services.rke2.cisHardening
Enable CIS Hardening for RKE2.
The OS-level configuration options required to pass the CIS benchmark are enabled by default.
This option only creates the etcd user and group, and passes the --profile=cis flag to RKE2.
Learn more about CIS Hardening for RKE2.
- Type
boolean- Default
false- Declared
- <nixpkgs/nixos/modules/services/cluster/rancher/default.nix>