diff --git a/hardening/README.md b/hardening/README.md
index 9537f08a..9f4cd73a 100644
--- a/hardening/README.md
+++ b/hardening/README.md
@@ -1,5 +1,7 @@
 # Linux Hardening
 
+> Work in progress.
+
 ## Goal
 
 - **System Level**: Protect critical files from being accessed by untrusted applications.
diff --git a/hardening/nixpaks/firefox.nix b/hardening/nixpaks/firefox.nix
index 8da09fd6..5111f1dc 100644
--- a/hardening/nixpaks/firefox.nix
+++ b/hardening/nixpaks/firefox.nix
@@ -61,11 +61,6 @@ mkNixPak {
       };
       bind.dev = [
         "/dev/shm" # Shared Memory
-
-        # seems required when using nvidia as primary gpu
-        "/dev/nvidia0"
-        "/dev/nvidia-uvm"
-        "/dev/nvidia-modeset"
       ];
       tmpfs = [
         "/tmp"
diff --git a/hardening/nixpaks/modules/gui-base.nix b/hardening/nixpaks/modules/gui-base.nix
index 840a547e..2d786981 100644
--- a/hardening/nixpaks/modules/gui-base.nix
+++ b/hardening/nixpaks/modules/gui-base.nix
@@ -31,7 +31,7 @@ in {
     };
     # https://github.com/nixpak/nixpak/blob/master/modules/gui/fonts.nix
     # it works not well, bind system's /etc/fonts directly instead
-    fonts.enable = true;
+    fonts.enable = false;
     # https://github.com/nixpak/nixpak/blob/master/modules/locale.nix
     locale.enable = true;
     bubblewrap = {
@@ -66,7 +66,19 @@ in {
         "/etc/fonts" # for fontconfig
         "/etc/machine-id"
         "/etc/localtime"
+
+        # Fix: libEGL warning: egl: failed to create dri2 screen
+        "/etc/egl"
+        "/etc/static/egl"
+      ];
+      bind.dev = [
+        # seems required when using nvidia as primary gpu
+        "/dev/nvidia0"
+        "/dev/nvidiactl"
+        "/dev/nvidia-modeset"
+        "/dev/nvidia-uvm"
       ];
+
       env = {
         XDG_DATA_DIRS = lib.mkForce (lib.makeSearchPath "share" [
           iconTheme
diff --git a/hardening/nixpaks/qq.nix b/hardening/nixpaks/qq.nix
index cb6280b9..51ed7971 100644
--- a/hardening/nixpaks/qq.nix
+++ b/hardening/nixpaks/qq.nix
@@ -45,11 +45,6 @@ mkNixPak {
       };
       bind.dev = [
         "/dev/shm" # Shared Memory
-
-        # seems required when using nvidia as primary gpu
-        "/dev/nvidia0"
-        "/dev/nvidia-uvm"
-        "/dev/nvidia-modeset"
       ];
       tmpfs = [
         "/tmp"
diff --git a/home/linux/gui/hyprland/values/wayland-apps.nix b/home/linux/gui/hyprland/values/wayland-apps.nix
index 717230fa..c358c96d 100644
--- a/home/linux/gui/hyprland/values/wayland-apps.nix
+++ b/home/linux/gui/hyprland/values/wayland-apps.nix
@@ -22,9 +22,9 @@
     + (builtins.readFile "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-foot}/catppuccin-mocha.conf");
 
   home.packages = [
-    pkgs.firefox-wayland
-    # pkgs.nixpaks.firefox
-    # pkgs.nixpaks.firefox-desktop-item
+    # pkgs.firefox-wayland
+    pkgs.nixpaks.firefox
+    pkgs.nixpaks.firefox-desktop-item
   ];
 
   programs = {