From eae8f1319e8b2df9f9e9bdc3e48d48b7762b80a1 Mon Sep 17 00:00:00 2001
From: Stefan Junker <mail@stefanjunker.de>
Date: Thu, 26 Jan 2023 11:29:57 +0100
Subject: [PATCH] feat(nix): use stable nix, don't allow broken and insecure
 packages

---
 nix/home-manager/profiles/common.nix | 7 +++----
 nix/os/profiles/common/system.nix    | 1 -
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/nix/home-manager/profiles/common.nix b/nix/home-manager/profiles/common.nix
index 1c4372e..3d6b171 100644
--- a/nix/home-manager/profiles/common.nix
+++ b/nix/home-manager/profiles/common.nix
@@ -9,12 +9,11 @@ in {
   nixpkgs.overlays = builtins.attrValues (import ../../overlays);
 
   nixpkgs.config = {
-    allowBroken = true;
+    allowBroken = false;
     allowUnfree = true;
 
-    permittedInsecurePackages = [
-      "electron-17.4.1"
-    ];
+    permittedInsecurePackages = [ ];
+  };
 
   nix.settings = {
     experimental-features =
diff --git a/nix/os/profiles/common/system.nix b/nix/os/profiles/common/system.nix
index 8e0ba35..f6b8bf1 100644
--- a/nix/os/profiles/common/system.nix
+++ b/nix/os/profiles/common/system.nix
@@ -18,7 +18,6 @@
   nix.maxJobs = lib.mkDefault "auto";
   nix.buildCores = lib.mkDefault 0;
   nix.useSandbox = true;
-  nix.package = pkgs.nixUnstable;
 
   environment.etc."lvm/lvm.conf".text = ''
     devices {