{ pkgs, ... }:
let
  loadvfio = pkgs.writeShellScriptBin "loadvfio" ''
    udevadm trigger --verbose --type=devices --action=remove --subsystem-match=drm --property-match="MINOR=1"
    sleep 2
    rmmod -f nvidia_drm nvidia_modeset nvidia_uvm nvidia
    echo -n 0000:01:00.0 > /sys/bus/pci/devices/0000:01:00.0/driver/unbind
    echo -n 0000:01:00.1 > /sys/bus/pci/drivers/vfio-pci/bind
    echo -n 0000:01:00.0 > /sys/bus/pci/drivers/vfio-pci/bind
  '';

  loadnvidia = pkgs.writeShellScriptBin "loadnvidia" ''
    echo 0000:01:00.0 > /sys/bus/pci/devices/0000:01:00.0/driver/unbind
    echo 0000:01:00.1 > /sys/bus/pci/devices/0000:01:00.1/driver/unbind
    modprobe nvidia
    modprobe nvidia_drm
    modprobe nvidia_modeset
    echo -n 0000:01:00.0 > /sys/bus/pci/drivers/snd_hda_intel/bind
    nvidia-smi -i 0 -pm 1
  '';

  qemuHook = pkgs.writeShellScript "qemu" ''
    #
    # Author: Sebastiaan Meijer (sebastiaan@passthroughpo.st)
    #
    # Copy this file to /etc/libvirt/hooks, make sure it's called "qemu".
    # After this file is installed, restart libvirt.
    # From now on, you can easily add per-guest qemu hooks.
    # Add your hooks in /etc/libvirt/hooks/qemu.d/vm_name/hook_name/state_name.
    # For a list of available hooks, please refer to https://www.libvirt.org/hooks.html
    #
    GUEST_NAME="$1"
    HOOK_NAME="$2"
    STATE_NAME="$3"
    MISC="''${@:4}"
    BASEDIR="$(dirname $0)"
    HOOKPATH="$BASEDIR/qemu.d/$GUEST_NAME/$HOOK_NAME/$STATE_NAME"
    set -e # If a script exits with an error, we should as well.
    # check if it's a non-empty executable file
    if [ -f "$HOOKPATH" ] && [ -s "$HOOKPATH"] && [ -x "$HOOKPATH" ]; then
        eval \"$HOOKPATH\" "$@"
    elif [ -d "$HOOKPATH" ]; then
        while read file; do
            # check for null string
            if [ ! -z "$file" ]; then
              eval \"$file\" "$@"
            fi
        done <<< "$(find -L "$HOOKPATH" -maxdepth 1 -type f -executable -print;)"
    fi
  '';

in
{
  environment.systemPackages = [ loadnvidia loadvfio ];
  security.sudo.extraConfig = "grimmauld ALL=(ALL) NOPASSWD:/run/current-system/sw/bin/loadnvidia, /run/current-system/sw/bin/loadvfio";
  virtualisation.libvirtd = {
    enable = true;
    qemu = {
      runAsRoot = false;
      ovmf = {
        enable = true;
        packages = [
          #    pkgs.pkgsCross.aarch64-multiplatform.OVMF.fd # AAVMF
          pkgs.OVMF.fd
        ];
      };
    };
    onBoot = "ignore";
    onShutdown = "shutdown";
  };



  programs.virt-manager.enable = true;
  virtualisation.spiceUSBRedirection.enable = true;
}