5 files changed, 242 insertions, 0 deletions

diff --git a/flake.lock b/flake.lock
index 1a943e0..bd4e2d5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -239,6 +239,22 @@
         "type": "github"
       }
     },
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1750431636,
+        "narHash": "sha256-vnzzBDbCGvInmfn2ijC4HsIY/3W1CWbwS/YQoFgdgPg=",
+        "owner": "NixOS",
+        "repo": "nixos-hardware",
+        "rev": "1552a9f4513f3f0ceedcf90320e48d3d47165712",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "master",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1749794982,
@@ -260,6 +276,7 @@
         "home-manager": "home-manager",
         "neovim-nightly": "neovim-nightly",
         "nixgl": "nixgl",
+        "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs"
       }
     },
diff --git a/flake.nix b/flake.nix
index aefe6e2..f69f68b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -16,6 +16,10 @@
       url = "github:nix-community/neovim-nightly-overlay";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    nixos-hardware = {
+      url = "github:NixOS/nixos-hardware/master";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   outputs = 
@@ -25,6 +29,7 @@
       home-manager, 
       nixgl,
       neovim-nightly,
+      nixos-hardware,
       ... 
     }:
     let
@@ -60,6 +65,25 @@
             }
           ];
         };
+        fw = nixpkgs.lib.nixosSystem {
+          inherit system;
+          specialArgs = { inherit inputs; };
+          modules = [
+            nixos-hardware.nixosModules.framework-13-7040-amd
+            ./fw/configuration.nix
+            home-manager.nixosModules.home-manager
+            {
+							home-manager = {
+								users.stefan = import ./fw/home.nix;
+								useGlobalPkgs = true;
+								useUserPackages = true;
+								extraSpecialArgs = {
+									inherit system inputs pkgs;
+								};
+							};
+            }
+          ];
+        };
       };
       homeConfigurations = {
         inherit inputs system pkgs;
diff --git a/fw/configuration.nix b/fw/configuration.nix
new file mode 100644
index 0000000..9c14d37
--- /dev/null
+++ b/fw/configuration.nix
@@ -0,0 +1,91 @@
+{ config, lib, pkgs, ... }:
+{
+  imports =
+    [
+      ../nixos
+      ./hardware-configuration.nix
+    ];
+
+  config.nixos = {
+    username = "stefan";
+    hostname = "fw";
+  };
+
+  config = {
+    nix.settings.experimental-features = [ "nix-command" "flakes" ];
+    services.openssh.enable = true;
+
+    programs.light.enable = true;
+    services.xserver = {
+      enable = true;
+      displayManager.gdm.enable = true;
+      desktopManager.gnome.enable = true;
+    };
+
+    services.kmonad = {
+      enable = false;
+      keyboards = {
+        internal = {
+          device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd";
+          defcfg.enable = true;
+          config = builtins.readFile ../kmonad/miryoku.kbd;
+        };
+      };
+    };
+
+    users.users."stefan".extraGroups = [ "input" "uinput" "video" ]; # TODO: remove
+
+    environment.gnome.excludePackages = with pkgs; [
+      gnome-photos
+      geary
+      gnome-tour
+      cheese
+      gnome-music
+      gedit
+      epiphany
+      gnome-characters
+      tali
+      iagno
+      hitori
+      atomix
+      yelp
+      gnome-contacts
+      gnome-initial-setup
+    ];
+    programs.dconf.enable = true;
+
+    # Configure network proxy if necessary
+    # networking.proxy.default = "http://user:password@proxy:port/";
+    # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+    # Set your time zone.
+    time.timeZone = "America/New_York";
+
+    console.useXkbConfig = true;
+
+    # Enable automatic login for the user.
+    # services.getty.autologinUser = "stefan";
+    
+    # services.interception-tools = {
+      # enable = true;
+      # plugins = [ pkgs.interception ]
+      # udevmonConfig = ''
+      #    - JOB: "${pkgs.interception-tools}/bin/intercept -g $DEVNODE | ${pkgs.interception-tools-plugins.caps2esc}/bin/caps2esc | ${pkgs.interception-tools}/bin/uinput -d $DEVNODE"
+      #      DEVICE:
+      #        EVENTS:
+      #          EV_KEY: [KEY_CAPSLOCK, KEY_ESC]
+      # '';
+    # };
+    services.fwupd.enable = true;
+    systemd.services.fprintd = {
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig.Type = "simple";
+    };
+    services.fprintd.enable = true;
+    services.fprintd.tod.enable = true;
+    services.fprintd.tod.driver = pkgs.libfprint-2-tod1-goodix;
+    boot.initrd.systemd.enable = true;
+    environment.systemPackages = [ pkgs.tpm2-tss ];
+    system.stateVersion = "25.05";
+  };
+}
diff --git a/fw/hardware-configuration.nix b/fw/hardware-configuration.nix
new file mode 100644
index 0000000..3d723db
--- /dev/null
+++ b/fw/hardware-configuration.nix
@@ -0,0 +1,42 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/fbc7b13a-334d-4049-bde3-7c7d4dd36bef";
+      fsType = "ext4";
+    };
+
+  boot.initrd.luks.devices."luks-76360bfd-a645-4066-bfbe-3c7436497b11".device = "/dev/disk/by-uuid/76360bfd-a645-4066-bfbe-3c7436497b11";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/2EDA-D947";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/05b9cfcd-b396-4165-86dd-deacea6ecb28"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/fw/home.nix b/fw/home.nix
new file mode 100644
index 0000000..99acdde
--- /dev/null
+++ b/fw/home.nix
@@ -0,0 +1,68 @@
+{ inputs, config, lib, pkgs, ... }:
+{
+  imports = [
+    ../modules/global.nix
+    ../modules
+  ];
+
+  config = {
+    home.pointerCursor = {
+      package = pkgs.adwaita-icon-theme;
+      name = "Adwaita";
+      size = 24;
+      x11 = {
+        enable = true;
+        defaultCursor = "Adwaita";
+      };
+    };
+  };
+  config.modules = {
+    global = {
+      wayland = true;
+  
+      extraPackages = with pkgs; [
+        wmenu
+        cmatrix
+        wayneko
+        pfetch
+        nicotine-plus
+        mpc
+      ];
+    };
+
+    colors.mountain.enable = true;
+    # colors.tomorrow.enable = true;
+    gpg.enable = true;
+
+    pass = {
+      enable = true;
+      key = "B5200ABFBD213FC9C17C6DB91291CBBCF3B9F225";
+    };
+
+    foot.enable = true;
+
+    neovim = {
+      enable = true;
+    };
+
+    sway = {
+      enable = true;
+      terminal = "foot";
+    };
+
+    i3status = {
+      enable = true;
+      wireless = true;
+      battery = true;
+    };
+
+    qutebrowser = {
+      enable = true;
+    };
+
+    mako.enable = true;
+    neovide.enable = true;
+    zsh.enable = true;
+    tofi.enable = true;
+  };
+}