From 977e7c795ab2ca3d2a226bdbebf4d5e7b3dad96c Mon Sep 17 00:00:00 2001 From: tzlil Date: Fri, 31 Mar 2023 17:56:36 +0300 Subject: completed hydrus setup, made ssh-agent autostart (wantedBy default.target) --- profiles/security.nix | 2 ++ profiles/user.nix | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'profiles') diff --git a/profiles/security.nix b/profiles/security.nix index 8ca89e3..ddd980e 100644 --- a/profiles/security.nix +++ b/profiles/security.nix @@ -21,6 +21,8 @@ security.allowSimultaneousMultithreading = false; security.forcePageTableIsolation = true; + security.unprivilegedUsernsClone = config.virtualisation.containers.enable; + security.virtualisation.flushL1DataCache = "always"; security.apparmor.enable = true; diff --git a/profiles/user.nix b/profiles/user.nix index 0a3bebe..d343e9c 100644 --- a/profiles/user.nix +++ b/profiles/user.nix @@ -19,6 +19,8 @@ # password.file = ../secrets/password.age; }; + + programs.fish.enable = true; # needed now users.users.tzlil = { isNormalUser = true; description = "Me"; @@ -62,7 +64,7 @@ in { Unit = { Description = "SSH Agent"; - After = ["default.target"]; + WantedBy = ["default.target"]; }; Service = { ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent"; -- cgit 1.4.1