[HN Gopher] NixOS on Framework Laptop
___________________________________________________________________
NixOS on Framework Laptop
Author : kvark
Score : 136 points
Date : 2021-10-17 19:27 UTC (3 hours ago)
(HTM) web link (kvark.github.io)
(TXT) w3m dump (kvark.github.io)
| iechoz6H wrote:
| > Prepare for a long read
|
| Took about 6 minutes, is that long nowadays?
| kvark wrote:
| I'll remove this line. Appeared to be shorter than I expected.
| Estimates, d'oh.
| k1rcher wrote:
| My Framework DIY just arrived this morning. I finished the build
| and installation of PopOS about an hour ago, but now I'm
| contemplating trying out NixOS due to this blog post.
|
| Looks amazing!
| reginold wrote:
| Oo how's Pop OS?
| k1rcher wrote:
| So far, incredible! Still setting up my environment, but as
| far as how it's running on the Framework, I 100% see myself
| fully transitioning to it from my MacBook.
|
| Desktop wise, I've been using PopOS for 7-8 months now, so
| it's quite great to have that same setup in a portable
| fashion now.
| Yuioup wrote:
| I take it the big vendors (HP, Dell, etc) are now going to start
| adopting Framework's business model? If not the obviously
| somebody's gonna try and buy them for billions.
| nrp wrote:
| We hope to see others come along, but it's not easy to
| transform a large business built around a replacement cycle
| into one centered on longevity. There are at least encouraging
| signs of some OEM's becoming less anti-repair, like Microsoft's
| recent announcement.
| gigatexal wrote:
| Super weird about the realtek Ethernet issues. Linux's support
| for Realtek is pretty good I thought.
| zepearl wrote:
| Ach, the usual stuff about NICs being re-re-re-created,
| incredibly annoying.
|
| I thought the same - then I bought in September 2021 a "Lenovo
| Ideapad 5 Pro 16ACH6" which is when I found out that the
| "Realtek Semiconductor Co., Ltd. Device 8852"/"Realtek RTL8111E
| Ethernet LOM"/"Lenovo Device 4852" needs a brand new
| driver/module, respectively is not compatible with anything
| else.
|
| I lost a lot of hair until I found
| "https://github.com/lwfinger/rtw89.git" (thaaanks a lot!!!)
| which made it work (reliable in my case, even with notebook
| "suspend-to-RAM").
|
| As of kernel 5.14.5 (on Gentoo) embedded support for that NIC
| is not available, nor I think in 5.14.12 (not 100% sure - I did
| not install it, just peeked into it) :(((
| jph wrote:
| Framework + NixOS is the most exciting hardware + OS going IMHO.
| If someone wants to do a crowdfunding or devpay or similar to
| make them work out of the box together, I will gladly donate or
| pay.
| jeppesen-io wrote:
| It's not what you're asking but I wonder if NixOS's hardware
| repo could expand to support Framework with some good defaults
|
| That being said, I think there could be a good use case for
| "meta" NixOS distributions. I'm working on such a thing for a
| NixOS based RetroArch type thing. But could see a PopOS like
| configuration, focused on on an "out the box experience"
|
| https://github.com/NixOS/nixos-hardware
| fungiblecog wrote:
| +1
| whateveracct wrote:
| import framework.nix {}
| joppy wrote:
| The post itself shows that it is non-trivial to even boot
| this hardware with Nix.
| b9be520d93286 wrote:
| Can you do NixOS without systemd? If not, I'd look elsewhere
| for the distro. Maybe Guix?
| xyzzyz wrote:
| What would you prefer to have in Nix instead of systemd?
| b9be520d93286 wrote:
| I would prefer OpenRC, runit or something similar.
| mindslight wrote:
| NixOS is based on systemd. But it also seems like NixOS would
| be a great foundation to use something besides systemd. It
| would take some work of course, but it feels like you'd be
| mostly working with the OS rather than fighting it.
