nixos-config/modules/nixos/profiles/hardened.nix

# A extended hardened configuration from nixpkgs for desktop and server
# systems.
{ pkgs, lib, modulesPath, ... }:

{
  imports = [ "${modulesPath}/profiles/hardened.nix" ];

  # Don't replace it mid-way! DON'T TURN LEFT!!!!
  security.protectKernelImage = true;

  # Disable system console entirely. We don't need it so get rid of it.
  boot.kernel.sysctl."kernel.sysrq" = 0;
}
nixos/profiles/server: remove `hardened-config` submodule We're also moving it to a profiles module ala-nixpkgs. 2024-01-22 04:21:37 +00:00			`# A extended hardened configuration from nixpkgs for desktop and server`
			`# systems.`
			`{ pkgs, lib, modulesPath, ... }:`

			`{`
chore: reformat codebase 2025-01-29 04:48:19 +00:00			`imports = [ "${modulesPath}/profiles/hardened.nix" ];`
nixos/profiles/server: remove `hardened-config` submodule We're also moving it to a profiles module ala-nixpkgs. 2024-01-22 04:21:37 +00:00
			`# Don't replace it mid-way! DON'T TURN LEFT!!!!`
			`security.protectKernelImage = true;`

			`# Disable system console entirely. We don't need it so get rid of it.`
			`boot.kernel.sysctl."kernel.sysrq" = 0;`
			`}`