101 lines
2.8 KiB
Nix
Executable file
101 lines
2.8 KiB
Nix
Executable file
{ pkgs, ... }:
|
|
|
|
{
|
|
virtioWinIso = pkgs.fetchurl {
|
|
url = "https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/archive-virtio/virtio-win-0.1.229-1/virtio-win-0.1.229.iso";
|
|
hash = "sha256-yIoN3jRgXq7mz4ifPioMKvPK65G130WhJcpPcBrLu+A=";
|
|
};
|
|
|
|
openSshServerPackage = {
|
|
name = "OpenSSH-Win64.zip";
|
|
path = pkgs.fetchurl {
|
|
url = "https://github.com/PowerShell/Win32-OpenSSH/releases/download/v9.2.2.0p1-Beta/OpenSSH-Win64.zip";
|
|
hash = "sha256-7IFEoQcBR0DsPOFuxRcQOY/DkPylNEkxwVBufMLhgfM==";
|
|
};
|
|
};
|
|
|
|
mkQemuFlags =
|
|
{ efi ? true
|
|
, cores ? "4"
|
|
, memory ? "4G"
|
|
, extraFlags ? [ ]
|
|
, OVMF ? pkgs.OVMF.override {
|
|
secureBoot = true;
|
|
}
|
|
, enableTpm ? true
|
|
, vnc ? ":0"
|
|
, network ? true
|
|
, cpufeatures ? "+topoext,+invtsc,host-cache-info=on,l3-cache=on,x2apic=off"
|
|
, hvflags ? (
|
|
builtins.concatStringsSep "," [
|
|
"hv-relaxed"
|
|
"hv-vapic"
|
|
"hv-spinlocks=0x1fff"
|
|
"hv-vpindex"
|
|
"hv-runtime"
|
|
"hv-crash"
|
|
"hv-time"
|
|
"hv-synic"
|
|
"hv-stimer"
|
|
"hv-tlbflush"
|
|
"hv-ipi"
|
|
"hv-reset"
|
|
"hv-frequencies"
|
|
"hv-stimer-direct"
|
|
"hv-avic"
|
|
"hv-no-nonarch-coresharing=on"
|
|
]
|
|
)
|
|
, tap ? null
|
|
, macAddress ? "01:23:45:67:89:ab"
|
|
,
|
|
}: [
|
|
"-nodefaults"
|
|
"-no-user-config"
|
|
"-enable-kvm"
|
|
"-cpu host,check,enforce,migratable=no,kvm=on,${cpufeatures},${hvflags}"
|
|
"-smp ${cores}"
|
|
"-m ${memory}"
|
|
"-M q35,hpet=off,mem-merge=off"
|
|
"-device qxl-vga,xres=1920,yres=1080,max_outputs=1"
|
|
"-device qemu-xhci"
|
|
"-global kvm-pit.lost_tick_policy=discard"
|
|
] ++ pkgs.lib.optionals efi [
|
|
"-bios ${OVMF.fd}/FV/OVMF.fd"
|
|
] ++ pkgs.lib.optionals enableTpm [
|
|
"-chardev socket,id=chrtpm,path=tpm.sock"
|
|
"-tpmdev emulator,id=tpm0,chardev=chrtpm"
|
|
"-device tpm-tis,tpmdev=tpm0"
|
|
] ++ pkgs.lib.optionals (vnc != null) [
|
|
"-vnc ${vnc}"
|
|
] ++ pkgs.lib.optionals (tap != null) [
|
|
"-netdev tap,id=n1,ifname=${tap},script=no,downscript=no"
|
|
"-device virtio-net-pci,netdev=n1,mac=${macAddress}"
|
|
] ++ extraFlags;
|
|
|
|
tpmStartCommands = ''
|
|
mkdir -p tpmstate
|
|
${pkgs.swtpm}/bin/swtpm socket \
|
|
--tpmstate dir=tpmstate \
|
|
--ctrl type=unixio,path=tpm.sock &
|
|
echo $! > tpm.pid
|
|
disown
|
|
'';
|
|
|
|
tpmStopCommands = ''
|
|
kill $(cat tpm.pid) || true
|
|
rm tpm.pid
|
|
rm -rf tpmstate
|
|
'';
|
|
|
|
tapStartCommands = tap: bridge: ''
|
|
${pkgs.iproute2}/bin/ip tuntap add dev ${tap} mode tap
|
|
${pkgs.iproute2}/bin/ip link set ${tap} up promisc on
|
|
${pkgs.bridge-utils}/sbin/brctl addif ${bridge} ${tap}
|
|
${pkgs.iproute2}/bin/ip link set dev ${tap} master ${bridge}
|
|
'';
|
|
|
|
tapStopCommands = tap: ''
|
|
${pkgs.iproute2}/bin/ip tuntap del ${tap} mode tap
|
|
'';
|
|
}
|