14 files changed, 209 insertions, 1 deletions

diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix
index f20e009..e4fe30d 100644
--- a/modules/desktop/default.nix
+++ b/modules/desktop/default.nix
@@ -1,6 +1,10 @@
 { config, ... }:
 {
-  imports = [ ./networking ];
+  imports = [
+    ./networking
+    ./variables
+    ./virtualisation
+  ];
 
   sops.defaultSopsFile = ../../secrets/${config.networking.hostName}.yaml;
 }
diff --git a/modules/desktop/variables/default.nix b/modules/desktop/variables/default.nix
new file mode 100644
index 0000000..8315ceb
--- /dev/null
+++ b/modules/desktop/variables/default.nix
@@ -0,0 +1,20 @@
+{
+  imports = [
+    ./electron.nix
+    ./fcitx.nix
+    ./mozilla.nix
+    ./nvidia.nix
+    ./opengl.nix
+    ./qt.nix
+    ./wayland.nix
+    ./wlroots.nix
+  ];
+
+  environment.variables = {
+    _JAVA_AWT_WM_NONREPARENTING = "1";
+    PROTON_ENABLE_NGX_UPDATER = "1";
+    GTK_USE_PORTAL = "1";
+    DIRENV_LOG_FORMAT = "";
+    SSH_AUTH_SOCK = "/run/user/1000/keyring/ssh";
+  };
+}
diff --git a/modules/desktop/variables/electron.nix b/modules/desktop/variables/electron.nix
new file mode 100644
index 0000000..62e7c72
--- /dev/null
+++ b/modules/desktop/variables/electron.nix
@@ -0,0 +1,7 @@
+{
+  environment.variables = {
+    # ELECTRON_OZONE_PLATFORM_HINT = "auto";
+    # OZONE_PLATFORM = "wayland";
+    NIXOS_OZONE_WL = "1";
+  };
+}
diff --git a/modules/desktop/variables/fcitx.nix b/modules/desktop/variables/fcitx.nix
new file mode 100644
index 0000000..0ac550f
--- /dev/null
+++ b/modules/desktop/variables/fcitx.nix
@@ -0,0 +1,13 @@
+{
+  environment.variables = {
+    # https://fcitx-im.org/wiki/Using_Fcitx_5_on_Wayland
+    QT_IM_MODULE = "fcitx";
+    XMODIFIERS = "@im=fcitx";
+    # GTK_IM_MODULE = "wayland";
+    # GTK_IM_MODULE = "fcitx";
+    SDL_IM_MODULE = "fcitx";
+    GLFW_IM_MODULE = "ibus";
+    INPUT_METHOD = "fcitx";
+    CUDA_CACHE_PATH = "$XDG_CACHE_HOME/nv";
+  };
+}
diff --git a/modules/desktop/variables/mozilla.nix b/modules/desktop/variables/mozilla.nix
new file mode 100644
index 0000000..e85d27c
--- /dev/null
+++ b/modules/desktop/variables/mozilla.nix
@@ -0,0 +1,6 @@
+{
+  environment.variables = {
+    MOZ_ENABLE_WAYLAND = "1";
+    MOZ_DISABLE_RDD_SANDBOX = "1";
+  };
+}
diff --git a/modules/desktop/variables/nvidia.nix b/modules/desktop/variables/nvidia.nix
new file mode 100644
index 0000000..3d50fdf
--- /dev/null
+++ b/modules/desktop/variables/nvidia.nix
@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+{
+  environment.variables = {
+    LIBVA_DRIVER_NAME = "nvidia";
+    __GLX_VENDOR_LIBRARY_NAME = "nvidia";
+    GBM_BACKEND = "nvidia-drm";
+    __VK_LAYER_NV_optimus = "NVIDIA_only";
+    __NV_PRIME_RENDER_OFFLOAD = "1";
+    NVD_BACKEND = "direct";
+    CUDA_PATH = "${pkgs.cudatoolkit}";
+  };
+}
diff --git a/modules/desktop/variables/opengl.nix b/modules/desktop/variables/opengl.nix
new file mode 100644
index 0000000..1edce45
--- /dev/null
+++ b/modules/desktop/variables/opengl.nix
@@ -0,0 +1,7 @@
+{
+  environment.variables = {
+    __GL_GSYNC_ALLOWED = "1";
+    __GL_VRR_ALLOWED = "0";
+    __GL_MaxFramesAllowed = "1";
+  };
+}
diff --git a/modules/desktop/variables/qt.nix b/modules/desktop/variables/qt.nix
new file mode 100644
index 0000000..cedf6a0
--- /dev/null
+++ b/modules/desktop/variables/qt.nix
@@ -0,0 +1,11 @@
+{
+  environment.variables = {
+    QT_AUTO_SCREEN_SCALE_FACTOR = "1";
+    QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
+    QT_QPA_PLATFORM = "wayland;xcb";
+    DISABLE_QT5_COMPAT = "0";
+    DISABLE_QT_COMPAT = "0";
+    QT_QPA_PLATFORMTHEME = "qt5ct";
+    # QT_STYLE_OVERRIDE = "kvantum";
+  };
+}
diff --git a/modules/desktop/variables/wayland.nix b/modules/desktop/variables/wayland.nix
