From 977e7c795ab2ca3d2a226bdbebf4d5e7b3dad96c Mon Sep 17 00:00:00 2001
From: tzlil <tzlils@protonmail.com>
Date: Fri, 31 Mar 2023 17:56:36 +0300
Subject: completed hydrus setup, made ssh-agent autostart (wantedBy
 default.target)

---
 profiles/security.nix | 2 ++
 profiles/user.nix     | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

(limited to 'profiles')

diff --git a/profiles/security.nix b/profiles/security.nix
index 8ca89e3..ddd980e 100644
--- a/profiles/security.nix
+++ b/profiles/security.nix
@@ -21,6 +21,8 @@
     security.allowSimultaneousMultithreading = false;
     security.forcePageTableIsolation = true;
 
+    security.unprivilegedUsernsClone = config.virtualisation.containers.enable;
+
     security.virtualisation.flushL1DataCache = "always";
 
     security.apparmor.enable = true;
diff --git a/profiles/user.nix b/profiles/user.nix
index 0a3bebe..d343e9c 100644
--- a/profiles/user.nix
+++ b/profiles/user.nix
@@ -19,6 +19,8 @@
       # password.file = ../secrets/password.age;
     };
 
+
+  programs.fish.enable = true; # needed now
     users.users.tzlil = {
       isNormalUser = true;
       description = "Me";
@@ -62,7 +64,7 @@
       in {
         Unit = {
           Description = "SSH Agent";
-          After = ["default.target"];
+          WantedBy = ["default.target"];
         };
         Service = {
           ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent";
-- 
cgit 1.4.1