Hacker News new | past | comments | ask | show | jobs | submit login
NixOS on Framework Laptop (kvark.github.io)
358 points by kvark 9 months ago | hide | past | favorite | 245 comments



Currently using my Framework laptop with Arch Linux. Was able to get everything working, including Bluetooth. Even got the battery life tamed. So far, my favorite laptop since the Thinkpad T42 I had back in the day (other laptops I’ve owned: 2013 MB Air, Dell XPS 15 9550, and a 2018 MBP)


I had a 1600x1200 T42p and loved that thing to death too. My fav laptop ever though was the original 15" MacBook Retina from 2012. I pre-ordered mine the hour it came available, as I had been waiting years for a good IPS HiDPI laptop. I had never even owned a Mac before that. Mine was one of the first off the line where the display had a temporary-burn-in (very long ghosting for any pixels that are fixed for more than 30 secs or so) issue. I got that replaced no-hassles under warranty a couple of months in.

My eyes were good enough then that I was running it at native 2880x1800 resolution (no HiDPI business), and I was finally happy with the resolution I could get while mobile (I had been using a 30" 2560x1600 as my workstation monitor for a couple of years at that point, and this was an upgrade over even that!)

These days I use a 55" 4K OLED and a 32" 6K Pro Display XDR as my workstation monitors. For anyone considering this, I'd say wait for the 40" 4K OLEDs to come out (or wall mount the 55" and set your desk half a meter or so away from the wall). I sit just a little more than arm's length away from mine, and that's great for immersive flight simulator experience, but not so great for normal daily desktop use. (I'm keeping mine on my desk so I can keep using it along with powered sit-stand.)

As for why it's not so great; it's mostly a resolution issue. 4K isn't enough these days, and isn't high enough DPI for the amount of my field of view it takes up at this distance. I would also be quite happy with an 8K OLED that's, say, 55" or 65"... but only when I can also get one that drives at 120FPS, so that will be a bit of a wait.


Just a few more thoughts on setting up a high-megapixels workstation:

My ideal would probably be something similar to what Linus has set up. He uses long cables from a nearby closet, so even when the workstation fans are blasting he doesn't hear it. For now, I use 2 and 3 meter cables plugged into a mid tower sitting on the far side of my desk on the floor.

For why I'm not doing the workstation-in-another-room approach: The 4K@120fps HDR OLED relies on HDMI 2.0 cables, which are only recently available at 3 meter lengths. Linus is using a not-commercially-available prototype optical HDMI repeater to get longer cabling.

For normal use the system is near-silent and at full blast it's below the noise floor with a headset playing something at a reasonably low volume (and not distractingly loud even if I just have the headset on with nothing playing).


There are commercially available cables that do HDMI (and DisplayPort, etc) over fiber. I've seen these from PremiumCord and also some Chinese ones on Amazon.

https://www.amazon.de/s?k=premiumcord+hdmi+2.1+kabel


Thanks! It had been a while since I looked for them. Glad to see they've made it to market now.


Oh yeah, and I'm running the Pro Display XDR through a USB-C 3.1 Gen 2 (10Gbps) cable. Plugging that into the VirtualLink port on an Nvidia RTX 20xx card is the easiest way to get the native 6K @ 60hz with 10bpc on Windows. These days you can get these cables at lengths up to 3 meters, which is nice. There's also this weird VR headset cable which works a treat if you need something longer or have a graphics card without the VirtualLink port: https://www.aliexpress.com/item/4001290509128.html

You need to use Brigadier to download the Boot Camp drivers to get the display brightness controls widget. Unfortunately, there isn't an option for Linux.


How’s the trackpad? How does it compare to a MacBook? I can’t find a non apple laptop that comes even close in terms of high sensitivity, yet amazing palm typing reject, and multi finger gestures that work in almost every context.


To me, Macbooks have the worst trackpad 'feel' so hopefully it's nothing like that.


You're definitely in the minority, macbook trackpads are widely accepted as the best ones currently out there.

Some good discussion on this:

https://news.ycombinator.com/item?id=19485178


Widely accepted by who? Mac users? It's nothing more than what you're used to.


I suppose one can certainly adapt to mostly any sort of input device given enough time, but that does not mean that they're done well. Most people that have used trackpads in windows/linux land prior to the last 8 years or so could easily tell you how horrendous they were (and some still are). A lot of this comes down to software, of course. Microsoft's precision touchpad drivers were a game changer for Windows devices and made them at least comparable to the mac. Mac's trackpads are well thought out with its sensitivity and acceleration curves and the more recent 2015+ trackpads have been large and very pleasant to use without need to adjust. In contrast, the acceleration curves and scroll speeds in linux and windows require quit a bit of tweaking. Again, subjective, but the reason why most people that try a mac trackpad (with MacOS) find it to be a better experience is because they really nailed the default settings to be comfortable for most.


You're speaking for an awful lot of people. Maybe HN skews towards Apple fans and therefore might just possibly have a few extra upvotes for Apples defaults?


There's not been a study on it as far as I know (maybe there's some polls online, though?), if that's what you're hoping for. Obviously it's going to be largely anecdotal but it's not exactly just Apple bias. It's notable because the remarks about the trackpad often come from non-mac users who painfully concede that the trackpad experience on MacOS is better. One example I can think of is Linus from Linus Tech Tips always using a mac trackpad as the gold standard to compare against in his laptop reviews.


Yes, its anecdotal. That's my point.


There's also this dude who has spent 2 years trying to get a mac touchpad experience on linux

https://bill.harding.blog/2020/04/26/linux-touchpad-like-a-m...

https://bill.harding.blog/2019/03/25/linux-touchpad-like-a-m...


Every, and I mean every, review I have watched has rated the trackpad as the best in the business.


I don't know if this is what GP meant, but I've tried a few co-workers' macbooks, and it's nothing driver related: The touchpad itself has this staticky feel that makes me never want to touch it again. Haven't felt that on any other touchpad before or since.


I have experienced this as well. I think this has to do with it being plugged in but NOT grounded. If you use the extender cable that has a 3 prong on it that goes away. Or just try it on battery. I also do not love that feeling, but love the trackpad.


I imagine the part you don't like must be the acceleration curve, which is generally adjustable on Linux


The acceleration curve and default scroll speed are pretty horrendous in linux in my experience. The advantage of course is I can just add a command to my init file to adjust it but the scrolling speed isn't exposed in the settings apps of any of the major DEs as far as I know.


Yeah. NixOS has facilities for adjusting those acceleration curves and scroll speed in a universal/pre-DE way, as well.

My preference is to disable acceleration in favor of very high sensitivity for physical mice, to disable small touchpads (like on old Windows laptops) and retain a substantial but smooth acceleration curve for large touchpads (like on a Mac).

I think the DEs often let you adjust how many lines a single scroll increment scrolls by, but not the size of movement that triggers a scroll increment on the touchpad. I think depending on your touchpad driver (evdev is usually more flexible than, say, synaptics) and maybe your choice of display server (Wayland vs. Xorg), you can adjust the other aspect of touchpad scrolling.


Wow! That's actually the first time I've ever heard this opinion


Yeah, not a lot of marketing money behind not liking Apple things, or anyone's things, for that matter.


Just accept that others have a different opinion to you. No need to come up with some conspiracy about why we're not a homogenous blob.


How does pointing out how marketing works warrant being dismissive with 'conspiracy' labels?

Marketing teams actively distort are public opinion.

Your comment is remarkably dismissive IMO.


> Your comment is remarkably dismissive IMO.

You'll survive


I believe my point is precisely that we aren't homogeneous and that perhaps your perspective isn't quite as ubiquitous as you think.


Are you sure that's your point? It's a bit strange how you "believe" that it is your point. Surely you should know it for sure?


What's the secret on battery life?


The archwiki has a ton of interesting content on optimizing battery life on linux-

https://wiki.archlinux.org/title/TLP https://wiki.archlinux.org/title/Laptop https://wiki.archlinux.org/title/Power_management

Even if you're not running arch, the archwiki is an amazing source of information


Yep, those are the guides I loosely followed.


