diff --git a/flake.nix b/flake.nix
index 47d9a7b..6aca82b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -142,7 +142,8 @@ rec {
               })
               lib.createMediaGroup
               (lib.createUser "felschr" {
-                user.extraGroups = [ "wheel" "audio" "disk" "media" ];
+                user.extraGroups =
+                  [ "wheel" "audio" "disk" "libvirtd" "qemu-libvirtd" "media" ];
                 modules = [ homeManagerModules.git ];
                 config = ./home/felschr.nix;
                 usesContainers = true;
diff --git a/virtualisation/libvirt.nix b/virtualisation/libvirt.nix
index 572a9d8..b91ec19 100644
--- a/virtualisation/libvirt.nix
+++ b/virtualisation/libvirt.nix
@@ -1,8 +1,18 @@
-{ config, pkgs, ... }:
+{ pkgs, ... }:
 
 {
-  virtualisation.libvirtd.enable = true;
-  # virtualisation.spiceUSBRedirection.enable = true;
-
   environment.systemPackages = with pkgs; [ virt-manager gnome.gnome-boxes ];
+
+  environment.sessionVariables.LIBVIRT_DEFAULT_URI = [ "qemu:///system" ];
+
+  # Users need to be in groups: libvirtd, qemu-libvirtd
+  virtualisation.libvirtd.enable = true;
+  virtualisation.libvirtd.qemu.runAsRoot = false;
+  virtualisation.libvirtd.qemu.ovmf.enable = true;
+  virtualisation.libvirtd.qemu.swtpm.enable = true;
+  virtualisation.libvirtd.onBoot = "ignore";
+  virtualisation.libvirtd.onShutdown = "shutdown";
+  virtualisation.spiceUSBRedirection.enable = true;
+
+  programs.dconf.enable = true;
 }