server and desktop configurations are working fully and booting

author: Preston Pan <ret2pop@gmail.com> 2026-02-06 15:52:14 -0800
committer: Preston Pan <ret2pop@gmail.com> 2026-02-06 15:52:14 -0800
commit: 51116ed17e2febc06dc795e5893d3a31e97962e9 (patch)
tree: 17ec9ca6f8475931e1f26f94928b753c042e06d1 /nix/modules/configuration.nix
parent: 9e826d9c2bad4a7ccf183257118be37083f26782 (diff)
1 files changed, 4 insertions, 7 deletions
diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix
index c906529..e2d12e2 100644
--- a/nix/modules/configuration.nix
+++ b/nix/modules/configuration.nix
@@ -40,11 +40,10 @@
   };
 
   systemd = {
+    services.NetworkManager-wait-online.enable = false;
     coredump.enable = false;
     network.config.networkConfig.IPv6PrivacyExtensions = "kernel";
     tmpfiles.settings = {
-  	  "restricthome"."/home/*".Z.mode = "~0700";
-
   	  "restrictetcnixos"."/etc/nixos/*".Z = {
   	    mode = "0000";
   	    user = "root";
@@ -108,7 +107,6 @@
   	  "pti=on"
   	  "randomize_kstack_offset=on"
   	  "vsyscall=none"
-  	  "module.sig_enforce=1"
   	  # "lockdown=confidentiality"
 
   	  # cpu
@@ -123,11 +121,10 @@
 
   	  # mineral
   	  # "init_on_alloc=1"
-  	  "random.trust_cpu=off"
-  	  "random.trust_bootloader=off"
+  	  # "random.trust_bootloader=off"
   	  # "init_on_free=1"
   	  "quiet"
-  	  "loglevel=0"
+  	  # "loglevel=0"
     ];
 
     blacklistedKernelModules = [
@@ -250,7 +247,7 @@
     };
 
     jitterentropy-rngd.enable = true;
-    resolved.dnssec = true;
+    resolved.settings.Resolve.DNSSEC = true;
     # usbguard.enable = true;
     usbguard.enable = false;
     dbus.apparmor = "enabled";
author	Preston Pan <ret2pop@gmail.com>	2026-02-06 15:52:14 -0800
committer	Preston Pan <ret2pop@gmail.com>	2026-02-06 15:52:14 -0800
commit	51116ed17e2febc06dc795e5893d3a31e97962e9 (patch)
tree	17ec9ca6f8475931e1f26f94928b753c042e06d1 /nix/modules/configuration.nix
parent	9e826d9c2bad4a7ccf183257118be37083f26782 (diff)