One thing that helps a lot is mimicking macOS' suspend-then-hibernate behavior


What are your thoughts on the 9550? Personally I think it is the worst laptop I have ever used. The battery life was abyssmal, the graphics card constantly had issues. At one point plugging anything into the USB-C port caused sparking..

The worst bit was how loud the fan used to run.. if it had spun any faster you'd think it would start hovering.


My experience mirrors yours. Its current duty is playing videos and music for my exercise bike but boy was I happy to rid myself of it as a daily driver. Too bad, because Linux worked great on it for me.


Framework + NixOS is the most exciting hardware + OS going IMHO. If someone wants to do a crowdfunding or devpay or similar to make them work out of the box together, I will gladly donate or pay.


It's not what you're asking but I wonder if NixOS's hardware repo could expand to support Framework with some good defaults

That being said, I think there could be a good use case for "meta" NixOS distributions. I'm working on such a thing for a NixOS based RetroArch type thing. But could see a PopOS like configuration, focused on on an “out the box experience”

https://github.com/NixOS/nixos-hardware


Yes.

Anyone with the hardware is welcome to contribute to nixos-hardware!

Even "no-op empty configs" are good imo as they show "there's no magic sauce needed".


good to know; didn't think about "empty" configs


https://github.com/NixOS/nixos-hardware/issues/323

Created an issue for this for anyone interested!


Possibly of interest: SimulaVR (www.simulavr.com) is about to release a crowdfunding campaign for a portable Linux VR headset which will run NixOS stock under the hood (basically NixOS + Simula's window manager).


I don't really see them as exciting when they are still Intel only. As far as I am aware you can't upgrade the CPU, much less upgrade it to AMD.

I plan on keeping my M1 for a 2-3 more years, then we will have to see what Framework has come up with then.

I like them a lot in principle (peripherals that can be switched to what I need? Yes please. Upgradable RAM? thanks), but I also won't compromise on battery time, performance or "linux works outside the box". Battery time could have been an easy fix if they had made it so I could switch the battery without taking the laptop apart.


Replace NixOS with Guix and I agree!


I'd love to see Guix with SystemD, but there's no work going in that direction that I am aware of. While I appreciate the work on [GNU Shepherd](https://www.gnu.org/software/shepherd/manual/shepherd.html), especially their documentation quality and the use of scheme instead of the rather obscure nix language, learning yet another init system on top of a new distro while systemd seemingly has won most of the market makes NixOS more attractive. At least to me


Even if Guix were to switch to systemd (it won't), end users would primarily be interacting with services through the same high-level APIs as now.

https://guix.gnu.org/manual/devel/en/guix.html#Services

That is, the only difference in practice would be replacing 'herd' with 'systemctl' when stopping and starting services manually. Anything else, such as modifying a service, has to go through the configuration system.

Similarly, for service authors, whether the API you design ends up creating a systemd unit file or shepherd service object is an implementation detail and would be mostly transparent.


    import framework.nix {}


The post itself shows that it is non-trivial to even boot this hardware with Nix.


yes I know - I am implying a future where they Just Work and we do the hard work of building needed abstractions

my code is possible if people want it :) the real value of NixOS is hardware and OS config can be turned into libraries!


The only issues were needing to disable secure boot (which is usually a required step on laptops preinstalled with Windows anyways), and using a recent Linux kernel that has the required WiFi driver. Which the tutorial linked in the post mentions.

And then Linux in general is notorious for having issues with USB WiFi adapters. More info on that can be found here https://github.com/morrownr/USB-WiFi


+1


Can you do NixOS without systemd? If not, I'd look elsewhere for the distro. Maybe Guix?


Just take the time to learn systemd. Once you do, like nix, it saves so much time


systemd is so complex, I've come to a conclusion, that it no longer fits my definition of free software.

We allow runaway complexity to obscure the inner workings of an important software package, to the point, where having source access no longer makes a practical difference to a "casual" power-user or even a software engineer. I can source-dive runit, s6, OpenBSD's rc, or OpenRC and within a weekend, have a pretty OK understanding, fix a bug, or add a feature. Having software as complex as systemd taking so many roles, and making itself so ubiquitous and irreplaceable, makes me feel that I no longer have any control or understanding of my system, bugs or misfeatures just become things you live with, or you riddle yourself with arcane workarounds. Portability suffers, monoculture takes root.

I've lost faith in "mainstream" Linux distros. I use macOS and OpenBSD for workstations, and Alpine where I need e.g. Docker. It must either be simple enough to understand, or provide enough utility/convenience that the lack of (practical) source access is compensated. systemd fits neither category.


Have you actually tried to dive into the part you're interested in? Where did you find the complexity? I've done it a few times for different components and found them pretty well separated and the source pretty straightforward. I have other issues with them, but complexity/obscurity of the is was not one of them.


Looking at using systemd to just run a binary automatically on boot (which some smart person on HN told me was the easiest way). Just looking at the systemd landing page overwhelms me.

Boot Loader Interface, Discoverable Partitions Specification, etc.

I’m sure the implementation details are very interesting.

But where is the “Configure and Start a Service” option? Which is arguably the most important.


The man pages are the reference manual. You might want to search for "systemd service tutorial" or something like that, there's a lot of blogs that explain how to make a simple service.


Their frontpage sucks, but that's not related to the code really :)

For a quick intro to new services, see the examples here: https://www.freedesktop.org/software/systemd/man/systemd.ser... (they should cover most basic needs) then read above for the details on the parameters. You stick the file in /etc/systemd/system/your_thing.service and enable/start it.


I'm not sure why this comment was downvoted. I've read all the systemd documentation and this comment is spot on. System is lacking good documentation along the lines of "the least you need to know to setup and manage a service".

No, it's not as easy as "man systemd.service".

What's probably most useful in that documentation is the "hello world" example, which is buried at the bottom of the documentation. Also, key details are elsewhere, in "man systemd.exec" and "man systemd.unit".

The systemd docs a great comprehensive reference, but the man pages are poor introductory documentation.

Some useful tips that are hard to find:

  * man systemd.directives documents every directory and will tell you which man page as the full documentation for it.
  * man systemd.index lists every man page related to systemd.


Yes, systemd has a ton of surface area and options. Yes, the man pages are long. No, you don't need to read them--the beauty of systemd is you control how much of the complexity you use. Unit files can be 10 lines or 30. Most of the extra options are for security and hardening, when you need them you'll be glad they're easy to turn on. For the other components, I think have a stable, familiar, and consistent set of core services (boot, ntp, logging, networking) is glorious


That's an interesting line to draw! Do you think this also extends to stuff like firefox or java vm, or are you only focusing on "system" software with that analysis?


The key is how necessary the complexity is. The existence of simpler alternatives to systemd (that work just as well to run a system with) prove that its complexity is unnecessary. For things like Web browsers, the complexity is necessary, for better or worse.


I'm trying to balance between idealism and pragmatism. Source access is pragmatic only in a situation where you feel confident to dive it. I admire projects like suckless, Alpine, or Netsurf, because they prove this kind of balance can be maintained. But I'm still posting this from Safari ;)


Good parts of SystemD are good, bad parts are bad. SystemD is easy to use when it fits your needs, but pain to use otherwise.

For example, `systemd-analyze` is a good tool for boot performance analysis, so + for systemd, but if I want/need to use perf for boot performance analysis, then systemd stands in my way, while for initd it's just yet another boot mode.


What's the limitation stopping you from using perf in the same way as you would before? I've never had the need to try to do that.


Responding to "I don't like this" with "just learn it" is effectively saying "anyone who disagrees with me that this thing is awesome only does so because they know less than me." I'm very familiar with systemd, and I make use of its features on systems I can't avoid it on, but I still hate it.


Can you recommend any links or literature to learn more about systemd, beyond the basics?


Yeah no point in fighting it. It’s the standard. Learn to love SystemD.


NixOS is based on systemd. But it also seems like NixOS would be a great foundation to use something besides systemd. It would take some work of course, but it feels like you'd be mostly working with the OS rather than fighting it.

However having used it, NixOS seems like it mitigates the worst aspects of systemd. It gets rid of that that /etc/systemd /lib/systemd symlink "cleverness" for overriding/enabling units. Being functional makes it so that when systemd mysteriously breaks - for example if there is a loop in dependencies - it's easy to track down the change that caused it. And rather than splaying the config out in a bunch of random "unit" files, it's all contained in the nix config. About the worst thing I can say is that defining your own service is a bit more obtuse that it needs to be, with the arbitrary terms of the systemd unit format carrying over into the Nix config.


