me like nix
1# Edit this configuration file to define what should be installed on
2# your system. Help is available in the configuration.nix(5) man page
3# and in the NixOS manual (accessible by running ‘nixos-help’).
4
5{ pkgs, ... }:
6
7{
8 imports = [
9 # Include the results of the hardware scan.
10 ./hardware-configuration.nix
11 ../common/common.nix
12 ];
13
14 boot.initrd.luks.devices."luks-ee306bda-c450-4a56-b4fe-537899e38e0d".device =
15 "/dev/disk/by-uuid/ee306bda-c450-4a56-b4fe-537899e38e0d";
16 networking.hostName = "framework16"; # Define your hostname.
17
18 # Framework 16 specific configuration
19 # Disable ABM (Active Backlight Management) to maintain color accuracy
20 boot.kernelParams = [ "amdgpu.abmlevel=0" ];
21
22 # Enable QEMU emulation for aarch64 (for building Pi images)
23 boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
24
25 # Use power-profiles-daemon instead of TLP (recommended for AMD Framework)
26 services.power-profiles-daemon.enable = true;
27
28 # Disable keyboard/touchpad wake from suspend (prevents wake in bags)
29 services.udev.extraRules = ''
30 # Framework Laptop 16 - Disable wakeup for internal keyboard to prevent wake in bags
31 ACTION=="add", SUBSYSTEM=="usb", DRIVERS=="usb", ATTRS{idVendor}=="32ac", ATTR{power/wakeup}="disabled"
32 '';
33 # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
34
35 # Configure network proxy if necessary
36 # networking.proxy.default = "http://user:password@proxy:port/";
37 # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
38
39 # Enable touchpad support (enabled default in most desktopManager).
40 # services.xserver.libinput.enable = true;
41
42 # List packages installed in system profile. To search, run:
43 # $ nix search wget
44 environment.systemPackages = with pkgs; [
45 brightnessctl
46 gdm
47 ];
48
49 # Some programs need SUID wrappers, can be configured further or are
50 # started in user sessions.
51 # programs.mtr.enable = true;
52 # programs.gnupg.agent = {
53 # enable = true;
54 # enableSSHSupport = true;
55 # };
56
57 # List services that you want to enable:
58
59 services.openssh = {
60 enable = true;
61 settings = {
62 PasswordAuthentication = false;
63 KbdInteractiveAuthentication = false;
64 PermitRootLogin = "no";
65 AllowUsers = [ "sean" ];
66 };
67 };
68
69 users.users.sean.openssh.authorizedKeys.keys = [
70 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDCIqgZ7kedxo+mOW7YG73Vp3zel3h180y3GKvHtRsXfGlpIIvRDy7pgCBQ4AGXYD4y78URQmFohYSAPqCPOPaWcU2un3XG9KvCzEsHmsbskPonitUmCiKvrKkb6oW4jCBtd7AEtBn+AiajAQFtPZ7NN2Df3AmTypvR6Irg7R+nxnfc9NTIHmGvxSDyWcbb4pguL20sctUSqGL6xGh8q/bqhdOThSimM+z9bEUNxK/5rPhwkNniMrp4pJcUrUiAh5/4DiRFG6KT+oeg+/myoz/Z1sPvAs7u/8JDQI4RshRD8Hu0oTkRBN6Hxj478q2SXbeBUZlD6IdjP3RhGpmSecoDdtWqKbpuV3eVRtQtba3KL86GBeV/bugaOdJ1Aud+1SOFJreAAuvxzMMKT+cdQZk6oOPP148DA/No+mDm/2S43lcdCXh79wA6YRAmKQ8jmZxTCtPutrvuZK1rguvvUlEoG/vhdNHh7eDa4Td07V6bjCRPUl8qk/e4M0E3pwsTlZc="
71 ];
72
73 # Open ports in the firewall.
74 # networking.firewall.allowedTCPPorts = [
75 # 3000
76 # ];
77 networking.firewall.allowedUDPPorts = [
78 ];
79 # Or disable the firewall altogether.
80 networking.firewall.enable = false;
81
82 # This value determines the NixOS release from which the default
83 # settings for stateful data, like file locations and database versions
84 # on your system were taken. It‘s perfectly fine and recommended to leave
85 # this value at the release version of the first install of this system.
86 # Before changing this value read the documentation for this option
87 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
88 system.stateVersion = "25.05"; # Did you read the comment?
89
90}