Laurent/infrastructure
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

feat: enable hardened kernel

Browse source
This commit is contained in:
Laureηt 2022-12-23 15:32:11 +01:00
parent 1f2a2a706d
commit 06df535e84
Signed by: Laurent
SSH key fingerprint: SHA256:kZEpW8cMJ54PDeCvOhzreNr4FSh6R13CMGH/POoO8DI
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
hosts/neodymium/configuration.nix
View file

@ -10,14 +10,17 @@ let
}; };
in { in {
imports = [ ./hardware-configuration.nix ]; imports = [
<nixpkgs/nixos/modules/profiles/hardened.nix>
./hardware-configuration.nix
];
# networking # networking
networking.hostName = "neodymium"; networking.hostName = "neodymium";
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = []; networking.firewall.allowedTCPPorts = [ ];
networking.firewall.allowedUDPPorts = []; networking.firewall.allowedUDPPorts = [ ];
# use systemd-boot EFI boot loader # use systemd-boot EFI boot loader
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;