From bf91e14e4dc68854a0dda0cbc2ffe674275b953e Mon Sep 17 00:00:00 2001
From: chn <chn@chn.moe>
Date: Sat, 19 Apr 2025 12:55:42 +0800
Subject: [PATCH] modules.services.nixvirt: init

---
 devices/srv3/default.nix     |  3 ++-
 doc/setup.md                 |  1 +
 flake.lock                   | 21 ++++++++++++++++
 flake.nix                    |  1 +
 modules/default.nix          |  1 +
 modules/services/nixvirt.nix | 47 ++++++++++++++++++++++++++++++++++++
 6 files changed, 73 insertions(+), 1 deletion(-)
 create mode 100644 modules/services/nixvirt.nix

diff --git a/devices/srv3/default.nix b/devices/srv3/default.nix
index c8011cde..cbf45323 100644
--- a/devices/srv3/default.nix
+++ b/devices/srv3/default.nix
@@ -30,7 +30,8 @@ inputs:
       hardware.cpus = [ "intel" ];
       services =
       {
-        beesd."/".hashTableSizeMB = 128;
+        # 大部分空间用于存储虚拟机（nodatacow），其它内容不多
+        beesd."/".hashTableSizeMB = 32;
         sshd = {};
       };
       virtualization.kvmHost = { enable = true; gui = true; };
diff --git a/doc/setup.md b/doc/setup.md
index 54bfdd72..bbfdfe75 100644
--- a/doc/setup.md
+++ b/doc/setup.md
@@ -27,4 +27,5 @@ mungekey -k munge.key
 mv munge.key munge.key.orig
 sops -e --input-type binary --output-type binary munge.key.orig > munge.key
 rm munge.key.orig
+sudo nix build --store 'local?root=/mnt' --option substituters https://nix-store.chn.moe --option require-sigs false  /nix/store/khhqmly5295ns33dz1s3m3sb79icj6bi-nixos-system-srv3-production-24.11
 ```
diff --git a/flake.lock b/flake.lock
index b056a00b..3593764f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -982,6 +982,26 @@
         "type": "github"
       }
     },
+    "nixvirt": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1741549407,
+        "narHash": "sha256-f9SXK+/rvlryDNlc++Eva/hYjbkf7OCalWwmwifRhtI=",
+        "owner": "AshleyYakeley",
+        "repo": "NixVirt",
+        "rev": "9950b932dce4ae6b9bda7c83d41705c1a14e10f0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "AshleyYakeley",
+        "repo": "NixVirt",
+        "type": "github"
+      }
+    },
     "nu-scripts": {
       "flake": false,
       "locked": {
@@ -1287,6 +1307,7 @@
         "nixpkgs-23.05": "nixpkgs-23.05",
         "nixpkgs-23.11": "nixpkgs-23.11",
         "nixpkgs-unstable": "nixpkgs-unstable",
+        "nixvirt": "nixvirt",
         "nu-scripts": "nu-scripts",
         "nur-linyinfeng": "nur-linyinfeng",
         "nur-xddxdd": "nur-xddxdd",
diff --git a/flake.nix b/flake.nix
index a5435eac..3210c9ed 100644
--- a/flake.nix
+++ b/flake.nix
@@ -38,6 +38,7 @@
     winapps = { url = "github:winapps-org/winapps/feat-nix-packaging"; inputs.nixpkgs.follows = "nixpkgs"; };
     aagl = { url = "github:ezKEa/aagl-gtk-on-nix/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; };
     cachyos-lts.url = "github:drakon64/nixos-cachyos-kernel";
+    nixvirt = { url = "github:AshleyYakeley/NixVirt"; inputs.nixpkgs.follows = "nixpkgs"; };
 
     misskey = { url = "git+https://github.com/CHN-beta/misskey?submodules=1"; flake = false; };
     rsshub = { url = "github:DIYgod/RSSHub"; flake = false; };
diff --git a/modules/default.nix b/modules/default.nix
index e97f6c5d..e01eefa8 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -11,6 +11,7 @@ inputs: let inherit (inputs) topInputs; in
     { config.chaotic.nyx.overlay.onTopOf = "user-pkgs"; }
     topInputs.catppuccin.nixosModules.catppuccin
     topInputs.aagl.nixosModules.default
+    topInputs.nixvirt.nixosModules.default
     (inputs:
     {
       config =
diff --git a/modules/services/nixvirt.nix b/modules/services/nixvirt.nix
new file mode 100644
index 00000000..4b508f5a
--- /dev/null
+++ b/modules/services/nixvirt.nix
@@ -0,0 +1,47 @@
+inputs:
+{
+  options.nixos.services.nixvirt = let inherit (inputs.lib) mkOption types; in mkOption
+  {
+    type = types.nullOr (types.attrsOf (types.submodule
+    {
+      storage = mkOption { type = types.nonEmptyStr; };
+      memoryGB = mkOption { type = types.ints.unsigned; };
+      cpus = mkOption { type = types.ints.unsigned; };
+      vncPort = mkOption { type = types.ints.unsigned; };
+    }));
+    default = null;
+  };
+  config = let inherit (inputs.config.nixos.services) nixvirt; in inputs.lib.mkIf (nixvirt != {})
+  {
+    # TODO: switch on nixos.virtualisation.kvm
+    virtualisation.libvirt =
+    {
+      enable = true;
+      verbose = true;
+      connections."qemu:///system" = let inherit (inputs.topInputs.nixvirt) lib; in
+      {
+        domains =
+        [{
+          definition = lib.domain.writeXML (lib.domain.templates.linux
+          {
+            name = "Penguin";
+            uuid = "cc7439ed-36af-4696-a6f2-1f0c4474d87e";
+            memory = { count = 6; unit = "GiB"; };
+            storage_vol = { pool = "MyPool"; volume = "Penguin.qcow2"; };
+          });
+        }];
+        networks =
+        [{
+          definition = lib.network.writeXML (lib.network.templates.bridge
+          {
+            uuid = "8f403474-f8d6-4fa7-991a-f62f40d51191";
+            subnet_byte = 122;
+          });
+          active = true;
+        }];
+        # 不通过它来定义存储，手动控制存储
+        pools = null;
+      };
+    };
+  };
+}