feat(virtualisation): setup modules

modules/hosts/sirius/config.nix

@@ -11,9 +11,19 @@
       imports = with config.flake.modules.nixos; [
         networking
         desktop
+        virtualisation
       ];
 
-      tnix.services.openssh.enable = true;
+      tnix = {
+        services.openssh.enable = true;
+
+        virtualisation = {
+          docker.enable = true;
+          docker.nvidia.enable = true;
+          qemu.enable = true;
+          waydroid.enable = true;
+        };
+      };
 
       sops.secrets.tux-password = {
         sopsFile = ./secrets.yaml;

modules/nixos/virtualisation/docker.nix

@@ -0,0 +1,32 @@
+{
+  flake.modules.nixos.virtualisation =
+    {
+      config,
+      lib,
+      pkgs,
+      userName,
+      ...
+    }:
+    let
+      cfg = config.tnix.virtualisation;
+    in
+    {
+      options.tnix.virtualisation.docker = {
+        enable = lib.mkEnableOption "Docker container runtime";
+        nvidia = {
+          enable = lib.mkEnableOption "NVIDIA Container Toolkit for Docker";
+        };
+      };
+
+      config = lib.mkIf cfg.docker.enable {
+        virtualisation = {
+          oci-containers.backend = "docker";
+          docker.enable = true;
+        };
+
+        hardware.nvidia-container-toolkit.enable = lib.mkIf cfg.docker.nvidia.enable true;
+        environment.systemPackages = with pkgs; [ lazydocker ];
+        users.users.${userName}.extraGroups = [ "docker" ];
+      };
+    };
+}

modules/nixos/virtualisation/qemu.nix

@@ -0,0 +1,38 @@
+{
+  flake.modules.nixos.virtualisation =
+    {
+      config,
+      lib,
+      pkgs,
+      userName,
+      ...
+    }:
+    let
+      cfg = config.tnix.virtualisation;
+    in
+    {
+      options.tnix.virtualisation.qemu = {
+        enable = lib.mkEnableOption "QEMU/KVM virtualization with libvirtd";
+      };
+
+      config = lib.mkIf cfg.qemu.enable {
+        virtualisation = {
+          libvirtd = {
+            enable = true;
+            qemu = {
+              swtpm.enable = true;
+            };
+          };
+          spiceUSBRedirection.enable = true;
+        };
+
+        users.users.${userName}.extraGroups = [ "libvirtd" ];
+
+        environment.systemPackages = with pkgs; [
+          virt-manager
+          virt-viewer
+        ];
+      };
+    };
+
+}

modules/nixos/virtualisation/waydroid.nix

@@ -0,0 +1,20 @@
+{
+  flake.modules.nixos.virtualisation =
+    {
+      config,
+      lib,
+      ...
+    }:
+    let
+      cfg = config.tnix.virtualisation;
+    in
+    {
+      options.tnix.virtualisation.waydroid = {
+        enable = lib.mkEnableOption "Waydroid Android container";
+      };
+
+      config = lib.mkIf cfg.waydroid.enable {
+        virtualisation.waydroid.enable = true;
+      };
+    };
+}