From 0831730903ba4c126f86cb199867f7ed5bd6650f Mon Sep 17 00:00:00 2001
From: Christoph Urlacher <christoph.urlacher@protonmail.com>
Date: Fri, 27 Mar 2026 16:54:56 +0100
Subject: [PATCH] System/Nixinator: Configure libvirt virtualisation

---
 home/christoph/nixinator/default.nix    |  4 ++++
 home/homemodules/packages/default.nix   |  1 +
 system/nixinator/default.nix            | 22 +++++++++++++++++++++-
 system/systemmodules/docker/default.nix |  1 -
 4 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/home/christoph/nixinator/default.nix b/home/christoph/nixinator/default.nix
index 749b67ba..67cb29f2 100644
--- a/home/christoph/nixinator/default.nix
+++ b/home/christoph/nixinator/default.nix
@@ -107,6 +107,10 @@
         handbrake
         teamspeak6-client
 
+        # virt-manager # use system program option
+        virt-viewer
+        # gnome-boxes # doesn't list VMs imported using virsh
+
         steam-devices-udev-rules
       ];
 
diff --git a/home/homemodules/packages/default.nix b/home/homemodules/packages/default.nix
index ac61d701..01ec1dc8 100644
--- a/home/homemodules/packages/default.nix
+++ b/home/homemodules/packages/default.nix
@@ -13,6 +13,7 @@ in {
   options.homemodules.packages = import ./options.nix {inherit lib mylib;};
 
   config = lib.mkIf packages.enable {
+    # TODO: Add extra packages option and use that from host-specific configs
     home.packages = with pkgs;
       lib.mkMerge [
         # Common packages
diff --git a/system/nixinator/default.nix b/system/nixinator/default.nix
index 0b4e93ee..4ab9217d 100644
--- a/system/nixinator/default.nix
+++ b/system/nixinator/default.nix
@@ -193,7 +193,25 @@
     # };
   };
 
-  # environment.systemPackages = with pkgs; [];
+  environment.systemPackages = with pkgs; [
+    spice
+    spice-gtk
+  ];
+
+  virtualisation = {
+    libvirtd = {
+      enable = true;
+      qemu = {
+        package = pkgs.qemu_kvm;
+        # ovmf.enable = true; # deprecated
+        swtpm.enable = true;
+        runAsRoot = true;
+      };
+    };
+    spiceUSBRedirection.enable = true;
+  };
+
+  networking.firewall.trustedInterfaces = ["virbr0"]; # libvirt
 
   programs = {
     ausweisapp = {
@@ -205,6 +223,8 @@
       enable = true;
       gdb = true;
     };
+
+    virt-manager.enable = true;
   };
 
   services = {
diff --git a/system/systemmodules/docker/default.nix b/system/systemmodules/docker/default.nix
index aa438261..f6bad1e4 100644
--- a/system/systemmodules/docker/default.nix
+++ b/system/systemmodules/docker/default.nix
@@ -72,7 +72,6 @@ in {
         if docker.podman
         then "podman"
         else "docker"; # "docker" or "podman"
-      libvirtd.enable = true;
     };
 
     systemd.services = let