The symlinking is one of the things systemd actually gets right on traditional distros. The files in /usr/lib are immutable data files shipped by the packages that you're not supposed to edit. The symlinks to them in /etc are configuration that you can change.


I get the rationale. it just makes for one more layer of indirection that you have to overcome when trying to figure out what the configuration actually looks like.


Well I think you are supposed to just use systemctl to see what the configuration looks like.


Why would you do this manually? You also have to remember to check multiple configuration paths (e.g. override units), all of which can have an additional `.d` include directory. This is the price you pay for the flexibility systemd provides (and I argue it's much better than random System V-style shell scripts that can include anything at all, maybe even some remote scripts piped from curl to sh if developers was mad enough).

Just use `systemctl cat`, it prints the whole effective configuration.


Does `systemctl cat` also work for creating/editing units? If I've got to navigate files and directories configure the thing, then I am going to default to reading the configuration the same way. Having to find out these random commands to view simple things about its own internal model is one of the the worst parts of systemd.

I'm no fan of SysV init either, and I appreciate the advancements that systemd does bring to the table. But it is hard to shake the feeling of it having done the system software equivalent of sucking in a bunch of bloated javascript frameworks. Sure they made life easier for the developer, but everyone else has to live with the mess.

For enabling/sequencing, I'd say the preferable way would be to have a top level config file that pulls in the specified units explicitly rather than stitching together units based on their internal contents (akin to persistent structure rather than mutable cells). Juxtaposition is the most syntactically powerful operator and prevents loops intrinsically. Whereas by splaying dependencies in unit files, if you make one errant backreference the system is likely to not boot at all. I'm sure there's another clever command to check for that, but shrug.


> Does `systemctl cat` also work for creating/editing units?

No, for that you would use `systemctl edit UNIT...` to create or edit a drop-in file, e.g. to add local overrides for an existing service, or `systemctl edit --full UNIT...` to open a copy of the existing unit file for editing which will replace the packaged version. Add `--force` to create a new unit file for a service which doesn't already exist.


I'm not surprised there is functionality like this, but I do question the value in learning it. After you've given up on the filesystem, you've got to figure out how to eg automate it. Some things you're forced to (virsh, crontab, etc), but that's not a selling point.

I've been doing fine on Debian dropping files in /etc/systemd, with a possible hook to `systemctl enable`. A rudimentary ad-hoc object system with overrides etc for every program is like the exact opposite of what I want when doing sysadmin. I think NixOS's approach does a good job of coping with systemd, in that it bundles all that complexity up in a way so it doesn't propagate, despite still having to look up what the Wants/Needs/Likes/Prayers/Requires/Binds designations mean every time I touch the config.


> I've been doing fine on Debian dropping files in /etc/systemd, with a possible hook to `systemctl enable`.

Don't forget `systemctl daemon-reload` to update the in-memory state when the unit files change. The `edit` command takes care of that for you. It also provides a template for the override files (when not using `--full`) which shows the current settings.

You are free to just drop files in /etc/systemd, of course. This is a fully-supported workflow. The `edit` command is only there for the convenience of the system administrator.

> A rudimentary ad-hoc object system with overrides etc for every program is like the exact opposite of what I want when doing sysadmin.

Are we talking about systemd, or NixOS? Their approaches to configuration really aren't all that different in this regard but you still seem to prefer one over the other. Or is the problem perhaps that you have two different programs trying to manage the configuration?

Personally, from the POV of distributions other than NixOS, I think the systemd approach is far superior to alternatives without overrides, where the only choice is to clone & modify the vendor-provided scripts. With overrides you can fine-tune the parts that matter for your environment without taking over the maintenance of the entire script (or unit file). For example, it's more likely to keep working after an upgrade.


I was talking about systemd. It's each program having its own bespoke template/include/.d/override system that is the problem. Whereas NixOS is intended to be used for every program.

Personally I'd rather clone and modify a full config file rather than only overriding portions. Once I own it, I want to keep owning it - it's more straightforward to track down a problem due to my own assumptions being invalidated, than due to a distribution's assumptions being invalidated. And it's much nicer to read one file for the settings, than having to jump between a few different ones and know the overriding rules (referring to configuration in general here, not just systemd which provides the tools to work with them).

Good point about the daemon-reload. I actually don't have many custom systemd unit files, and they generally don't change. But to be fully correct and not require manual intervention or a full reboot I do need to include that step (although I'm moving away from Debian towards NixOS so shrug).


It is indeed possible, in fact a Nix-based project to generate and manage init/OS-agnostic services was shown last year at NixCon: https://github.com/svanderburg/nix-processmgmt


Not yet AFAICT. I've been following the nix-processmgmt[1] project, which looks it could make NixOS independent of the init system.

[1]: https://github.com/svanderburg/nix-processmgmt


This is great, thank you. I was gonna start on something like this myself, glad i did not duplicate effort with it yet.


I haven't bothered to have a beef with systemd, but some of us have discussed https://github.com/InitWare/InitWare to support non-Linux kernels. That would be really fun.


I doubt GuixSD would work on most modern hardware considering it uses the Linux-libre kernel. Using the Guix package manager itself sounds useful though.


Guix System works fine on modern hardware. I've been using it on new servers for the build farm at ci.guix.gnu.org and on laptops. Linux-libre has not been a problem.

The biggest recurring issue is with graphic cards that have poor support in Linux and require firmware blobs and with WiFi cards that have no free drivers / firmware.

It is trivial to use vanilla Linux with these machines as Guix System lets you use any other package for the `kernel` field in the configuration. The "nonguix" channel (hosted on Github) provides packages for vanilla Linux ("linux") in various versions, and also includes firmware packages that you can use in your config file.

If that's the only thing keeping you from using Guix System then I'm happy to say that it's a hurdle that is very easy to overcome.


> The biggest recurring issue is with graphic cards that have poor support in Linux and require firmware blobs and with WiFi cards that have no free drivers / firmware.

Intel, AMD, and Nvidia GPUS - all of them need firmware blobs to work as expected. Intel and AMD offer free drivers but not free firmware.

And if you want to WiFi 5 (ac) or WiFi 6 (ax), chances are that you'll need non-free drivers/firmware as well.

> The "nonguix" channel (hosted on Github) provides packages for vanilla Linux ("linux") in various versions, and also includes firmware packages that you can use in your config file.

Ah, that's good to know.

I'll probably give the Guix package manager a shot some day.


What would you prefer to have in Nix instead of systemd?


I've been running Upstart (well, a fork I maintain) for over 2 years on my laptops and SBC. I'd like to use that. TBH I think NixOS might make it easier than other distros to run a custom init. I just haven't gotten around to importing my configs into a nix derivation.


If you have a parser for systemd unit files then you might have a chance to get that to work.

If the whole reason you're doing it is to migrate back to upstart's syntax then it seems that would be not so useful, you might as well go in the other direction: write an upstart generator for systemd, and then you can just plug that into ordinary NixOS.

Edit: Actually I think at some point NixOS did support upstart? Not sure whatever happened to that.


I'm not planning on working on anything related to systemd in the near future. If anything, I will write a config generator/type spec for startup/Upstart in Nix.


Unfortunately I think you probably will have to work on it if you want to not break existing configurations, so maybe NixOS is not for you. You could try alpine possibly? But with that you will have to do the same with init.d, so it's going to be somewhat of an uphill battle either way I guess. This is generally why I would discourage maintaining a service manager outside of an established distro, I tried to do it for about the same amount of time as you and it became not worth it. Upstart in particular has been basically entirely replaced by systemd.


I already use upstart on void no problem. Alpine would be a similar deal with me just managing the configs as raw text files via rsync. In fact my fork is already packaged in Alpine. A few people use it as a session manager for sway.

There is no chance that my Nix changes would affect existing configurations. They would be completely self contained.


I mean if you want to run existing configurations on your setup. Those aren't going to work. You can just install Nix on void though.

