boot: use hardened linux 6.6 LTS kernel
This commit is contained in:
parent
3d6c90a559
commit
b5c30f5da7
|
@ -19,6 +19,7 @@ in {
|
||||||
# Hack so that network is considered up by boot.initrd.network and postCommands gets executed.
|
# Hack so that network is considered up by boot.initrd.network and postCommands gets executed.
|
||||||
"ip=127.0.0.1:::::lo:none"
|
"ip=127.0.0.1:::::lo:none"
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_net" ];
|
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_net" ];
|
||||||
boot.initrd.network = {
|
boot.initrd.network = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -21,7 +21,6 @@ in {
|
||||||
boot.loader.generic-extlinux-compatible.enable = false;
|
boot.loader.generic-extlinux-compatible.enable = false;
|
||||||
|
|
||||||
boot.supportedFilesystems = [ "zfs" ];
|
boot.supportedFilesystems = [ "zfs" ];
|
||||||
boot.kernelPackages = pkgs.linuxPackages_6_1_hardened;
|
|
||||||
|
|
||||||
boot.kernelParams = [
|
boot.kernelParams = [
|
||||||
"boot.shell_on_fail=1"
|
"boot.shell_on_fail=1"
|
||||||
|
|
|
@ -12,7 +12,7 @@ in {
|
||||||
loader.systemd-boot.enable = lib.mkDefault true;
|
loader.systemd-boot.enable = lib.mkDefault true;
|
||||||
|
|
||||||
# Use latest LTS linux kernel by default
|
# Use latest LTS linux kernel by default
|
||||||
kernelPackages = lib.mkDefault pkgs.linuxPackages_6_6_hardened;
|
kernelPackages = pkgs.linuxPackages_6_6_hardened;
|
||||||
|
|
||||||
# Support ntfs drives
|
# Support ntfs drives
|
||||||
supportedFilesystems = ["ntfs"];
|
supportedFilesystems = ["ntfs"];
|
||||||
|
|
|
@ -46,8 +46,6 @@ in {
|
||||||
allowedIPs = [ "10.42.0.0/22" "10.0.66.0/24" ];
|
allowedIPs = [ "10.42.0.0/22" "10.0.66.0/24" ];
|
||||||
persistentKeepalive = 15;
|
persistentKeepalive = 15;
|
||||||
dynamicEndpointRefreshSeconds = 30;
|
dynamicEndpointRefreshSeconds = 30;
|
||||||
# DNS = 10.0.66.10, ehex.cloud,ehex.de
|
|
||||||
# DNS = 10.0.66.12, ehex.cloud,ehex.de
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue