{ pkgs, username, lib, ... }: { environment.systemPackages = with pkgs; [ # https://github.com/quickemu-project/quickemu (quickemu.overrideAttrs (old: { patches = [ # patch to allow forcing a specific ISO file via an environment variable `FILE_NAME` (pkgs.fetchpatch { url = "https://github.com/Titaniumtown/quickemu/commit/f96d52a6b6f4b3187171d8cab61a273475da3b6c.diff"; sha256 = "vXVI4EeJGhOlx8ARTCvB98Ajalk0bVakL98WojqcI3c="; }) ]; })) ]; programs.virt-manager.enable = true; users.groups.libvirtd.members = [ username ]; virtualisation.libvirtd = { enable = true; package = pkgs.libvirt; qemu = { package = ( pkgs.qemu_kvm.overrideAttrs (old: { patches = old.patches ++ [ # amd? # (pkgs.fetchpatch { # url = "https://github.com/Scrut1ny/Hypervisor-Phantom/raw/d09d66813570704e2b05440f290d6f9bdf2d26c7/Hypervisor-Phantom/patches/QEMU/amd-qemu-9.2.0.patch"; # sha256 = "BbzgjRa3qaYH1yXXqU6M/S68SxXWpAc9ObTG5qXu6YA="; # }) # or intel! (pkgs.fetchpatch { url = "https://github.com/Scrut1ny/Hypervisor-Phantom/raw/d09d66813570704e2b05440f290d6f9bdf2d26c7/Hypervisor-Phantom/patches/QEMU/intel-qemu-9.2.0.patch"; sha256 = "kXY6R/0Tsotf0mGUIevDLlLWHEznnF1dt0K2ayX7XAg="; }) ]; }) ); ovmf.packages = lib.mkForce [ (pkgs.OVMF.overrideAttrs (old: { secureBoot = true; tpmSupport = true; # TODO! add patches from: https://github.com/Scrut1ny/Hypervisor-Phantom/tree/main/Hypervisor-Phantom/patches/EDK2 })).fd ]; }; }; virtualisation.spiceUSBRedirection.enable = true; users.users."${username}".extraGroups = [ "libvirtd" ]; boot.kernelPatches = [ { name = "undetected-kvm"; patch = pkgs.fetchurl { url = "https://raw.githubusercontent.com/Scrut1ny/Hypervisor-Phantom/d09d66813570704e2b05440f290d6f9bdf2d26c7/Hypervisor-Phantom/patches/Kernel/linux-6.13-svm.patch"; sha256 = "zz18xerutulLGzlHhnu26WCY8rVQXApyeoDtCjbejIk="; }; } ]; }