Has anyone tried checking whether NixOS passed CIS benchmark level 1 for servers?
It’s a requirement for my company to use an OS on our hosts, so I was wondering whether someone had already attempted this.
If not, I’m going to spend some time doing it. I’m probably going to edit a module
cis-hardened.nix that can be included to a config to be compliant.
Here’s a linux “distribution independent” list of checks: