nix-config/modules/features/security/sysctl/security-sysctl.nix

{ ... }:
{
  config.dendritic.features.security-sysctl = {

    features = [
      "security-sysctl-kernel"
      "security-sysctl-network"
      "security-sysctl-userspace"
    ];
    nixosModules = [

      (
        { pkgs, ... }:
        {

          environment.systemPackages = [ pkgs.kernel-hardening-checker ];
        }
      )
    ];
  };
}