|
| However having used it, NixOS seems like it mitigates the
| worst aspects of systemd. It gets rid of that that
| /etc/systemd /lib/systemd symlink "cleverness" for
| overriding/enabling units. Being functional it also makes it
| so that when systemd mysteriously breaks - for example if
| there is a loop in dependencies - it's easy to track down the
| change that caused it. And rather than splaying the config
| out in a bunch of random "unit" files, it's all contained in
| the nix config. About the worst thing I can say is that
| defining your own service is a bit more obtuse that it needs
| to be, with the arbitrary terms of the systemd unit format
| carrying over into the Nix config.
| jeppesen-io wrote:
| Just take the time to learn systemd. Once you do, like nix,
| it saves so much time
| gigatexal wrote:
| Yeah no point in fighting it. It's the standard. Learn to
| love SystemD.
| drran wrote:
| Good parts of SystemD are good, bad parts are bad. SystemD
| is easy to use when it fits your needs, but pain to use
| otherwise.
|
| For example, `systemd-analyze` is a good tool for boot
| performance analysis, so + for systemd, but if I want/need
| to use perf for boot performance analysis, then systemd
| stands in my way, while for initd it's just yet another
| boot mode.
| rollcat wrote:
| systemd is so complex, I've come to a conclusion, that it
| no longer fits my definition of free software.
|
| We allow runaway complexity to obscure the inner workings
| of an important software package, to the point, where
| having source access no longer makes a practical difference
| to a "casual" power-user or even a software engineer. I can
| source-dive runit, s6, OpenBSD's rc, or OpenRC and within a
| weekend, have a pretty OK understanding, fix a bug, or add
| a feature. Having software as complex as systemd taking so
| many roles, and making itself so ubiquitous and
| irreplaceable, makes me feel that I no longer have any
| control or understanding of my system, bugs or misfeatures
| just become things you live with, or you riddle yourself
| with arcane workarounds. Portability suffers, monoculture
| takes root.
|
| I've lost faith in "mainstream" Linux distros. I use macOS
| and OpenBSD for workstations, and Alpine where I need e.g.
| Docker. It must either be simple enough to understand, or
| provide enough utility/convenience that the lack of
| (practical) source access is compensated. systemd fits
| neither category.
| candiddevmike wrote:
| Yes, systemd has a ton of surface area and options. Yes,
| the man pages are long. No, you don't need to read them--
| the beauty of systemd is you control how much of the
| complexity you use. Unit files can be 10 lines or 30.
| Most of the extra options are for security and hardening,
| when you need them you'll be glad they're easy to turn
| on. For the other components, I think have a stable,
| familiar, and consistent set of core services (boot, ntp,
| logging, networking) is glorious
| robertwt7 wrote:
| For all framework laptop owners, I'm considering to buy this for
| myself this christmas. My previous laptop I owned are mostly MBP,
| laptop from work is mbp, and my own gaming PC.
|
| 1 of the reason why I like MBP is the sturdiness and build
| quality, but i'm ready to go on diy stuff and leave apple for my
| next laptop. I was watching Dave2D video but when I saw the
| spring of the hinge when opening the laptop and the flex on the
| screen, it kind a scares me. How does it go for all of you? How's
| the build quality? also how's the touchpad compared to mbp?
|
| I don't want to own a laptop where opening the screen with 1 hand
| feels like it's going to break it. Kind a feels like dell
| inspiron all over again
| cephalization wrote:
| It definitely does not support 1 hand lid operation. Despite
| the quality not being as high as a macbook pro (I've owned
| several for comparison) it absolutely does not feel cheap.
|
| In cases where you may damage the device, part of the beauty is
| that all of the parts are sold by Framework and come with
| replacement guides and any tools you may need (usually just the
| included screwdriver).
| data-cat wrote:
| I had similar concerns before getting mine. The build quality
| is definitely not as high end as a mbp but it's acceptable. I'm
| happy with it although I do hope they make future versions more
| sturdy.
|
| The track pad is basically the same story. No real complaints
| but it could be better.
| jeppesen-io wrote:
| tangential; are there plans for `fwupd` support for Framework? I
| love my LG Gram 17" but `fwupd` support might make me consider
| Framework
| nrp wrote:
| Yep, we are setting it up now for an upcoming firmware update!