I had some users too but it still wasn't really worth it. I can't suggest it as a business model or a hobby project, you are basically going to be highly constrained by everything else on the system and your setup will just start looking like everything else eventually. Systemd also works fine as a session manager for whatever.


Literally any other init system. Maybe OpenRC, runit, or upstart? I'd even prefer to be stuck with sysvinit forever instead.


I would prefer OpenRC, runit or something similar.


Those would probably be not so great matches for NixOS because they don't support the container stuff that systemd does, you would be throwing all that out.


Some people don't care. Some people want their boot ordering software and container runtime software to live in different code bases.


With cgroupsv2 there seems to be very little benefit to doing that since the container runtime needs to sit at the top of the process tree anyway, so I'm not sure I understand what the purpose of that would be or why you would want that. If you were using containers to run services then I can't really think of a situation where you wouldn't also want it as part of the boot ordering process, so your services will just have it working immediately upon boot.


That is not true at all about cgroup2. Also think outside the box. Not everyone is using cgroups and namespaces. Some people are out there using gvisor, or KVM, or FreeBSD jails.


I'm not sure what you mean it's not true, AFAIK that constraint was the main issue with getting Docker moved over to cgroupsv2. (Edit: some background here https://github.com/opencontainers/runc/pull/2113) It's fixed now though so everything should work fine with systemd. If you aren't using cgroups and namespaces then you probably don't get much benefit from running a system like NixOS on bare metal either, so I'm having trouble figuring out what your use case would be. Any other immutable Linux setup will do, it might even be less hassle.

Those other things you mention are confusing to me, gvisor and KVM are mostly orthogonal to container management. And FreeBSD jails don't work on Linux.


Nix works on more than just linux.

Google Cloud uses gvisor for their K8s offering; AWS and Fly.io use firecracker for their container offerings.

Cgroups in v2 can be delegated easily and cleanly. As well as namespaced. Systemd or no systemd. Systemd just makes your life harder if you want to do rootless containers without integrating with them.


"Nix works on more than just linux."

IIRC the GP comment was asking about NixOS, not Nix. If you have everything already going through managed K8s or firecracker then I don't understand what you are using NixOS for. You could just install Nix on some other distribution that uses whatever init/container setup you want.

"Cgroups in v2 can be delegated easily and cleanly. As well as namespaced."

Right but none of those other things that were mentioned support cgroups delegation at an OS service level, only systemd does. Unless they have added this recently and I missed it. And if you're just using this to run a hypervisor then you're bypassing all that completely.

I don't see what you mean systemd makes it harder, you have to do basically the same process in any container manager if you want delegation. This is part of the design of cgroupsv2, it's not something systemd came up with. I'm sorry if I'm asking stupid questions but I honestly am really confused what your use case is, and your explanations are just making me more confused, so maybe something got lost here.


I don't have a specific use case in mind. The possibilities are endless.

Delegating a cgroups doesn't take systemd, by the way. You can do it with mkdir().

Systemd puts user processes in a part of the cgroups tree where they can't work freely, by default. You have to use a systemd unit or the dbus api to break out of that box. That is a design decision on system's part. If I was putting user processes in cgroups, I would give them space to work amongst themselves.


Well you have to understand that my mental picture from your past description is FreeBSD running in KVM on NixOS running on managed GCP/AWS, which is a somewhat confusing and convoluted architecture to me and I'm not sure what it's for or what the possibilities are that can't be done with some other setup. You could probably simplify and cut out some of those pieces. But if you meant something else, then let me know.

AFAIK you actually should not be using mkdir, because it is racy to have more than one process writing to the toplevel hierarchy. It's only safe to do that from the cgroup manager. That's what I've seen with all the existing implementations anyway.

"Systemd puts user processes in a part of the cgroups tree where they can't work freely, by default. You have to use a systemd unit or the dbus api to break out of that box. That is a design decision on system's part."

It's a design decision that was made because of cgroupsv2. You should really read systemd's documentation on this if you haven't, it describes in detail why this is. https://systemd.io/CGROUP_DELEGATION/

Edit: and also the kernel documentation on delegation. https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2...

In particular, any other container manager that wants delegation needs to do this same thing using a similar mechanism that you initiate by configuring it somehow. (It doesn't have to be a unit file or dbus call obviously.) Processes cannot just freely break out of their cgroup, that wouldn't be secure. Sorry if you know all this already, maybe a reader doesn't. Or maybe this is helpful to you if you want to add this to startup, I don't know.

"If I was putting user processes in cgroups, I would give them space to work amongst themselves. "

Ok now you lost me again... is this not exactly the purpose of cgroup delegation?


>it is racy to have more than one process writing to the toplevel hierarchy

Source? And define top level hierarchy? The top level isn't really special.

This is why locks exist btw.

I'm not convinced you have to manage cgroups from one process. That is not how most implementations do it.

>Processes cannot just freely break out of their cgroup, that wouldn't be secure.

Processes can freely migrate ("break out" if you insist on that terminology) if they have write access to one level above them in the tree. Systemd does not put you in that situation, but it could.

E.g. if you are in /user/<uid> you have nowhere to go, but if your are in /user/<uid>/default you can go to /user/<uid>/<container_runtime>/<unique_container_id>/default.


I'm sorry I don't understand what you're asking for specifically, the source is the cgroups API. Check the documentation I posted earlier, particularly this line:

"Because the resource control interface files in a given directory control the distribution of the parent’s resources, the delegatee shouldn’t be allowed to write to them."

You could add locking but that would be basically doing what systemd/docker/runc does and adding a new API on top of it which is then available through D-Bus or whatever. The top-level hierarchy is the top of any cgroup tree, if you have two processes writing to that without synchronization then they will potentially stomp over each other's values. You technically can go and run "sudo mkdir" inside your docker's toplevel cgroup but that would probably break things.

"if they have write access to one level above them in the tree. Systemd does not put you in that situation, but it could."

Well it does do that if you turn on delegation by giving you your own sub-tree, it doesn't do it by default because most services are not container managers and don't need an additional sub-tree. If you don't do that then write access is not allowed by the cgroups API, see above. It would not really make sense to allow a child process to say "I am going to take 100% of the cpu controller now and you get none sorry", that would defeat the purpose of cgroups.


What have you worked on in this space?


I used to consult for this kind of thing several years ago, I don't any more. The field has really just coalesced around K8s. I don't think there is much space for innovation anymore.


For all framework laptop owners, I'm considering to buy this for myself this christmas. My previous laptop I owned are mostly MBP, laptop from work is mbp, and my own gaming PC.

1 of the reason why I like MBP is the sturdiness and build quality, but i'm ready to go on diy stuff and leave apple for my next laptop. I was watching Dave2D video but when I saw the spring of the hinge when opening the laptop and the flex on the screen, it kind a scares me. How does it go for all of you? How's the build quality? also how's the track pad compared to mbp?

I don't want to own a laptop where opening the screen with 1 hand feels like it's going to break it. Kind a feels like dell inspiron all over again


The build quality is excellent. It isn't quite as good as a MacBook, but I'm willing to take the hit from A+ to A- for the repairablity.

It's much better than any other laptop I've used aside from a MacBook Pro. The screen does flex a bit but unless you're actively applying torque to it, you won't notice. It's totally fine when opening and closing it.


True, I love repairability, but then I also love A+ build quality and because I can't try it out, i'm not sure if i will regret it when I got mine later.

Looking at Dave's video, the only thing that's holding me back was when he try to flex the screen :(

Honestly the build quality of MBP is so good that it's holding me back from changing into something else. Hopefully V2 of framework will come with the sturdiness, no brainer for sure


I have a Framework laptop and it's sturdy as hell. At least as much as any MBP I've touched.

Opening it with one hand feels great. The thought of it "feeling like it's going to break" has never crossed my mind.


It definitely does not support 1 hand lid operation. Despite the quality not being as high as a macbook pro (I've owned several for comparison) it absolutely does not feel cheap.

In cases where you may damage the device, part of the beauty is that all of the parts are sold by Framework and come with replacement guides and any tools you may need (usually just the included screwdriver).


From context, do you mean "It definitely does support 1 hand lid operation" instead of "It definitely does not"?


They must, because I open my Framework laptop with one hand all the time hah. Never had any problems with it.


