summary refs log tree commit diff
path: root/profiles
diff options
context:
space:
mode:
Diffstat (limited to 'profiles')
-rw-r--r--profiles/security.nix2
-rw-r--r--profiles/user.nix4
2 files changed, 5 insertions, 1 deletions
diff --git a/profiles/security.nix b/profiles/security.nix
index 8ca89e3..ddd980e 100644
--- a/profiles/security.nix
+++ b/profiles/security.nix
@@ -21,6 +21,8 @@
     security.allowSimultaneousMultithreading = false;
     security.forcePageTableIsolation = true;
 
+    security.unprivilegedUsernsClone = config.virtualisation.containers.enable;
+
     security.virtualisation.flushL1DataCache = "always";
 
     security.apparmor.enable = true;
diff --git a/profiles/user.nix b/profiles/user.nix
index 0a3bebe..d343e9c 100644
--- a/profiles/user.nix
+++ b/profiles/user.nix
@@ -19,6 +19,8 @@
       # password.file = ../secrets/password.age;
     };
 
+
+  programs.fish.enable = true; # needed now
     users.users.tzlil = {
       isNormalUser = true;
       description = "Me";
@@ -62,7 +64,7 @@
       in {
         Unit = {
           Description = "SSH Agent";
-          After = ["default.target"];
+          WantedBy = ["default.target"];
         };
         Service = {
           ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent";
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 21:45:02 +0000