nix-config/modules/features/security/sysctl/security-sysctl-bpf.nix

# Breaks tracing and perf tools
{ ... }:
{
  config.dendritic.features.security-sysctl-bpf = {
    nixosModules = [
      (
        { ... }:
        {
          boot.kernel.sysctl = {
            "kernel.unprivileged_bpf_disabled" = 1;
            # should be enabled along with bpf above
            "net.core.bpf_jit_harden" = 2;
          };
        }
      )
    ];
  };
}