It’s funny how such a little thing like one-handed lid opening can add up to such a big factor in user experience. I have used MBPs for years and recently switched my personal machine to a yoga c740, which has … ok build quality but not great. One handed opening is hampered in two ways: first, the front of the machine is beveled in a way that makes it impossible to get your finger between the top and the bottom, which is infuriating. The framework has a notch for this, so it doesn’t seem to have this particular problem. The second is the obvious one, which is that the friction from the hinge is large enough to defeat gravity because the base isn’t heavy enough. I’d welcome a heavier base to overcome this, since it will also allow the case to be stiffer.

I feel like a total idiot at least a couple times a week while I’m holding my phone in one hand, saying “hang on, let me check” and doing weird contortions to get my laptop open with one hand using my belly to hold the bottom down.


I had similar concerns before getting mine. The build quality is definitely not as high end as a mbp but it's acceptable. I'm happy with it although I do hope they make future versions more sturdy.

The track pad is basically the same story. No real complaints but it could be better.


> Apparently, KDE Plasma5 does the scaling right. Setting it to 150% gives pleasuring look. Overall, I find KDE’s approach with a taskbar much more reasonable than what Gnome forces on me. It’s the paradigm shift from “tell me what you need” (modern Gnome, also Google) to “show me what you have” (KDE and others application menu, also your file manager).

I like this aside and I noticed the same when I tried to use Gnome a couple of years ago. I asked a coworker what he recommended, he showed me KDE and I've never looked back. The scaling was great too when I needed it for my MBP's retina display.


Protip for Ubuntu on HiDPI displays. Set the screen to 100% (everything will be tiny), then go into "Universal Access" and enable "Large Text", and also increase the size of the mouse pointer while you're at it. Adjust terminal font sizes to taste, and set the browser to 125-150% scaling by default. That's how I run Ubuntu on HiDPI screens. Looks great.


Does this also adjust icon sizes in apps' toolbars?


No, increasing just the font size is a hack. Unless you only use the terminal, doing this means not using GUI apps comfortably because icon size will not scale. Even if you somehow do make them scale, that increased font size and is limited to the screen you're working on. If you ever attach an external monitor to your laptop, it won't look right on that.

Avoid doing this unless you have no choice.


Works well on external 4K monitors also. And yes, the icons do not increase in size, but they still look OK. Certainly better than fractionally scaled icons. There's no downside to trying this - it's literally a single slider that you can slide back if you don't like what it does.


I've actually done this on my primary setup which is an AMD ThinkPad connected to a 4K 27 inch display. I didn't know about issues with fractional scaling before I bought this monitor and now I keep everything at 1x scaling and have increased the font size.

As I said, this setup has two big drawbacks

- I can't use my laptop display without adjusting the font size - Almost all GUI apps look strange because the text is large and icons are small. For example, the uBlock Origin icon on Firefox is tiny and sometimes I make mistake and click elsewhere.

Scaling fonts and not the display is a hack but considering fractional scaling is even more messy, I've resorted to using this method.

This is why I said that I won't buy the FrameWork laptop because it needs fractional scaling.


Ah yes, if your laptop is non-hidpi and your display is, you will have these issues. In my case both the laptop and the display are hidpi, and things work pretty well. Basically all devices I used in the last decade are hidpi.


My laptop has a 14 inch 1080p display which is ~157 PPI so it needs around 1.2x scaling. My external monitor is 27 inch 4K which is ~163 PPI so it needs at least 1.5x scaling.

The most obvious solution that fixes all of these problems is to buy displays that work with 2x scaling. A combination of 15 inch 4K or 13 inch 3000x2000 laptop display and a 27 inch 5K external display is the ideal combination because both of them would work with 2x scaling.


Huh. I had the opposite. I never wonder what’s on my PC. If I can’t even remember the program exists I clearly don’t need it.


> Mozilla requires LUKS full-disk encryption, and having it setup conflicted with NVidia’s proprietary driver

I’ve seen this warning in the Ubuntu docs. Can someone explain exactly why a GPU driver would cause issues with disk encryption and UEFI boot?


I conjecture the securely booted kernel won't load unsigned modules, and out-of-tree drivers don't get signed when the kernel and its modules do.



I wish people understood the Secure Boot spec better. This problem is totally unnecessary. The spec says no unsigned code can run until ExitBootServices is called, but people treat it as if it said that no unsigned kernel code can ever run.


n=1, but I've run fully-encrypted and /boot-encrypted Linux installs with the proprietary Nvidia-drivers without any issues.

Of course the low-quality binary blobs Nvidia ships can always contain some annoying bugs, so maybe this was fixed already and the author is just cautious or maybe I will run into those problems eventually.

I don't think it's a problem with the current iterations of Nvidia/Linux, though.

As for what can cause the problem, I have several ideas:

- Secure boot and code verification breaking driver loading

- The Nvidia driver, loaded during early startup, freaking out about config files not existing

- Some kind of handover problem between the fallback VGA driver and the proprietary blob that wouldn't exist if the boot files would be available from the bootloader directly

- Nvidia is known to track boot state in their GPU firmware (one way they used to prevent virtualizing consumer GPUs) so it could be related to a second attempt to initialize the GPU


I've used both for years without any issues, so I'm also confused on this one.


It works fine if /boot is unencrypted. You can encrypt the rest of / and it's fine.


Doesn't running /boot without encryption open up a class of attacks?


Certainly. Security is always a balancing act. My primary concern is laptop being taken when traveling by Air or stolen. Encrypted root covers that, even with boot un-encrypted

Unencrypted boot leaves me vulnerable to a malicious actor taking my laptop, modifing grub and/or linux kernel to send and/or store my password to unlock the boot volume and then handing my laptop back and me typing in my un-lock password

Possible, but I view that threat as low


This is the "Evil maid attack" [1] but it is avoidable. If you have Secure Boot enabled and are properly signing your Bootloader + anything it launches then your machine would just refuse to boot if anyone tampered with critical files in /boot.

The issue I have seen is that a LOT of BIOS (at least on desktop machines) seem to just let you reset the secure boot enforcement status via the BIOS reset jumper... which defeats the point although it does raise the physical access requirement to a longer duration.


Evil maid attack is really difficult anyway, because if nothing else they can just put in a hardware keylogger, or a hidden camera or a microphone if they really want to work for it, or etc.


Yeah, when someone has temporary physical access to your hardware you have lost anyways. They could perform hardware alterations and e.g. install hardware keyloggers into the device, etc.


Isn't UEFI, if configured correctly, supposed to protect against this?


Can you explain? How should UEFI be configured to do this, from a Linux perspective? I'd love to improve my security


In theory, secure boot checksums the bootloader and fails to boot if it has been modified. Using it with Linux can be a bit tricky. openSUSE has a tool to help sign your kernel, I don't know how other distributions do it.

https://en.opensuse.org/openSUSE:UEFI#Secure_Boot


That class of attacks exists anyway unless you're using trusted boot. After all, your MBR isn't encrypted is it?


I suppose it's possible to imagine replacing grub with something that captures your password. It depends what your threat model is. I think you'd need physical access, at least.


Ditto running encrypted root without any issue


And what does Mozilla have to do with it?


Mozilla the organization, not Mozilla the browser. It's common for companies to require their employees to use full-disk encryption on all devices that store company data.


Nice. Framework is super exciting, but I hope they release more cad files for the laptop so third parties can make e.g. keyboards and motherboards. Would be a bummer if their business model is lock-in on everything but the expansion cards.

I’d love to put an underpowered qcom or nxp arm64 chip in and get insane battery life, but that doesn’t seem likely for a while since it needs 4x usb4 :/. Even the Xavier nx SoM only has 1x4 lane pcie..


We started with Expansion Cards because they are they simplest both for us to release a documentation package around and for a third party to develop. We will be expanding out from there though.


Do you plan to launch in India anytime soon? Would love to get my hands on a Framework laptop


awesome!!


Seems to me like you could power some of the ports with a hub/switch if you're willing to restrict which ports accept advanced peripherals. You could even use a PCIe switch to get more Thunderbolt.


