move security-workarounds to krebs and cleanup

krebs/2configs/default.nix

@@ -4,6 +4,7 @@ with import <stockholm/lib>;
 {
   imports = [
     ./backup.nix
+    ./security-workarounds.nix
   ];
   krebs.announce-activation.enable = true;
   krebs.enable = true;

krebs/2configs/security-workarounds.nix

@@ -1,10 +1,6 @@
 { config, lib, pkgs, ... }:
 with import <stockholm/lib>;
 {
-  # http://seclists.org/oss-sec/2017/q1/471
+  # https://github.com/berdav/CVE-2021-4034
-  boot.extraModprobeConfig = ''
-    install dccp /run/current-system/sw/bin/false
-  '';
-
   security.wrappers.pkexec.source = lib.mkForce (pkgs.writeText "pkexec" "");
 }

lass/2configs/default.nix

@@ -8,7 +8,7 @@ with import <stockholm/lib>;
     ./vim.nix
     ./zsh.nix
     ./htop.nix
-    ./security-workarounds.nix
+    <stockholm/krebs/2configs/security-workarounds.nix>
     ./wiregrill.nix
     {
       users.extraUsers =