libvirt

Remote setup with NixOS

Usually, you connect to libvirt using qmeu:///system or qemu+ssh://…. This works in most case but sometimes you want to expose libvirt on tcp (with or without TLS). One such example is for openshift/installer.

boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1 ; };
virtualisation.libvirtd = {
  extraConfig = ''
  listen_tls = 0
  listen_tcp = 1
  auth_tcp="none"
  tcp_port = "16509"
  '';
  extraOptions = [ "--listen" ]
};
networking.firewall.allowedTCPPorts = [ 16509 ];

For openshift purpose we may want dns entry like echo server=/tt.testing/192.168.126.1 | sudo tee /etc/NetworkManager/dnsmasq.d/openshift.conf.

Sources

openshift/installer libvirt HOWTO
libvirt: Remote support
libvirt: Connection authentication
libvirt: Remote support