Yeah the trick would be thunderbolt more than anything, USB-C out to all four ports would be easy enough with a hub?


yeah, it just feels rude to bifurcate the ecosystem and confuse everyone about the amount of i/o available


I think you could do it in such a way that you only restrict the ports available for alternate mode display output, and everything else still works.

I don't think it's rude. It's about choice, just make sure it's clear to the users what sort of peripherals they should expect to work.

That said I think it would be almost more fun to put the arm computer into the USB C module.


> X1 took 120s, so 4.5x slower… totally unexpected

Your numbers are clearly suspicious. Did you ever take measures to circumvent the CPU throttling bug under Linux on your X1E? See [1].

Also, regarding your battery comments, when my X1E G1 was new I got great battery life, around 7-8 hours. I still get 5ish.

> requires LUKS full-disk encryption, and having it setup conflicted with NVidia’s proprietary driver.

This just seems bizarre and hard to believe to me; once mounted your LUKS drive is no different (to software) than any other block device.

[1] https://wiki.archlinux.org/title/Lenovo_ThinkPad_X1_Extreme#...


Regarding the LUKS encryption, he is likely talking about an encrypted /boot partition and using SecureBoot.


Was about to say something about the encrypting /boot. I always leave mine unencrypted but everything else gets encrypted.


Why in the world wouldn't Framework use CoreBoot? Very strange.


As a framework owner, this is nice to see. I have yet to take the plunge on Nix (been happy with PopOS on mine), and wouldn't without Bluetooth support, but it's good to know it's possible and relatively painless.

I'm hoping to start with nix+home-manager at some point, maybe on top of PopOS; anyone have experience with that setup?


Nix + home-manager is how I started on arch. After moving about 80% of my Pacman-installed packages over to nix-configured packages bit by bit over weeks and after that all of my dotfiles I plunged into nixos. Transition was super smooth, can only recommend!


Can I install packages not present in the official NixOS repositories without learning the Nix DSL?


You can, if your repository of choice provides a Nix channel[1]. However, the community effort is currently concentrated in the official Nixpkgs repository. So while there are numerous projects based on Nix run outside of the NixOS organization, there aren't any "major" unofficial package repository that I'm aware of. For packaging work, people just tend to contribute directly to the official repository. In fact, the volume of PRs in the official repository is so high I'm surprised at how they manage to keep going in spite of that.

It's also worth noting that many of the benefits of Nix are directly driven from being able to write custom Nix expressions. So if you want to reap all of its benefits, it's definitely worth learning. The core language is small and the experience is not so far off from writing JSON, so that part is relatively easy to pick up. The actual work lies in learning how packaging is done in Nixpkgs. This is best done by grepping around the Nixpkgs repository for examples. Nixpkgs' policy of having all packages in a single repository really shines here.

[1]: https://nixos.wiki/wiki/Nix_channels


I tried using NixOS a few years ago but found it too esoteric. Learning the Nix DSL and the NixOS way of doing things might be rewarding but it has a significant threshold that I'd need to cross before I'm comfortable using it.

One of the things I really appreciate about Arch is the flexibility it offers. I'm not forced to use GRUB if I don't want to, unlike Fedora and Debian. I'm also not forced to see dm-crypt UUIDs on mounted disks like Dracut does. I can choose what I want. This latter issue was present in NixOS as well the last time I tried it.

Oh, I'm also not a fan of how unbearably slow the nix package manager is compared to pacman.

I do recognize the advantages of declarative configuration of your entire operating system though.


> Oh, I'm also not a fan of how unbearably slow the nix package manager is compared to pacman.

Building a declared environment takes quite a while and switching a NixOS or home-manager generation takes even longer. It was my main complaint about NixOS when I was starting out.

The thing I realised though is that the main scenario where you actually need the speed is when you want to try things out and for that, Nix' ad-hoc environments are much better suited.

When I want to try a new program (btop for example), I simply run `nix-shell -p btop` rather than adding it to my declared environment and sitting through a `nixos-rebuild test`. That's usually faster and, more importantly, cleaner than installing the package to a global environment with a regular package manager.


Not exactly the same but my journey started with nix home-manager on MacOS. Spent time getting it working how I wanted. I enjoyed it so much I replaced my Mac with nixos soon after

MacOS has second tier support to Linux. I'm sure PopOS will work well

https://github.com/NelsonJeppesen/nix-lifestyle/tree/main/ni...


I started out just using Nix for development on Fedora and macOS, with home-manager coming later. Was a good way to get into Nix without taking the full NixOS plunge.


Somewhat random question: What kind of run time do you get out of a battery charge with PopOS on the framework laptop? I've seen some comments from people who were unhappy with theirs, but maybe PopOS has some better tuning?


My understanding is that the options for tuning battery life on Linux are pretty much the same across Linux distros. You either have TLP, Laptop Mode Tools, Powertop, or Gnome Power Manager, all of which tunes kernel settings in a similar fashion. Thermald might possibly help too, but I'm not sure if it has positive effects on battery life.

The only factor that I could think of that might make a difference across distros is the availability of hardware video acceleration in browsers. But that gap is likely to close soon, if there are any right now.


I’ve only had mine for a day, but following the official PopOS guide[0] on the framework forums they advise manually setting mem_sleep_default to DeepSleep to override the default S2Idle, which was “burning through the battery” like crazy.” I’ve seen 5-6 hour runtimes with full brightness using with this option enabled (anecdata from a post on the framework or PopOS subreddit), which appears to be somewhat accurate with my setup (docker, Postgres, vs code, many Firefox tabs, slack, some other miscellaneous services running in the background).

[0] https://community.frame.work/t/framework-and-popos/2898


I'm seeing similar, maybe closer to 8 if it's mostly browsing and light IDE work, and I never run full brightness.

I should probably chime in on the forum, but per that thread I tried Wayland but it didn't go so well, particularly with an external monitor plugged in. Too many misbehaving and misscaled apps, I remember having issues with vscode (scaling) and either kitty or alacrity (can't move or adjust window).


Interesting, that is very good to know. I have yet to try external monitors (will be plugged in tomorrow morning for work), but have been waiting on switching to Wayland to see if it’s necessary or not.

Great to hear about the 8 hour duration as well, I’m absolutely loving this new toy!


I should point out Wayland isn't all-or-nothing; if you enable the config from that post, it's an option you can select when logging in. I never had to "go back" from Wayland, I just stopped selecting it, and can try it out again whenever.


Apologies I’m a bit late to the Framework conversation:

Are third parties able to make replacement parts and dongles with Framework’s blessing? Or are they trying to lock in the parts market?


We launched an Expansion Card Developer Program this summer as a first step at enabling third parties: https://frame.work/blog/expansion-card-developer-program--ca...


Yep, Framework (as far as I remember) intends to even create a public marketplace for people to sell custom-made addon cards. They have the dimensions on their github and make it pretty easy.


They already launched the marketplace, and … it’s just e-shop of their own cards.


Maybe because there aren't any mature alternatives yet?


Hopefully not exclusively on their marketplace?


Uh oh.


The "expansion port" appears to be a sunken USB-C port that you can plug any old USB-C cable into.


My Framework DIY just arrived this morning. I finished the build and installation of PopOS about an hour ago, but now I’m contemplating trying out NixOS due to this blog post.

Looks amazing!


Oo how's Pop OS?


So far, incredible! Still setting up my environment, but as far as how it’s running on the Framework, I 100% see myself fully transitioning to it from my MacBook.

Desktop wise, I’ve been using PopOS for 7-8 months now, so it’s quite great to have that same setup in a portable fashion now.


How do you deal with the transitiob from MacOS to PopOs? I'm trying to do it, but discouraged from all the small annoying things:

- changing default shortcuts from CMD to CTRL. Is swapping the positions enough?

- Janky scrolling/no inertia ( i'm not on a framework (hp x360 spectre), is the framework better?

- all the small tuning software i have (Karabiner for remapping, Amethyst for tiling, BitBar etc)

- is there a quick look equivalent on PopOs?


> changing default shortcuts from CMD to CTRL. Is swapping the positions enough?

I strongly recommend not to do this.

I did it and it was a nightmare: some of mac's hotkeys are like linux hotkeys but reversing Meta & Ctrl, but not all of them. I adjusted the most egregious hotkeys, but there were always more. This went on for around a month. In the end, it was impossible for me to get used to the differences: my muscle memory would betray me many times over the day, and it wasn't getting better.

