From f010ac88bcc2d178a263fa4fe12ce7e7de4549cc Mon Sep 17 00:00:00 2001
From: seth <getchoo@tuta.io>
Date: Thu, 2 Nov 2023 08:39:49 -0400
Subject: nixos/sever: clean tmp on boot & use linux-hardened by default

---
 modules/nixos/server/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'modules')

diff --git a/modules/nixos/server/default.nix b/modules/nixos/server/default.nix
index 8e368fc..8408c6f 100644
--- a/modules/nixos/server/default.nix
+++ b/modules/nixos/server/default.nix
@@ -12,6 +12,11 @@
 
   _module.args.unstable = inputs.nixpkgs.legacyPackages.${pkgs.stdenv.hostPlatform.system};
 
+  boot = {
+    tmp.cleanOnBoot = lib.mkDefault true;
+    kernelPackages = lib.mkDefault pkgs.linuxPackages_hardened;
+  };
+
   documentation = {
     enable = false;
 
-- 
cgit v1.2.3