From bd9062421dc37041633d984698702e5af6fc3801 Mon Sep 17 00:00:00 2001
From: Sebastien Bourdeauducq <sb@m-labs.hk>
Date: Mon, 16 Sep 2019 09:32:58 +0800
Subject: [PATCH] nixbld: enable apparmor

This doesn't do much for now and apparmor support needs some work, but this enables the
kernel boot options so we can fix apparmor later without having to reboot the server.
---
 nixbld-etc-nixos/configuration.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix
index 6ce1e97..d6b7e0f 100644
--- a/nixbld-etc-nixos/configuration.nix
+++ b/nixbld-etc-nixos/configuration.nix
@@ -23,6 +23,8 @@ in
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
+  security.apparmor.enable = true;
+
   networking = {
     hostName = "nixbld";
     firewall = {