Question 1

How to install nix-mineral on NixOS without using flakes?

Accepted Answer

Use the fetchgit method shown in the README: import the module from a Git fetch in your configuration.nix. This works without flake support but lacks version pinning, making updates less controlled compared to the flake method.

Question 2

nix-mineral vs NixOS hardened.nix profile: which is better for security?

Accepted Answer

nix-mineral is more comprehensive with features like kernel module blacklisting and compatibility presets, but it's alpha software. hardened.nix is upstream and more stable but less extensive. Choose nix-mineral for deeper hardening if you can tolerate the risks.

Question 3

Does nix-mineral work with NixOS 23.11 stable?

Accepted Answer

It's primarily targeted at nixos-unstable, so compatibility isn't guaranteed. You might encounter issues with renamed options and need manual overrides, as noted in the documentation, making it less ideal for stable releases.

Question 4

What are the risks of using nix-mineral in production servers?

Accepted Answer

As alpha software, it carries warnings about data loss and functionality breaks, especially on non-fixed releases. It's best tested in non-critical environments first, and user debugging is expected to address issues.

Question 5

How to disable specific hardening settings like TCP window scaling in nix-mineral?

Accepted Answer

In your NixOS configuration, set nix-mineral.settings.network.tcp-window-scaling = false, as shown in the example. This allows granular control, but you must refer to submodules for each option's details.

Question 6

Can nix-mineral be used on desktop and server systems alike?

Accepted Answer

Yes, its features like network hardening and kernel settings apply broadly, but ensure compatibility with your software stack. The alpha status and need for tuning make it more suited for experienced users on both fronts.

Question 7

How to contribute or report issues with nix-mineral?

Accepted Answer

Head to the GitHub issues tracker mentioned in the README, and follow the CONTRIBUTING.md guidelines. The project welcomes ideas and help with code or documentation, emphasizing community collaboration.

nix-mineral

What is nix-mineral?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions