 17 00:00:00 2001
From: Xory <xory@tutamail.com>
Date: Fri, 6 Mar 2026 16:48:14 +0200
Subject: [PATCH] feat: vfio

---
 configuration.nix         |  6 +++---
 hosts/nullstar/config.nix |  4 ++++
 hosts/nullstar/vfio.nix   | 23 +++++++++++++++++++++++
 3 files changed, 30 insertions(+), 3 deletions(-)
 create mode 100644 hosts/nullstar/vfio.nix

diff --git a/configuration.nix b/configuration.nix
index eee6997..e1e0ac7 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -99,7 +99,7 @@
   users.users.xory = {
     isNormalUser = true;
     description = "xory";
-    extraGroups = [ "networkmanager" "wheel" "docker" "libvirt" "dialout" ];
+    extraGroups = [ "networkmanager" "wheel" "docker" "libvirtd" "qemu-libvirtd" "kvm" "dialout" ];
     shell = pkgs.zsh;
     initialHashedPassword = "$6$JXLpG5JYMJgZndm9$0sC8uPJ99cYL.hNv3DFQ20ky8tiZoxioe9GlMEanTwAD99LJ175/bHtN6Bm6bYsQG1BVGRdmphnXEcWS9ApoK0"; # this is defined declaratively, i don't use passwd.
   };
@@ -149,8 +149,8 @@
           "--env=GTK_THEME=Adwaita:dark"
         ];
       };
-      signal-desktop-bin = {
-        executable = "${pkgs.signal-desktop-bin}/bin/signal-desktop";
+      signal-desktop = {
+        executable = "${pkgs.signal-desktop}/bin/signal-desktop";
         profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile";
         extraArgs = [
           "--env=GTK_THEME=Adwaita:dark"
diff --git a/hosts/nullstar/config.nix b/hosts/nullstar/config.nix
index 6e5a043..8ff8f7e 100644
--- a/hosts/nullstar/config.nix
+++ b/hosts/nullstar/config.nix
@@ -8,6 +8,10 @@
       (inputs.nixos-hardware.nixosModules.framework-16-7040-amd)
     ];
 
+  specialisation."VFIO".configuration = {
+    imports = [ ./vfio.nix ];
+  };
+
   services.fwupd.enable = true;
 
   networking.hostName = "nullstar";
diff --git a/hosts/nullstar/vfio.nix b/hosts/nullstar/vfio.nix
new file mode 100644
index 0000000..451b3c0
--- /dev/null
+++ b/hosts/nullstar/vfio.nix
@@ -0,0 +1,23 @@
+{ config, pkgs, ... }:
+
+{
+  boot.kernelParams = [
+    "amd_iommu=on"
+    "iommu=pt"
+    "vfio-pci.ids=1002:7480,1002:ab30"
+  ];
+
+  boot.initrd.kernelModules = [
+    "vfio"
+    "vfio_pci"
+    "vfio_iommu_type1"
+  ];
+
+  systemd.tmpfiles.rules = [
+    "f /dev/shm/looking-glass 0660 xory qemu-libvirtd -"
+  ];
+
+  environment.systemPackages = with pkgs; [
+    looking-glass-client
+  ];
+}