From 51116ed17e2febc06dc795e5893d3a31e97962e9 Mon Sep 17 00:00:00 2001
From: Preston Pan <ret2pop@gmail.com>
Date: Fri, 6 Feb 2026 15:52:14 -0800
Subject: server and desktop configurations are working fully and booting

---
 nix/modules/configuration.nix | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

(limited to 'nix/modules/configuration.nix')

diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix
index c906529..e2d12e2 100644
--- a/nix/modules/configuration.nix
+++ b/nix/modules/configuration.nix
@@ -40,11 +40,10 @@
   };
 
   systemd = {
+    services.NetworkManager-wait-online.enable = false;
     coredump.enable = false;
     network.config.networkConfig.IPv6PrivacyExtensions = "kernel";
     tmpfiles.settings = {
-  	  "restricthome"."/home/*".Z.mode = "~0700";
-
   	  "restrictetcnixos"."/etc/nixos/*".Z = {
   	    mode = "0000";
   	    user = "root";
@@ -108,7 +107,6 @@
   	  "pti=on"
   	  "randomize_kstack_offset=on"
   	  "vsyscall=none"
-  	  "module.sig_enforce=1"
   	  # "lockdown=confidentiality"
 
   	  # cpu
@@ -123,11 +121,10 @@
 
   	  # mineral
   	  # "init_on_alloc=1"
-  	  "random.trust_cpu=off"
-  	  "random.trust_bootloader=off"
+  	  # "random.trust_bootloader=off"
   	  # "init_on_free=1"
   	  "quiet"
-  	  "loglevel=0"
+  	  # "loglevel=0"
     ];
 
     blacklistedKernelModules = [
@@ -250,7 +247,7 @@
     };
 
     jitterentropy-rngd.enable = true;
-    resolved.dnssec = true;
+    resolved.settings.Resolve.DNSSEC = true;
     # usbguard.enable = true;
     usbguard.enable = false;
     dbus.apparmor = "enabled";
-- 
cgit v1.3