Then I deicded to just reset everything back to my distro's defaults. It was painful for a couple days. I made a few mistakes in the next week... and then it all got in muscle memory. I can even switch from working on a mac to working on linux without issues now.


Yeah the inconsistency is what worries me. But my concern is that the CMD position (ALT on other keyboards, right beside space) is more ergonomic than the CTRL position, especially on laptops.


I strongly recommend binding CTRL to Caps lock. It's pretty ergonomic, and just feels natural. Also, that would force you in a different mindset, aiding in differentiation of your Mac and Linux


This. The MacOS <-> Linux <-> Windows swapping isn’t too difficult, just takes a day or so of training that muscle memory.

I should note to the OP that I almost exclusively use my HHKB[0] for all of those operating systems, which places the CTRL key where the Caps Lock normally is, abstracting caps lock functionality to a function key.

When I do use a different keyboard (or the laptop’s native keyboard), it takes a few minutes to adjust and every now and then I’ll accidentally tap the wrong key, but overall I would say negative impact is negligible

[0] https://www.hhkeyboard.com/uk/products/ (I have the Pro2, and for some reason the official site is not loading for me. This keyboard has lasted me 4+ years and I use it for gaming, coding, and everything in between. By far my favorite keyboard I have ever used, the toupre keys feel soooo so satisfying. Amazon link here: https://www.amazon.com/dp/B07K9QHF4P/)


Yeah I might do that. Currently on Mac I have Caps Lock remapped to a "Hyper" key to act as another layer, so I get "Vim" (jkl; instead of hjkl) arrows. Might move the layer to spacebar instead.


> changing default shortcuts from CMD to CTRL. Is swapping the positions enough?

For me, I just adjust to using CTRL instead of CMD. It only takes me a day or two of consistent use for the muscle memory to switch over.

The most painful part is if I try and go back-and-forth between the Mac and Linux laptop, that causes pain. But if I just switch pretty completely over to the linux environment, the muscle-memory switches over pretty quickly.

If you don't need to go back-and-forth on an ongoing basis, I'd recommend just pushing through the transition period.


Check out kinto.sh for the ctrl/cmd remapping.

PopOS has a decent tiling manager built in now. (Icon in top right corner by default) though I should note it isn’t as “hardcore” as classic tiling managers and is instead built primarily for approachability over pure power.

Not exactly sure what you mean but quick look. If you mean spotlight, PopOS has a (imo better) equivalent bound by default to the Super key. If you mean the applications overview, they have that as well by default on a button in the top left of screen. Can also be bound to a shortcut.


Great, thanks for the pointers!

Quick Look in this case is the quick open of files through finder by tapping 'Space'. Might be some equivalents, i'll look around.


There's an extension for gnome called either Gnome-Look or Sushi, can't look up which it is right now.


Yes, Gnome Sushi for "press space for preview"


Can't wait till I'm able to buy a Framework laptop from Europe. I even checked on eBay US (which offers customs services for international shipping) but prices are too high at the moment


"LUKS and Nvidia driver not compatible"

I've used Nvidia binary drivers with LUKS full disk encryption for years, on laptops and on desktops, and it's just fine. I can't even think of a possible way they would interact.

The framework laptop looks interesting, but there are so many misunderstandings or inaccuracies in this writeup that I personally do not trust the benchmarks or other details to be accurate.


> I only wish the up/down arrow buttons were normal size, like on Thinkpads.

Funny, I much prefer a full-size Right-Shift key, which usually requires compact up/down arrow keys. I hate typing on keyboards with tiny, stunted little right-shift keys. I use Right-Shift much more than the arrow keys.


My right shift key on thinkpad is full size and i've got full size up/down arrow buttons too (on a 12.5 inch laptop). So it definitely is doable and there is no need for tradeoffs.


I can't say for your particular model, since you didn't list it, but there is generally a trade-off: the arrow keys make the keyboard area larger and less "squared" (rectangled) as they will protrude from the bottom of the keyboard.

This, in turn, is a trade-off for manufacturing. It will increase the cost of everything slightly. The keyboard unit itself as it will be larger, maye be harder to produce. Machining or producing the chassis now requires accounting for an additional cut.

This is all solvable, yes. Though it is harder for smaller scale productions. It is likely they are working with vendors that, themselves, only have "entirely rectangular" keyboards as this is what the market ends up wanting for cost reasons.


I don’t remember the last time I used the right shift key! I must use it sometimes, I just can’t think when


Yeah, I believe ideally, you'd use the right-hand modifiers when pressing keys on the left hand side, and vice versa.

I think the asymmetric, row-staggered layout that keyboards have discourages this.

Though, a fancy technique many keyboard-enthusiasts will use is to have dual-use keys. e.g. Tap-Hold dual use. The key acts the same when tapped, but acts as a modifier key when held.

e.g. changing Capslock key to escape when tapped, Ctrl when held is probably the easiest to think of.

The best use of tap-hold is for Home-Row modifiers. Putting alt/command/ctrl/shift as modifiers of asdf (and symmetrically, jkl;).


I don't even think about it until I don't have it, then I frequently notice having to hunt for the tiny undersized r-shift and sometimes hitting the up arrow key instead. It's super annoying when it's not there.


This setup sounds like a near-dream with that 3:2 display. The aspect ratio is one of my main drivers to use iPad 12.9 for doing things. But of course, it is always a double-edged sword with how well the split-screen looks with various apps on crammed display, etc., which makes this setup extra interesting because the freedom to adjust through software is much more here.


Anyone know if they're planning on having a keyboard available that uses full-size up/down keys? (Or, if framework laptops are built such that you could easily swap out the keyboard in the future if they do?)

This looks super interesting for a long-term laptop, but small arrow keys bring me so much day-to-day anguish I wouldn't want to suffer through them long-term.


In re the latter, yes, they list a load of variations (most 'coming soon') of ANSI/ISO and regional keycaps on the site, and AIUI they're all compatible.

Of course, Framework doesn't want to have to manufacture different chassis or whatever for them either, so it's believable and makes sense. (And I'm sure it's true on some level for competitors, even Apple - surely it's basically compatible and swappable, they just don't sell them.)


I don't get whats up with that "deep sleep", like there was S3 suspend for ages - did anything happen to it? Why can't you just suspend it and call it a day?


Newer Intel CPUs don't support S3 anymore. They now use something called S0ix which is apparently much more power hungry.


That’s because it is more like a cellphone sleep. Keeps the wifi on. Can get push messages etc.


Removing the main and most important feature on a laptop is surely a good-move.

What about AMD?


> What about AMD?

Good news, suspend resume has been broken on my AMD ThinkPad, at least for me, since kernel version 5.10 came out although it didn't really work reliably before either.

Whenever, I dare enter systemctl suspend, my screen goes blank, fans start spinning at the highest speed. A hard reboot is needed at that point. The journal is filled with these error messages.

[drm:amdgpu_ib_ring_tests [amdgpu]] ERROR IB test failed on gfx (-22)

EDIT: Looks the author of the blog post isn't able to do suspend resume on his AMD ThinkPad T495 either, which is good news.


Has anyone got Qubes working on the Framework Laptop?


I hope they have success creating an open-source community around the hardware, the other comparable ecosystems like Purism or Pinebook have a very specific public with much less "consumer-friendly" hardware that will never even offer a Windows version. It would be really cool to see people with Windows Framework easily finding a tutorial to migrate to Arch linux (in contrast to searching for a specific driver of the XPS model xyz).

PS: waiting for shipment to Brazil (and maybe a 15'' model)


Why not just spin up an adhoc build server on demand and use whatever laptop you want to?

I don't know about the compilation procedure but how hard is it to spin up a beefy CPU intensive server ($300/mo = $0.2 per 30 min use), let it git pull your work, compile, upload the binary to some storage, notify you and shut down automatically?

This way, you can close your laptop and move while compiling.

Much cheaper than not being able to choose the laptop you want the most.

These days, you can be a bit more creative than do it all on your machine.


>but how hard is it to spin up a beefy CPU intensive server ($300/mo = $0.2 per 30 min use), let it git pull your work, compile, upload the binary to some storage, notify you and shut down automatically?

