feat: cleanup, secure boot for framework

nixos/hardware/amd_cpu.nix

@@ -1,10 +0,0 @@
-{
-  config,
-  lib,
-  ...
-}: let
-  inherit (lib.modules) mkDefault;
-in {
-  boot.kernelModules = ["kvm-amd"];
-  hardware.cpu.amd.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
-}

nixos/hardware/amd_gpu.nix

@@ -1,5 +0,0 @@
-_: {
-  boot.kernelParams = [
-    "amdgpu.gpu_recovery=1"
-  ];
-}

nixos/hardware/framework/color.nix

@@ -1,8 +0,0 @@
-{
-  pkgs,
-  ...
-}: {
-  home-manager.users.kat.wayland.windowManager.hyprland.settings.exec-once = [
-    "${pkgs.colord}/bin/colormgr import-profile ${./framework-icc.icm}"
-  ];
-}

nixos/hardware/framework/imports.nix

@@ -4,10 +4,8 @@
   ...
 }: {
   imports =
-    (with tree.nixos.hardware; [
-      amd_cpu
-      amd_gpu
-      uefi
+    (with tree.nixos.profiles; [
+        uefi
     ])
     ++ [
       inputs.nixos-hardware.outputs.nixosModules.framework-13-7040-amd

nixos/hardware/intel_cpu.nix

@@ -1,5 +0,0 @@
-_: let
-in {
-  boot.kernelModules = ["kvm-intel"];
-  services.thermald.enable = true;
-}

nixos/hardware/intel_gpu.nix

@@ -1,13 +0,0 @@
-{pkgs, ...}: {
-  services.xserver.videoDrivers = ["intel"];
-  hardware.opengl = {
-    enable = true;
-    driSupport = true;
-    extraPackages = with pkgs; [
-      intel-media-driver
-      vaapiIntel
-      vaapiVdpau
-      libvdpau-va-gl
-    ];
-  };
-}

nixos/profiles/bootable/grub.nix

@@ -1,8 +1,9 @@
-_: {
-  boot.loader = {
+{config, lib, ... }: let
+    inherit (lib.modules) mkIf;
+ in {
+  boot.loader = mkIf (config.boot.loader.grub.enable) {
     timeout = null;
     grub = {
-      enable = false;
       useOSProber = true;
       splashImage = ./splash.jpg;
       extraConfig = ''

nixos/profiles/bootable/zfs.nix

@@ -1,14 +0,0 @@
-{
-  std,
-  config,
-  lib,
-  ...
-}: let
-  inherit (std) list;
-  inherit (lib.modules) mkDefault mkIf;
-in {
-  boot = mkIf (list.elem "zfs" config.boot.supportedFilesystems) {
-    kernelPackages = mkDefault config.boot.zfs.package.latestCompatibleLinuxPackages;
-    zfs.enableUnstable = true;
-  };
-}

nixos/profiles/wireless/wifi.nix

@@ -12,6 +12,7 @@ in {
   networking = {
     networkmanager = {
       enable = true;
+      wifi.backend = "iwd";
       connectionConfig = {
         "ipv6.ip6-privacy" = mkForce 0;
       };