yeah, me too.
For your information, I found the following wiki page.
Just wanted to share my Nix config since it’s starting to really come together. I’m a complete newcomer to Nix, Wayland, and Hyprland so there has been a lot to learn, but I’ve used Linux for more than 2 decades so that background helped
I created a readme in the machines/framework folder that may be helpful for people setting up encrypted boot drives and secure boot as it covers the process (as best as I can remember) that I did.
Other feature I have is that everything is built from source and optimized for the processor rather than using the binary builds. There are a few build problems for different packages, but everything seems to be able to be worked around.
3 Likes
Thank you! This is very useful, the readme was great c:
I’m going to start playing with nix in a vm this weekend. What I want is secureboot on (and not shimmed if possible, so it’ll verify my boot code), encrypted disks, sleep-to-hibernate to an encrypted partition/swap file…
I have never succeeded in doing this before with Linux but I’m basically going for the same boot and disk security Windows would have if Microsoft didn’t constantly leak it’s keys.
Anyone got a guide on this?
Some of that is what I outlined here in my above GitHub (look for the readme in machines/framework, can’t link it here since it would exceed 2 links in a post)
I followed a couple of guides including lanzaboote/docs/QUICK_START.md at master · nix-community/lanzaboote · GitHub and https://www.reddit.com/r/NixOS/comments/xrgszw/comment/iqf1gps/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button
I can confirm with my config that I can hibernate to the encrypted swap and restore, but I did have problems connecting to WiFi afterward which I haven’t tracked down yet. Otherwise I was pleasantly surprised how easy it all ways and how well it worked.
1 Like
Great thanks. I’ll check it out.
I see you have framework-laptop-kmod and framework-tool.
I’m having trouble getting framework_tool to work, at least for setting charge limits. Is it working for you? I know the kmod is waiting for kernel 6.9, but I’m unsure if the same is true for the first party util.
Also, excellent config! Thanks for sharing.
Unfortunately I have not gotten anything with ec working. I see in dmesg “cros_ec_lpcs cros_ec_lpcs.0: EC ID not detected” and I assume that indicates things are not working. It looks like I’d need the patches or wait for Kernel 6.9 to get cros_ec / cros_ec_lpcs to work on the laptop. If I get some time I’ll add the patches to my config, but I probably will just wait for 6.9.
I’ve added the patches to my repository and can confirm that /dev/cros_ec shows up now. Some of the framework_tool commands like inputmodules work fine, but some like kblight fail for some reason. I also don’t see the the objects added to /sys that the kmod should have added and I don’t see the mod in lsmod nor am I able to modprobe it so it may not be configured / installed correctly.
Edit: Fixed now. I was loading the kernel module in my config the wrong way. I can now see the charge_control_end_threshold and framework_laptop::kbd_backlight objects.
1 Like
Wow, you figured that out fast! I had tried apply the patches using
patch = (fetchurl {
url = "https://lore.kernel.org/chrome-platform/2fba7925-f22a-4ea9-9368-57e50d2bddda@t-8ch.de/t.mbox.gz";
hash = "sha256-...";
});
but it kept failing to build iirc. Is it perhaps that I had to get just the v3 files somehow instead of the whole thread?
I’m not sure exactly how NixOS applies patches so I just went with the patch format I’m most familiar with. It is possible the patches could apply just fine from the mbox, but you probably need to use the right thread since that link included the v1 and v2 patches as well.
For fun I tried it with the series mbox link (https://patchwork.kernel.org/series/840830/mbox/) from [v3,0/4] platform/chrome: cros_ec_lpc: add support for AMD Framework Laptops - Patchwork. I didn’t finish building the kernel, just enough that it looks like the patch applied correctly:
boot.kernelPatches = [
{
name = "cros_ec_lpc";
patch = (pkgs.fetchpatch {
url = "https://patchwork.kernel.org/series/840830/mbox/";
sha256 = lib.fakeSha256; # Replace with the real hash, don't trust hashes people put in posts :-) - especially for kernel patches
});
}
FYI - if you want to look at the contents of the mbox link you had, you can run curl <url> | gunzip | less. That will show that it has the earlier versions of the patches which is probably why you had an issue.
1 Like
I have a package of the latest version of fw-ectool here: isz/nix/pkgs/fw-ectool/default.nix at main · quentinmit/isz · GitHub
It works for me on kernel 6.8.6 with no kernel patches.
these patches are for getting GitHub - DHowett/framework-laptop-kmod: Kernel module to expose more Framework Laptop stuff to work, not fw-ectool
didn’t know fw-ectool got moved to gitlab though, do you know if it works on the fw16?
Hey Guys,
I didn’t wanted to bother creating a new topic for these questions but I’d like to take a look at NixOs on my FW16 (as a perfect newbie) and I was wondering if it would be best to wait for the 24.05 release to start a new install or use the actual one 23.11 and then upgrade when it will be out ?
I see a lot of discussion for embedding the latest patches of different pieces of software to get all the hardware enabled… but do you think it will still be necessary when 24.05 will be out ?
The hardware config of the FW16 has been recently added to the hardware repository. Does this base config is sufficient to use it on daily basis as a main computer without tweaking it ? Or is it still experimental ?
Thank’s for your feedback around these questions 
IMHO, “major” upgrades in NixOS are way less disruptive than they are with Ubuntu or Fedora.
All those kernel patches are more linked to the kernel itself not embedding them (yet).
If somehow the 6.9 kernel was released before a 24.05 release it’s entirely possible that you could use it in 23.11.
The config in nixos-hardware seems good enough, there was not much to tweak anyway 
1 Like
How is your experience with Steam and the dGPU ?
I’m having some trouble getting some good performance…
I don’t know if it’s DRI vs Vulkan, being on 6.7 (because of ZFS), or something else…
I’m not on NixOs but Fedora 40 with 6.8.7 and to get enough performances on my games (under UE5), I have to use the mesa-git (v24.2) copr to get more speed. It seems still to be quite low comparing to perfs on windows though.
So I guess if I switch to NixOS I’ll have to tweak the mesa version if it’s lower than v24.1.
EDIT: Bad news for me, it’s still on 24.0.x on unstable U_U"
https://search.nixos.org/packages?channel=unstable&show=mesa&from=0&size=50&sort=relevance&type=packages&query=mesa
I’m not entirely sure were in NixOS itself you’d need to plug it to override it but if it’s in unstable, you can mix and match between packages from stable and unstable, so you could use mesa from unstable in a system that mostly relies on packages from stable.
@pdp Interesting. Thank’s !
For the mesa part, it seems to be around the corner to get the 24.1 on unstable. Let’s hope it will be merged soon 