From 9231d0817680ba442bf2918f1e5868862dac967e Mon Sep 17 00:00:00 2001
From: Administrator <root@distrust.network>
Date: Sat, 8 Nov 2025 19:30:57 +0000
Subject: [PATCH] update readme & harden system

---
 README.md          |  9 ++++++++-
 TODO.md            | 12 ------------
 system/default.nix |  4 ++++
 3 files changed, 12 insertions(+), 13 deletions(-)
 delete mode 100644 TODO.md

diff --git a/README.md b/README.md
index 14b8d33..34933bc 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,14 @@ TBC
 
 ## TODO's
 
-See [TODO.md](TODO.md).
+### In Progress
+- Root on `tmpfs`
+
+### Urgent
+- N/A
+
+### Important
+- N/A
 
 ## LICENSE
 
diff --git a/TODO.md b/TODO.md
deleted file mode 100644
index 2ff087f..0000000
--- a/TODO.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# In Progress
-- Borg Backup
-
-# Urgent
-- N/A
-
-# Important
-- NixOS Hardened
-  - `jemalloc` to replace `scudo` (Nextcloud PHP errors)
-
-# Future
-- Root on `tmpfs`
diff --git a/system/default.nix b/system/default.nix
index 165c2fa..f2347a7 100644
--- a/system/default.nix
+++ b/system/default.nix
@@ -1,7 +1,11 @@
+{ lib, modulesPath, ... }:
 {
   imports = [
     ./configuration.nix
     ./hardware-configuration.nix
     ./networking.nix
+    
+    "${modulesPath}/profiles/hardened.nix"
+    { environment.memoryAllocator.provider = lib.mkForce "libc"; }
   ];
 }