Add some security enhancements at the cost of perf
Currently experimenting with whether or not it's worth running ClamAV. Realistically speaking, I probably don't need it, all my executables are sourced from nixpkgs and should be malware free. I don't even know if it scans the store or anything. I'm just going to leave it here and forget about it and maybe sometime in the future it saves me from something idk.
This commit is contained in:
parent
d5adae15f6
commit
f217128dcc
1 changed files with 15 additions and 0 deletions
15
packages/sets/security.nix
Normal file
15
packages/sets/security.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
services.clamav = {
|
||||||
|
scanner.enable = true;
|
||||||
|
daemon.enable = true;
|
||||||
|
fangfrisch.enable = true;
|
||||||
|
updater.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
security.apparmor = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue