From 37b07a8fb1d347860449e7f763bafbd4629225d9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nina=20Chl=C3=B3e=20Kassandra=20Rei=C3=9F?=
 <nina.reiss@nickr.eu>
Date: Mon, 8 Jun 2026 10:30:59 +0200
Subject: [PATCH] Move to a secure greeter

---
 desktop-environment/config.nix | 73 ++++++++++++++++++----------------
 1 file changed, 38 insertions(+), 35 deletions(-)

diff --git a/desktop-environment/config.nix b/desktop-environment/config.nix
index f8a28d2..a91895a 100644
--- a/desktop-environment/config.nix
+++ b/desktop-environment/config.nix
@@ -1,49 +1,52 @@
 { pkgs, ... }:
 let
-    profile = import ../profile.nix;
+  profile = import ../profile.nix;
 in
 {
 
-    imports  = [
-        ./browser.nix
-        ./planner.nix
-        ./window-manager.nix
-        ../applications/matrix.nix
-    ];
+  imports = [
+    ./browser.nix
+    ./planner.nix
+    ./window-manager.nix
+    ../applications/matrix.nix
+  ];
 
-    environment.systemPackages = with pkgs; [
-        kitty
-        pamixer
-        nemo-with-extensions
-    ];
+  environment.systemPackages = with pkgs; [
+    kitty
+    pamixer
+    nemo-with-extensions
+  ];
 
-    services.dbus.enable = true;
-    programs.dconf.enable = true;
-    hardware.graphics.enable = true;
+  services.dbus.enable = true;
+  programs.dconf.enable = true;
+  hardware.graphics.enable = true;
 
-    services.greetd = {
-      enable = true;
-      settings = {
-        default_session = {
-          command = "Hyprland";
-          user = profile.username;
-        };
+  programs.regreet = {
+    enable = true;
+  };
+
+  services.greetd = {
+    enable = true;
+    settings = {
+      default_session = {
+        command = "${pkgs.cage}/bin/cage -s -- ${pkgs.regreet}/bin/regreet";
       };
     };
+  };
 
-    xdg.portal = {
-        enable = true;
-        extraPortals = [ pkgs.xdg-desktop-portal-hyprland ];
-    };
+  xdg.portal = {
+    enable = true;
+    extraPortals = [ pkgs.xdg-desktop-portal-hyprland ];
+  };
 
-    hardware.nvidia = {
-      modesetting.enable = true;
-      powerManagement.enable = false;
-      open = false;
-    };
+  hardware.nvidia = {
+    modesetting.enable = true;
+    powerManagement.enable = false;
+    open = false;
+  };
 
-    systemd.targets.sleep.enable = false;
-    systemd.targets.suspend.enable = false;
-    systemd.targets.hibernate.enable = false;
-    systemd.targets.hybrid-sleep.enable = false;
+  systemd.targets.sleep.enable = false;
+  systemd.targets.suspend.enable = false;
+  systemd.targets.hibernate.enable = false;
+  systemd.targets.hybrid-sleep.enable = false;
 }