{ config, lib, pkgs, ... }:

let
  cfg = config.ptw.virtualisation;
in {
  options.ptw.virtualisation = {
    enable = lib.mkEnableOption "Enable and configure virtualisation";
  };

  config = lib.mkIf cfg.enable {
    environment.systemPackages = with pkgs; [ virglrenderer unstable.qemu virt-manager ];
    services.spice-vdagentd.enable = true;

    virtualisation.libvirtd = {
      enable = true;
      qemu = {
        package = pkgs.unstable.qemu;
        ovmf.enable = true;
        verbatimConfig = ''
        seccomp_sandbox = 0
        cgroup_device_acl = [
        	"/dev/null", "/dev/full", "/dev/zero", 
        	"/dev/random", "/dev/urandom",
          "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
        	"/dev/rtc","/dev/hpet",
          "/dev/input/by-id/virtual-event-EvdevProxyMouse",
          "/dev/input/by-id/virtual-event-EvdevProxyKeyboard",
          "/dev/input/by-id/usb-Logitech_USB_Receiver-if02-event-mouse"
        ]
        '';
      };
    };
  };
}