From 233b7696c40bdd8774d872e4cf229b79b3ebaadb Mon Sep 17 00:00:00 2001
From: MDLeom <2809763-curben@users.noreply.gitlab.com>
Date: Mon, 23 Mar 2020 06:27:33 +0000
Subject: [PATCH] post(caddy-nixos-2): disable sysrq

---
 source/_posts/caddy-nixos-part-2.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/source/_posts/caddy-nixos-part-2.md b/source/_posts/caddy-nixos-part-2.md
index 96d02ea..b023cd5 100644
--- a/source/_posts/caddy-nixos-part-2.md
+++ b/source/_posts/caddy-nixos-part-2.md
@@ -268,6 +268,8 @@ Based on [Ubuntu Wiki](https://wiki.ubuntu.com/ImprovedNetworking/KernelSecurity
 
   ## Network hardening and performance
   boot.kernel.sysctl = {
+    # Disable magic SysRq key
+    "kernel.sysrq" = 0;
     # Ignore ICMP broadcasts to avoid participating in Smurf attacks
     "net.ipv4.icmp_echo_ignore_broadcasts" = 1;
     # Ignore bad ICMP errors