diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 8cdb567..280d87c 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -939,6 +939,13 @@ root ]; + boot.tmp.useTmpfs = true; + systemd.services.nix-daemon = { + environment.TMPDIR = "/var/tmp"; + }; + boot.tmp.cleanOnBoot = true; + services.irqbalance.enable = true; + services.kanidm = { enableClient = true; enablePam = true; diff --git a/nixos/dragon.nix b/nixos/dragon.nix index 1da747b..95baa70 100644 --- a/nixos/dragon.nix +++ b/nixos/dragon.nix @@ -21,7 +21,7 @@ ]; boot = { - # kernelPackages = pkgs.linuxPackages_zen; + kernelPackages = pkgs.linuxPackages_latest; loader.efi.canTouchEfiVariables = true; loader.systemd-boot.enable = true; initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci" "usbhid"]; diff --git a/nixos/router.nix b/nixos/router.nix index 9bf164c..2263075 100644 --- a/nixos/router.nix +++ b/nixos/router.nix @@ -134,6 +134,7 @@ in { }; in { enable = true; + checkRuleset = true; ruleset = with inf; '' table inet filter { # set LANv4 {