{ config, lib, pkgs, ... }: let cfg = config.ptw.virtualisation; in { options.ptw.virtualisation = { enable = lib.mkEnableOption "Enable and configure virtualisation"; }; config = lib.mkIf cfg.enable { environment.systemPackages = with pkgs; [ virglrenderer unstable.qemu ]; services.spice-vdagentd.enable = true; virtualisation.libvirtd = { enable = true; qemu = { package = pkgs.unstable.qemu; ovmf.enable = true; verbatimConfig = '' seccomp_sandbox = 0 cgroup_device_acl = [ "/dev/null", "/dev/full", "/dev/zero", "/dev/random", "/dev/urandom", "/dev/ptmx", "/dev/kvm", "/dev/kqemu", "/dev/rtc","/dev/hpet", "/dev/input/by-id/usb-Logitech_G700s_Rechargeable_Gaming_Mouse_93DF48160007-event-mouse", "/dev/input/by-id/usb-Logitech_USB_Receiver-if02-event-mouse", "/dev/input/by-id/usb-Razer_Razer_Tartarus_V2-event-kbd", "/dev/input/by-id/virtual-event-EvdevProxyMouse", "/dev/input/by-id/virtual-event-EvdevProxyTartarus", "/dev/input/by-id/usb-Razer_Razer_BlackWidow_Ultimate-event-kbd" ] ''; }; }; }; }