| drusepth wrote:
| Anyone know if they're planning on having a keyboard available
| that uses full-size up/down keys? (Or, if framework laptops are
| built such that you could easily swap out the keyboard in the
| future if they do?)
|
| This looks super interesting for a long-term laptop, but small
| arrow keys bring me so much day-to-day anguish I wouldn't want to
| suffer through them long-term.
| rjeli wrote:
| Nice. Framework is super exciting, but I hope they release more
| cad files for the laptop so third parties can make e.g. keyboards
| and motherboards. Would be a bummer if their business model is
| lock-in on everything but the expansion cards.
|
| I'd love to put an underpowered qcom or nxp arm64 chip in and get
| insane battery life, but that doesn't seem likely for a while
| since it needs 4x usb4 :/. Even the Xavier nx SoM only has 1x4
| lane pcie..
| lunixbochs wrote:
| Seems to me like you could power some of the ports with a
| hub/switch if you're willing to restrict which ports accept
| advanced peripherals. You could even use a PCIe switch to get
| more Thunderbolt.
| buildbot wrote:
| Yeah the trick would be thunderbolt more than anything, USB-C
| out to all four ports would be easy enough with a hub?
| rjeli wrote:
| yeah, it just feels rude to bifurcate the ecosystem and
| confuse everyone about the amount of i/o available
| claytonjy wrote:
| As a framework owner, this is nice to see. I have yet to take the
| plunge on Nix (been happy with PopOS on mine), and wouldn't
| without Bluetooth support, but it's good to know it's possible
| and relatively painless.
|
| I'm hoping to start with nix+home-manager at some point, maybe on
| top of PopOS; anyone have experience with that setup?
| jeppesen-io wrote:
| Not exactly the same but my journey started with nix home-
| manager on MacOS. Spent time getting it working how I wanted. I
| enjoyed it so much I replaced my Mac with nixos soon after
|
| MacOS has second tier support to Linux. I'm sure PopOS will
| work well
|
| https://github.com/NelsonJeppesen/nix-lifestyle/tree/main/ni...
| ptaken wrote:
| Nix + home-manager is how I started on arch. After moving about
| 80% of my Pacman-installed packages over to nix-configured
| packages bit by bit over weeks and after that all of my
| dotfiles I plunged into nixos. Transition was super smooth, can
| only recommend!
| orf wrote:
| > Mozilla requires LUKS full-disk encryption, and having it setup
| conflicted with NVidia's proprietary driver
|
| I've seen this warning in the Ubuntu docs. Can someone explain
| exactly why a GPU driver would cause issues with disk encryption
| and UEFI boot?
| remexre wrote:
| I conjecture the securely booted kernel won't load unsigned
| modules, and out-of-tree drivers don't get signed when the
| kernel and its modules do.
| heavyset_go wrote:
| You can work around this[1].
|
| [1] https://askubuntu.com/questions/1023036/how-to-install-
| nvidi...
| LeoPanthera wrote:
| It works fine if /boot is unencrypted. You can encrypt the rest
| of / and it's fine.
| xvector wrote:
| Doesn't running /boot without encryption open up a class of
| attacks?
| ris wrote:
| That class of attacks exists anyway unless you're using
| trusted boot. After all, your MBR isn't encrypted is it?
| LeoPanthera wrote:
| I suppose it's possible to imagine replacing grub with
| something that captures your password. It depends what your
| threat model is. I think you'd need physical access, at
| least.
| jeppesen-io wrote:
| Certainly. Security is always a balancing act. My primary
| concern is laptop being taken when traveling by Air or
| stolen. Encrypted root covers that, even with boot un-
| encrypted
|
| Unencrypted boot leaves me vulnerable to a malicious actor
| taking my laptop, modifing grub and/or linux kernel to send
| and/or store my password to unlock the boot volume and then
| handing my laptop back and me typing in my un-lock password
|
| Possible, but I view that threat as low
| est31 wrote:
| Yeah, when someone has temporary physical access to your
| hardware you have lost anyways. They could perform
| hardware alterations and e.g. install hardware keyloggers
| into the device, etc.
