julm: firefox: change homepage

[julm/julm-nix.git] / hosts / patate.nix

diff --git a/hosts/patate.nix b/hosts/patate.nix
index 341c162c5f12ada61e21aedd4a2b44157f7d580f..9a75972c6442528fb0acf9f6b38085fa7053f954 100644 (file)
--- a/hosts/patate.nix
+++ b/hosts/patate.nix
@@ -8,15 +8,18 @@ imports = [
   ../nixos/profiles/printing.nix
   ../nixos/profiles/security.nix
   ../nixos/profiles/system.nix
-  ../nixos/profiles/tor.nix
   ../nixos/profiles/wireguard/wg-intra.nix
   patate/backup.nix
   patate/hardware.nix
+  patate/wireguard.nix
 ];
 
+# Lower kernel's security for better performances
+boot.kernelParams = [ "mitigations=off" ];
+
 home-manager.users.sevy = {
   imports = [ ../homes/sevy.nix ];
-  host.hardware = ["ThinkPad" "X200"];
+  host.hardware = [ "ThinkPad" "X200" ];
 };
 systemd.services.home-manager-sevy.postStart = ''
   ${pkgs.nix}/bin/nix-env --delete-generations +1 --profile /nix/var/nix/profiles/per-user/sevy/home-manager
@@ -42,15 +45,17 @@ users.users.sevy = {
 };
 
 nix = {
-  trustedUsers = [ config.users.users."sevy".name ];
-  binaryCaches = [
-    "http://nix-localcache.losurdo.wg"
-    "ssh://nix-ssh@oignon.wg"
-  ];
-  binaryCachePublicKeys = map lib.readFile [
-    ../private/shared/nix/losurdo.pub
-    ../private/shared/nix/oignon.pub
-  ];
+  settings = {
+    trusted-users = [ config.users.users."sevy".name ];
+    substituters = [
+      #"ssh://nix-ssh@losurdo.wg?priority=30"
+      "ssh://nix-ssh@oignon.wg?priority=10"
+    ];
+    trusted-public-keys = map lib.readFile [
+      ../private/shared/nix/losurdo.pub
+      ../private/shared/nix/oignon.pub
+    ];
+  };
 };
 
 environment.systemPackages = [