new file mode 100644
index 0000000..ee21d52
--- /dev/null
+++ b/modules/desktop/variables/wayland.nix
@@ -0,0 +1,10 @@
+{
+  environment.variables = {
+    GDK_BACKEND = "wayland,x11,*";
+    SDL_VIDEODRIVER = "wayland";
+    CLUTTER_BACKEND = "wayland";
+    XWAYLAND_NO_GLAMOR = "0"; # Gamescope
+    ANKI_WAYLAND = "1";
+    XDG_SESSION_TYPE = "wayland";
+  };
+}
diff --git a/modules/desktop/variables/wlroots.nix b/modules/desktop/variables/wlroots.nix
new file mode 100644
index 0000000..25aaf4d
--- /dev/null
+++ b/modules/desktop/variables/wlroots.nix
@@ -0,0 +1,12 @@
+{
+  environment.variables = {
+    WLR_NO_HARDWARE_CURSORS = "1";
+    WLR_DRM_NO_ATOMIC = "1";
+    WLR_USE_LIBINPUT = "1";
+    WLR_RENDERER_ALLOW_SOFTWARE = "1";
+    WLR_DRM_DEVICES = "/dev/dri/card0";
+    WLR_EGL_NO_MODIFIERS = "1";
+    WLR_BACKEND = "vulkan";
+    WLR_RENDERER = "vulkan";
+  };
+}
diff --git a/modules/desktop/virtualisation/default.nix b/modules/desktop/virtualisation/default.nix
new file mode 100644
index 0000000..97aa4b9
--- /dev/null
+++ b/modules/desktop/virtualisation/default.nix
@@ -0,0 +1,14 @@
+{
+  imports = [
+    ./docker.nix
+    ./libvirtd.nix
+    ./qemu.nix
+  ];
+
+  programs.extra-container.enable = true;
+
+  virtualisation = {
+    kvmgt.enable = true;
+    spiceUSBRedirection.enable = true;
+  };
+}
diff --git a/modules/desktop/virtualisation/docker.nix b/modules/desktop/virtualisation/docker.nix
new file mode 100644
index 0000000..c35beb6
--- /dev/null
+++ b/modules/desktop/virtualisation/docker.nix
@@ -0,0 +1,32 @@
+{ lib, ... }:
+{
+  virtualisation.docker = {
+    enable = true;
+    storageDriver = "overlay2";
+    enableOnBoot = false;
+    liveRestore = true;
+    enableNvidia = lib.mkForce true;
+
+    daemon.settings = {
+      default-runtime = "nvidia";
+      experimental = true;
+      iptables = false;
+    };
+
+    autoPrune = {
+      enable = true;
+      dates = "daily";
+    };
+
+    rootless = {
+      enable = false;
+      setSocketVariable = true;
+
+      daemon.settings = {
+        default-runtime = "nvidia";
+        experimental = true;
+        iptables = false;
+      };
+    };
+  };
+}
diff --git a/modules/desktop/virtualisation/libvirtd.nix b/modules/desktop/virtualisation/libvirtd.nix
new file mode 100644
index 0000000..556135b
--- /dev/null
+++ b/modules/desktop/virtualisation/libvirtd.nix
@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+{
+  boot.extraModprobeConfig = "options kvm_intel nested=1";
+
+  environment.systemPackages = with pkgs; [
+    virt-manager
+    virt-viewer
+  ];
+
+  virtualisation.libvirtd = {
+    enable = true;
+    onBoot = "ignore";
+    onShutdown = "shutdown";
+  };
+}
diff --git a/modules/desktop/virtualisation/qemu.nix b/modules/desktop/virtualisation/qemu.nix
new file mode 100644
index 0000000..849ead1
--- /dev/null
+++ b/modules/desktop/virtualisation/qemu.nix
@@ -0,0 +1,45 @@
+{ pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    qemu_kvm
+    qemu
+  ];
+
+  hardware.pulseaudio.extraConfig = ''
+    load-module module-native-protocol-unix auth-group=qemu-libvirtd socket=/tmp/pulse-socket
+  '';
+
+  boot.kernelModules = [ "vfio-pci" ];
+
+  networking.firewall.trustedInterfaces = [
+    "virbr0"
+    "br0"
+  ];
+
+  services.udev.extraRules = ''
+    SUBSYSTEM=="vfio", OWNER="root", GROUP="kvm"
+  '';
+
+  virtualisation.libvirtd.qemu = {
+    package = pkgs.qemu_kvm;
+    runAsRoot = true;
+    swtpm.enable = true;
+
+    ovmf = {
+      enable = true;
+
+      packages = [
+        (pkgs.OVMFFull.override {
+          secureBoot = true;
+          tpmSupport = true;
+        }).fd
+      ];
+    };
+
+    verbatimConfig = ''
+      namespaces = []
+
+      dynamic_ownership = 0
+    '';
+  };
+}