greg/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nix-bitcoin/modules/presets/hardened.nix

16 lines
433 B
Nix
Raw Normal View History

profiles/hardened: support pure eval mode
2022-10-22 19:37:48 +02:00
{ modulesPath, ... }: {
fix 'hardened' profile for NixOS 20.09 The 'scudo' memory allocator set by the 'hardened' profile breaks some services on 20.09. The fix for NixOS unstable (https://github.com/NixOS/nixpkgs/pull/104052) is ineffective on 20.09. As a workaround, add a custom 'hardened' preset that uses the default allocator.
2020-12-16 18:57:57 +01:00
imports = [
profiles/hardened: support pure eval mode
2022-10-22 19:37:48 +02:00
# Source:
# https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix
(modulesPath + "/profiles/hardened.nix")
fix 'hardened' profile for NixOS 20.09 The 'scudo' memory allocator set by the 'hardened' profile breaks some services on 20.09. The fix for NixOS unstable (https://github.com/NixOS/nixpkgs/pull/104052) is ineffective on 20.09. As a workaround, add a custom 'hardened' preset that uses the default allocator.
2020-12-16 18:57:57 +01:00
];
## Reset some options set by the hardened profile
# Needed for sandboxed builds and services
security.allowUserNamespaces = true;
update to NixOS 21.05
2021-08-05 00:48:56 +02:00
# The "scudo" allocator is broken on NixOS >= 20.09
fix 'hardened' profile for NixOS 20.09 The 'scudo' memory allocator set by the 'hardened' profile breaks some services on 20.09. The fix for NixOS unstable (https://github.com/NixOS/nixpkgs/pull/104052) is ineffective on 20.09. As a workaround, add a custom 'hardened' preset that uses the default allocator.
2020-12-16 18:57:57 +01:00
environment.memoryAllocator.provider = "libc";
}
Reference in New Issue Copy Permalink