{ config, pkgs, lib, ... }: let commonKernelParams = [ # VM/GPU passthrough "amd_iommu=on" "iommu=pt" "nested=1" # Virtualization nonsense "transparent_hugepage=never" # Isolate devices into IOMMU groups "pcie_acs_override=downstream,multifunction" "pci=routeirq" ]; in { boot = { # Must be Zen for IOMMU isolation kernelPackages = pkgs.unstable.linuxPackages_zen; kernel.sysctl."vm.max_map_count" = 2147483642; kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:1f82,10de:10fa" ]; blacklistedKernelModules = [ "pcspkr" ]; # Enable cross-compilation binfmt.emulatedSystems = [ "aarch64-linux" ]; # Needed for GPU passthrough initrd.kernelModules = [ "vfio" "vfio_pci" "vfio_iommu_type1" ]; }; # Use second GPU on boot specialisation.gputwo.configuration = { boot.kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:2504,10de:228e" ]; environment.sessionVariables.WLR_RENDERER = lib.mkForce "gles2"; }; # Use Nouveau specialisation.nouveau.configuration.config = { system.video.nvidia.enable = lib.mkForce false; system.video.nouveau.enable = lib.mkForce true; environment.sessionVariables.NIXOS_OZONE_WL = lib.mkForce "0"; }; }