diff --git a/TODO b/TODO
index ec2c41b..377296e 100644
--- a/TODO
+++ b/TODO
@@ -2,7 +2,8 @@ install steam, wine and lib32 multilib #
 basename opti ##
 configure yazi #
 nvim bufferline colors #
-configure for work ###
+configure firefox hardening
+configure trim (fstrim and luks)
 ## Hyprland
 wofi
 foot
diff --git a/install.sh b/install.sh
index 6170459..fa4d763 100755
--- a/install.sh
+++ b/install.sh
@@ -8,7 +8,7 @@ PACSTRAP_EXTRA_ARGS="-c"
 ### Switch to the script directory
 cd "$(dirname "$0")"
 DIRNAME="$(pwd)"
-source scripts/functions.sh
+source scripts/functions
 
 ### Format disk
 sgdisk --clear \
@@ -20,6 +20,8 @@ partprobe "$DISK"
 ### Create Luks partition
 printf "%s\n" "root" | cryptsetup --batch-mode --verify-passphrase luksFormat /dev/disk/by-partlabel/SYS
 printf "%s\n" "root" | cryptsetup open /dev/disk/by-partlabel/SYS rootfs
+cryptsetup config /dev/disk/by-partlabel/SYS --label sys
+cryptsetup --allow-discards --persistent refresh rootfs
 
 ### Create filesystem
 mkfs.fat -F32 -n efi /dev/disk/by-partlabel/EFI
diff --git a/links/i3wm/config b/links/i3wm/config
index 11dca3b..8ebf860 100644
--- a/links/i3wm/config
+++ b/links/i3wm/config
@@ -102,6 +102,7 @@ client.background       $bg
 exec_always --no-startup-id /usr/local/share/dotfiles/scripts/wallpapers.sh
 exec_always --no-startup-id "killall picom ; picom"
 exec_always --no-startup-id "killall dunst ; dunst"
+exec_always --no-startup-id "killall nextcloud ; nextcloud"
 
 #################
 # Apps shortcut #
diff --git a/links/reflector/reflector.conf b/links/reflector/reflector.conf
new file mode 100644
index 0000000..59bbb96
--- /dev/null
+++ b/links/reflector/reflector.conf
@@ -0,0 +1,33 @@
+# Reflector configuration file for the systemd service.
+#
+# Empty lines and lines beginning with "#" are ignored.  All other lines should
+# contain valid reflector command-line arguments. The lines are parsed with
+# Python's shlex modules so standard shell syntax should work. All arguments are
+# collected into a single argument list.
+#
+# See "reflector --help" for details.
+
+# Recommended Options
+
+# Set the output path where the mirrorlist will be saved (--save).
+--save /etc/pacman.d/mirrorlist
+
+# Select the transfer protocol (--protocol).
+--protocol https
+
+# Select the country (--country).
+# Consult the list of available countries with "reflector --list-countries" and
+# select the countries nearest to you or the ones that you trust. For example:
+# --country France,Germany
+
+# Use only the  most recently synchronized mirrors (--latest).
+--latest 5
+
+# Sort the mirrors by synchronization time (--sort).
+--sort age
+
+--fastest 6
+
+--score 6
+
+--download-timeout 1
diff --git a/scripts/bookmarks.sh b/scripts/bookmarks.sh
index ec88162..10f78df 100755
--- a/scripts/bookmarks.sh
+++ b/scripts/bookmarks.sh
@@ -1,8 +1,7 @@
 #!/bin/bash
 
-_BASENAME=$(basename "$0")
-_DIRNAME="$(cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd)"
-cd "$_DIRNAME" || _exit 1
+cd -- "$(dirname -- "$0")" || exit
+_DIRNAME="$(pwd)"
 
 _URL=$(grep -Ev "^#" ./bookmarks | rofi -dmenu -i -p Bookmarks)
 
diff --git a/scripts/functions b/scripts/functions
index e045c9a..5c87acc 100644
--- a/scripts/functions
+++ b/scripts/functions
@@ -1,7 +1,8 @@
 #!/bin/bash
 
+source ./scripts/variables
+
 _template() {
- source ./scripts/variables
   sed -i "s|{{foreground}}|$foreground|" "$1"
   sed -i "s|{{foreground_light}}|$foreground_light|" "$1"
   sed -i "s|{{foreground_lighter}}|$foreground_lighter|" "$1"
@@ -29,8 +30,6 @@ _template() {
 }
 
 _kernel_colors() {
-  source ./scripts/variables
-  printf "\e[32m==> Generating for kernel arg\e[0m\n"
   transform_colors ()
   {
     printf "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d" \
diff --git a/scripts/mpv.sh b/scripts/mpv.sh
index 1df3451..74ca5b3 100755
--- a/scripts/mpv.sh
+++ b/scripts/mpv.sh
@@ -1,8 +1,6 @@
 #!/bin/bash
 