| jeppesen-io wrote:
| Ditto running encrypted root without any issue
| mixmastamyk wrote:
| And what does Mozilla have to do with it?
| teraflop wrote:
| Mozilla the organization, not Mozilla the browser. It's
| common for companies to require their employees to use full-
| disk encryption on all devices that store company data.
| SkyMarshal wrote:
| _> I only wish the up /down arrow buttons were normal size, like
| on Thinkpads._
|
| Funny, I much prefer a full-size Right-Shift key, which usually
| requires compact up/down arrow keys. I hate typing on keyboards
| with tiny, stunted little right-shift keys. I use Right-Shift
| much more than the arrow keys.
| hexo wrote:
| My right shift key on thinkpad is full size and i've got full
| size up/down arrow buttons too (on a 12.5 inch laptop). So it
| definitely is doable and there is no need for tradeoffs.
| hexo wrote:
| I don't get whats up with that "deep sleep", like there was S3
| suspend for ages - did anything happen to it? Why can't you just
| suspend it and call it a day?
| pxeb00t wrote:
| Newer Intel CPUs don't support S3 anymore. They now use
| something called S0ix which is apparently much more power
| hungry.
| hexo wrote:
| Removing the main and most important feature on a laptop is
| surely a good-move.
|
| What about AMD?
| flatiron wrote:
| That's because it is more like a cellphone sleep. Keeps the
| wifi on. Can get push messages etc.
| mehmetoguzderin wrote:
| This setup sounds like a near-dream with that 3:2 display. The
| aspect ratio is one of my main drivers to use iPad 12.9 for doing
| things. But of course, it is always a double-edged sword with how
| well the split-screen looks with various apps on crammed display,
| etc., which makes this setup extra interesting because the
| freedom to adjust through software is much more here.
| yellow_lead wrote:
| > Apparently, KDE Plasma5 does the scaling right. Setting it to
| 150% gives pleasuring look. Overall, I find KDE's approach with a
| taskbar much more reasonable than what Gnome forces on me. It's
| the paradigm shift from "tell me what you need" (modern Gnome,
| also Google) to "show me what you have" (KDE and others
| application menu, also your file manager).
|
| I like this aside and I noticed the same when I tried to use
| Gnome a couple of years ago. I asked a coworker what he
| recommended, he showed me KDE and I've never looked back. The
| scaling was great too when I needed it for my MBP's retina
| display.
| temptemptemp111 wrote:
| So you can repair the laptop yourself, and you can also repair
| your packages yourself (cuz you'll need to)!
| hyperstar wrote:
| is it possible to install coreboot or libreboot on this thing?
| does it have something equivalent to the intel management engine?
| rnhmjoj wrote:
| No, they're using a proprietary BIOS and firmware for the
| embedded controller. The hardware is all Intel and of course it
| has a management engine[1], even all the nasty vPro "features".
|
| From the software freedom point of view it's very much a no go,
| although they are apparently going to release the firmware
| sources and looking into coreboot[2].
|
| [1]: https://community.frame.work/t/does-intel-chip-have-
| intels-m...
|
| [2]: https://community.frame.work/t/free-the-ec-and-coreboot-
| only...
| nrp wrote:
| This is a good spot to mention that we're hiring a Firmware
| Engineer, and we'd love to bring someone on who has coreboot
| experience: https://jobs.lever.co/framework/af82bd1b-7ebd-46d
| a-8ae4-7dab...
| spamizbad wrote:
| Currently using my Framework laptop with Arch Linux. Was able to
| get everything working, including Bluetooth. Even got the battery
| life tamed. So far, my favorite laptop since the Thinkpad T42 I
| had back in the day (other laptops I've owned: 2013 MB Air, Dell
| XPS 15 9550, and a 2018 MBP)
| m0ngr31 wrote:
| What's the secret on battery life?
___________________________________________________________________
(page generated 2021-10-17 23:00 UTC)