From c5badae86682ff226841549eb2b5e1da07486884 Mon Sep 17 00:00:00 2001 From: MDLeom <2809763-curben@users.noreply.gitlab.com> Date: Sun, 8 Nov 2020 04:53:57 +0000 Subject: [PATCH] post(nixos): mention kernel is LTS --- source/_posts/caddy-nixos-part-2.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/source/_posts/caddy-nixos-part-2.md b/source/_posts/caddy-nixos-part-2.md index 4d1e1bd..050539f 100644 --- a/source/_posts/caddy-nixos-part-2.md +++ b/source/_posts/caddy-nixos-part-2.md @@ -306,10 +306,18 @@ TCP Fast Open ([TFO](https://en.wikipedia.org/wiki/Tcp_fast_open)) is enabled by Kernel compiled with additional security-oriented patch set. [More details](https://wiki.archlinux.org/index.php/Security#Kernel_hardening). +_NixOS [defaults](https://nixos.wiki/wiki/Linux_kernel) to the latest LTS kernel_ + ``` + # Latest LTS kernel boot.kernelPackages = pkgs.linuxPackages_hardened; ``` +``` + # Latest kernel + boot.kernelPackages = pkgs.linuxPackages_latest_hardened; +``` + ## Remove old, unreferenced packages Since my web server has limited disk space, it needs to run [garbage collector](https://nixos.org/nixos/manual/index.html#sec-nix-gc) from time to time.