init nix-os configuraion files

modules/nixos/virtualize/libvirtd/default.nix

@@ -0,0 +1,45 @@
+{ config, pkgs, lib, username, ... }:
+{
+
+  imports = [
+    ./hooks.nix
+  ];
+  
+  config = {
+
+    # Ref: https://nixos.wiki/wiki/NixOps/Virtualization
+
+    boot = {
+      kernelModules = [ "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ];
+      kernelParams = [ "intel_iommu=on" "iommu=pt" ];
+      # extraModprobeConfig = "options vfio-pci ids=8086:1901,10de:1b81,10de:10f0";
+    };
+    virtualisation.libvirtd = {
+      enable = true;
+      qemu = {
+        package = pkgs.qemu_kvm;
+        ovmf.enable = true;
+        ovmf.packages = [ pkgs.OVMFFull.fd ];
+        swtpm.enable = true;
+        runAsRoot = false;
+      };
+    };
+
+    # tpm
+    security.tpm2 = {
+      pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so
+      enable = true;
+      tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables
+    };
+
+    # Ref: https://nixos.wiki/wiki/Virt-manager
+
+    environment.systemPackages = with pkgs; [
+      virt-manager
+      virglrenderer
+      #virt-manager-qt
+    ];
+
+    users.users.${username}.extraGroups = lib.mkIf config.virtualisation.libvirtd.enable [ "libvirtd" "tss" ];
+  };
+}

modules/nixos/virtualize/libvirtd/hooks.nix

@@ -0,0 +1,37 @@
+{ pkgs, ... }:
+{
+  # Load Hooks for Libvirt
+  systemd.services.libvirtd.preStart = let
+    qemuHook = pkgs.writeScript "qemu-hook" ''
+      #!${pkgs.stdenv.shell}
+
+      GUEST_NAME="$1"
+      HOOK_NAME="$2"
+      STATE_NAME="$3"
+      MISC="$\{@:4}"
+
+      BASEDIR="$(dirname $0)"
+
+      HOOKPATH="$BASEDIR/qemu.d/$GUEST_NAME/$HOOK_NAME/$STATE_NAME"
+      set -e # If a script exits with an error, we should as well.
+
+      if [ -f "$HOOKPATH" ]; then
+      eval \""$HOOKPATH"\" "$@"
+      elif [ -d "$HOOKPATH" ]; then
+      while read file; do
+        eval \""$file"\" "$@"
+      done <<< "$(find -L "$HOOKPATH" -maxdepth 1 -type f -executable -print;)"
+      fi
+    '';
+  in ''
+    mkdir -p /var/lib/libvirt/hooks
+    chmod 755 /var/lib/libvirt/hooks
+
+    # Copy hook files
+    ln -sf ${qemuHook} /var/lib/libvirt/hooks/qemu
+    cp -rfT ${./qemu.d} /var/lib/libvirt/hooks/qemu.d
+
+    # Make executable
+    chmod -R +x /var/lib/libvirt/hooks/qemu.d/
+  '';
+}

modules/nixos/virtualize/libvirtd/qemu.d/win11/prepare/begin/start.sh

@@ -0,0 +1,44 @@
+#!/run/current-system/sw/bin/bash
+set -x
+
+# Xpad affects the work of the xbox controller and its wireless adapter
+# The xpad will shake hands with the handle/wireless adapter when it is plugged in. At this time, 
+# if you pass the usb device directly to the virtual machine, the xbox handle will not re-handshake with the root of windows,
+# which will eventually cause it to fail to work.
+# I can't find a way to make the usb device passthrough into the virtual machine from before/when it is plugged in,
+# so I suggest you disable this driver if you need to use the gamepad in virtual machine
+modprobe -r xpad
+
+# dGPU PCI slots
+pci_slot="01:00"
+
+# Determine whether the graphics card has been used by VFIO kernel modules
+if [ -z "$(lspci -k -s $pci_slot | grep vfio_pci)" ]; then
+    # Determine whether nvidia kernel modules has been loaded
+    lsmod_result=$(lsmod | grep nvidia)
+    if [ -n "$lsmod_result" ]; then
+        # Stop display manager
+        systemctl stop display-manager
+
+        sleep 2
+
+        # Unload NVIDIA kernel modules
+        modprobe -r nvidia_drm nvidia_modeset nvidia_uvm nvidia
+
+        # Unload AMD kernel module
+        # modprobe -r amdgpu
+    fi
+
+    # Detach GPU devices from host
+    # Use your GPU and HDMI Audio PCI host device
+    virsh nodedev-detach pci_0000_01_00_0
+    virsh nodedev-detach pci_0000_01_00_1
+
+    # Load vfio module
+    modprobe vfio_pci
+
+    if [ -n "$lsmod_result" ]; then
+        # Restart Display Manager
+        systemctl start display-manager
+    fi
+fi

modules/nixos/virtualize/libvirtd/qemu.d/win11/release/end/stop.sh

@@ -0,0 +1,13 @@
+#!/run/current-system/sw/bin/bash
+set -x
+
+# Load Xpad
+modprobe nvidia_drm nvidia_modeset nvidia_uvm nvidia xpad
+
+# Attach GPU devices to host
+# Use your GPU and HDMI Audio PCI host device
+virsh nodedev-reattach pci_0000_01_00_0
+virsh nodedev-reattach pci_0000_01_00_1
+
+# Unload vfio module
+modprobe -r vfio_pci