diff options
| author | seth <[email protected]> | 2024-02-11 02:25:24 -0500 |
|---|---|---|
| committer | seth <[email protected]> | 2024-02-11 02:25:24 -0500 |
| commit | dacdc6dc5680444d5a31c0c1b3f5a9998682316e (patch) | |
| tree | 1a8c127ae51c6f6b0659bd28ea66ddbb510ecd4b | |
| parent | e0cc422746c0a4ea401ddbc91dc83dc9e033afa8 (diff) | |
atlas: use hardened profile
| -rw-r--r-- | modules/nixos/archetypes/server.nix | 5 | ||||
| -rw-r--r-- | systems/atlas/default.nix | 1 |
2 files changed, 2 insertions, 4 deletions
diff --git a/modules/nixos/archetypes/server.nix b/modules/nixos/archetypes/server.nix index 4df138f..08b2d65 100644 --- a/modules/nixos/archetypes/server.nix +++ b/modules/nixos/archetypes/server.nix @@ -44,10 +44,7 @@ in { _module.args.unstable = inputs.nixpkgs.legacyPackages.${pkgs.stdenv.hostPlatform.system}; - boot = { - tmp.cleanOnBoot = lib.mkDefault true; - kernelPackages = lib.mkDefault pkgs.linuxPackages_hardened; - }; + boot.tmp.cleanOnBoot = lib.mkDefault true; documentation = { enable = false; diff --git a/systems/atlas/default.nix b/systems/atlas/default.nix index f403397..1e448c6 100644 --- a/systems/atlas/default.nix +++ b/systems/atlas/default.nix @@ -1,6 +1,7 @@ {modulesPath, ...}: { imports = [ (modulesPath + "/profiles/minimal.nix") + (modulesPath + "/profiles/hardened.nix") ./hardware-configuration.nix ./miniflux.nix ./nginx.nix |