-_BASENAME=$(basename "$0")
-_DIRNAME="$(cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd)"
-cd "$_DIRNAME" || _exit 1
+cd -- "$(dirname -- "$0")" || exit
 
 ## if not $1
 if [[ -z $1 ]]
diff --git a/scripts/update.sh b/scripts/update.sh
index 28ef61d..c1aa6c1 100755
--- a/scripts/update.sh
+++ b/scripts/update.sh
@@ -9,13 +9,16 @@ source ./scripts/functions
 
 ### Global variables
 _DIRNAME="$(pwd)"
-_PACKAGES=(arc-gtk-theme chromium code curl discord dmenu dunst egl-wayland feh flameshot flatpak firefox htop hyprland i3lock i3-wm imagemagick lxappearance mpv nwg-look otf-comicshanns-nerd pavucontrol pipewire pipewire-jack pipewire-pulse polybar neofetch numlockx papirus-icon-theme picom plocate polybar remmina ttf-dejavu-nerd wget wireguard-tools xdg-desktop-portal xorg xorg-xinit)
+_PACKAGES=(arc-gtk-theme chromium code curl discord dmenu dunst egl-wayland feh flameshot flatpak firefox htop hyprland i3lock i3-wm imagemagick kitty lxappearance mpv neofetch numlockx nwg-look otf-comicshanns-nerd papirus-icon-theme pavucontrol picom pipewire pipewire-jack pipewire-pulse rofi plocate polybar reflector remmina ttf-dejavu-nerd wget wireguard-tools xdg-desktop-portal xorg xorg-xinit)
 
 ### Configure pacman and install needeed packages
 _info "Configuring and updateing packages"
 _msg "Configuring pacman"
 sed -i "s|^#Color.*|Color|" /etc/pacman.conf
 sed -i "s|^#ParallelDownloads.*|ParallelDownloads = 10|" /etc/pacman.conf
+_msg "Configuring reflector"
+ln -sf "$_DIRNAME/links/reflector/reflector.conf" /etc/xdg/reflector/reflector.conf
+ln -sf "/usr/lib/systemd/system/reflector.timer" "/etc/systemd/system/timers.target.wants/reflector.timer"
 _msg "Updating packages"
 pacman -Syu --noconfirm
 _msg "Installing needeed packages"
@@ -77,6 +80,8 @@ mkdir -p ~/.local/share/applications
 ln -sf "$_DIRNAME/links/applications/teams.desktop" ~/.local/share/applications/teams.desktop
 sed -i "s|^Exec=.*|Exec=code-oss --no-sandbox|" /usr/share/applications/code-oss.desktop
 sed -i "s|^Icon=.*|Icon=vscode|" /usr/share/applications/code-oss.desktop
+sed -i 's|Exec=/usr/bin/chromium %U|Exec=/usr/bin/chromium --no-sandbox %U|' /usr/share/applications/chromium.desktop
+sed -i 's|Exec=/usr/bin/chromium --incognito|Exec=/usr/bin/chromium --no-sandbox --incognito|' /usr/share/applications/chromium.desktop
 _msg "links kitty"
 mkdir -p ~/.config/kitty
 ln -sf "$_DIRNAME/links/kitty/kitty.conf" ~/.config/kitty/kitty.conf
@@ -94,14 +99,21 @@ then
 fi
 if [[ $_LOCATION == "home" ]]
 then
-  _info "Configuring for work"
+  _info "Configuring for home"
   sed -i "s|^include /etc/i3.*|include /etc/i3/home|" ./links/i3wm/config
   sed -i "s|^include-file = /etc/polybar/work.ini|include-file = /etc/polybar/home.ini|" ./links/polybar/config.ini
 fi
 
+### Add no sandbox
+_info "Add --no-sandbox if needed"
 ### nvidia vs amd
 
 ### Print kernel cmdline
+_info "Dont forget to update /etc/hernel/cmdline (require mkinitcpio -P after)"
+printf "cryptdevice=UUID=%s:rootfs root=UUID=%s rootflags=subvol=@ rw initrd=\\intel-ucode.img initrd=\\initramfs-linux.img loglevel=3 %s intel_iommu=on iommu=pt nvidia_drm.fbdev=1 nvidia_drm.modeset=1\n" \
+  "$(blkid --match-token LABEL=sys -s UUID -o value)" \
+  "$(blkid --match-token LABEL=root -s UUID -o value)" \
+  "$(_kernel_colors)"
 
 ### Wait for user
 _info "Update sucessfull"