nixos/headless: Only disable module loading if supported
This commit is contained in:
parent
dc1de1a343
commit
e7b2d8b59a
SSH key fingerprint:
SHA256:21QyD2Meiot7jOUVitIR5YkGB/XuXdCvLW1hE6dsri0
1 changed files with 1 additions and 1 deletions
|
|
@ -13,7 +13,7 @@
|
|||
|
||||
hardware.graphics.enable = false;
|
||||
|
||||
security.lockKernelModules = true;
|
||||
security.lockKernelModules = lib.mkIf (config.boot.kernelPackages.kernel.config.isEnabled "MODULES") true;
|
||||
security.protectKernelImage = true;
|
||||
services.openssh.enable = true;
|
||||
services.openssh.openFirewall = true;
|
||||
|
|
|
|||
Loading…
Reference in a new issue