Related famous last words: https://news.ycombinator.com/item?id=9224


How is it related? I'm not dismissing some business idea but merely providing an idea to make personal computing easier and I'm not giving lazy-to-accomplish idea?


Because some people want to just open their laptop and do everything locally for whatever reason, not be dependent on an internet connection and managing cloud clusters and related expenses.


The author is a programmer for sake. Writing a little script sounded worthwhile.

Also, what expense? $0.2 per compile instead of buying a laptop with better CPU?


Super weird about the realtek Ethernet issues. Linux’s support for Realtek is pretty good I thought.


Ach, the usual stuff about NICs being re-re-re-created, incredibly annoying.

I thought the same - then I bought in September 2021 a "Lenovo Ideapad 5 Pro 16ACH6" which is when I found out that the "Realtek Semiconductor Co., Ltd. Device 8852"/"Realtek RTL8111E Ethernet LOM"/"Lenovo Device 4852" needs a brand new driver/module, respectively is not compatible with anything else.

I lost a lot of hair until I found "https://github.com/lwfinger/rtw89.git" (thaaanks a lot!!!) which made it work (reliable in my case, even with notebook "suspend-to-RAM").

As of kernel 5.14.5 (on Gentoo) embedded support for that NIC is not available, nor I think in 5.14.12 (not 100% sure - I did not install it, just peeked into it) :(((


Wow that sucks. Kudos to the dev that maintains that driver. I wonder if they ever tried to upstream it?


Something is or was happening? This is what I've found: https://lwn.net/ml/linux-wireless/f1caa1a2-55c7-a69f-070a-a4...


So, randomly I come across this right after I setup my Framework laptop for Arch. Funny thing is, I also transitioned from a 1st gen X1 Extreme.

Cool to see you getting NixOS running, Arch on the Framework has worked flawlessly. So much nicer than the X1.


is it possible to install coreboot or libreboot on this thing? does it have something equivalent to the intel management engine?


No, they're using a proprietary BIOS and firmware for the embedded controller. The hardware is all Intel and of course it has a management engine[1], even all the nasty vPro "features".

From the software freedom point of view it's very much a no go, although they are apparently going to release the firmware sources and looking into coreboot[2].

[1]: https://community.frame.work/t/does-intel-chip-have-intels-m...

[2]: https://community.frame.work/t/free-the-ec-and-coreboot-only...


This is a good spot to mention that we’re hiring a Firmware Engineer, and we’d love to bring someone on who has coreboot experience: https://jobs.lever.co/framework/af82bd1b-7ebd-46da-8ae4-7dab...


Maybe work together with system76, they have tons of experience with this and they have lots of software that you might be able to use that is already open source.


good! i'll buy one when i can know it won't spy on me. and might i suggest (if you don't have this already) a physical off-switch, not just for the mic and cam, but also for wifi and bluetooth.


I take it the big vendors (HP, Dell, etc) are now going to start adopting Framework's business model? If not the obviously somebody's gonna try and buy them for billions.


Why would they? Most people will still buy a generic laptop. Fairphone released version 4 already and it's not like Samsung, Apple, Motorola, and others got even close to that level of repairability.


Fairphone isn't even for sale in America.


We hope to see others come along, but it’s not easy to transform a large business built around a replacement cycle into one centered on longevity. There are at least encouraging signs of some OEM’s becoming less anti-repair, like Microsoft’s recent announcement.


Just noting I run an AX210 on my T440p. Bluetooth and wifi both work starting with kernel version 5.12 in my experience. I had it pinned to a specific version rather than latest like

boot.kernelPackages = pkgs.linuxPackages_5_12;

but slowly 5.12 and 5.13 were both removed as specific kernel versions in nixpkgs, so it's

boot.kernelPackages = pkgs.linuxPackages_5_14;

now which still works.

I eventually plan to just remove the line and use the default kernel, once the default kernel is bumped up to 5.12


Is Framework already too big to fail with all this momentum? I really hope so. It's essentially the new Thinkpad.


They're still very small; for example they're doing batch production instead of continuous.


I'd hesitate to call Framework the new ThinkPad until it adopts the ThinkPad's defining feature, the TrackPoint.

There's a ton of interest, just hoping that it could happen in some form:

https://community.frame.work/t/any-chance-of-trackpoint/1026


Laptops have become a portable form-factor KVM for me. Unfortunately I do not have a good solution to the form factor part. The introduction to this article, regarding the four different hardware forms, was pretty interesting.


Super cool! I've seen comments about eventually being able to get a keyboard with full arrow keys, but will they ever ship a keyboard with a trackpoint/pointing stick? Or is that patented by Lenovo?


A few days ago I received my DIY Framework laptop as well. I also have a MBP 15" circa 2018. The keyboard issues on the MBP was my primary gripe with Apple, also reading the 55 steps needed to replace the battery according to ifixit guide.

I first discovered frame.work on hacker news, watched a ton of youtube videos and got all jazed up and bought one, then waited for it to ship (about a month since they do it in batches). I actually never had been this excited about a product as this, and would read up on their site daily, to prepare.

Anyway, it arrived, and I assembled my first laptop! The hardest part was hooking up the wifi, but with a little thinking it worked. Took about 10 mintues, with kids running around the background.

Having a month to ponder all of the flavors of linux, I was initially jazed about NixOS as well. I'm not a daily linux user and reading through the documentation was discouraging. There doesn't seem to be a simple way to install it that I have discovered. Eventually I discovered Fedora Silverblue which has the same concept of an immutable OS. I still want to try NixOS, but I will need help with that. Another nice thing about these devices, you are free to install whatever you want on them, unlike Apple which locks it down. The Fedora Silverblue installation was about 4 minutes, minimal decisions to make. So that is what I ended up with.

At first I tried version 34. This did not work immediately with the WiFi, and that had me concerned (what if I didn't hook it up right?). LOL.

So, I tried the RAWHIDE release (which will be version 35). Mostly I did this to see if the wifi worked and it did! After playing around with it, I started getting used to it. It works with wifi, the fingerprint reader (great), bluetooth, trackpad (see comments below).

Build Quality. The Framework build quality is excellent. It's much lighter than the MBP, and I think the reason for feeling a bit more 'flexible' ie bendable is the lack of glue. I think the glue also helps the accoustics. The speakers are definately a disapointment compared to the MBP. That said, I would trade ability to swap out battery for feeling more solid. Maybe this can be improved, but to me it's not a huge issue.

Trackpad. I am not entirely used to linux, so at first I didn't know what was a hardware or what was a software issue. The two finger scrolling works, as does three finger navigation, but scrolling on the browser sucks. Two issues, acceleration is a little wonky (no rubber band feel), and scrollbars are always visible. The claim is that wayland does not have some universal scrolling system but relies on each application to implement it. Firefox, chrome, Ungoogled Chromium all seem to act the same. Some of this might be Fedora 35 which is still being developed. That being said, I've tried recent windows machines this experience is better than that. I think the MBP does have a smoother experience here, but this is usuable for sure.

I am now starting to get used to the linux experience (gnome). I like the screen, wish it was a bit bigger, but certainly usuable.

I have yet to get a second or third monitor working on here.


Perhaps a dumb question, but why are NixOs and Guix configured using a programming language and not with a configuration file?


The "neat" thing about a config like that is to use incredibly basic programming things, like simply having variables, lists/arrays, arithmetic, string manipulation, etc..

As a basic example, I could have a list of basic packages that I want on all of my machines, and then depending on which machine my config is being deployed to, I might extend or shrink that list using actual code, because that list is represented as a an array or a linked list and I can directly manipulate that (though, at least in Nix I think everything's immutable, so you would technically only use that initial list to create a new list from it).


Ahh,I see you're a person of culture. Solus Budgie as OS is a good choice.


tangential; are there plans for `fwupd` support for Framework? I love my LG Gram 17" but `fwupd` support might make me consider Framework


Yep, we are setting it up now for an upcoming firmware update!


fantastic! Thank you!


> Prepare for a long read

Took about 6 minutes, is that long nowadays?


I'll remove this line. Appeared to be shorter than I expected. Estimates, d'oh.




Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: