From ceb94d7cb182f93fce6364ac01da3df30d6c8e4c Mon Sep 17 00:00:00 2001
From: s0me1newithhand7s <git+me@hand7s.org>
Date: Sun, 3 May 2026 19:05:41 +0300
Subject: [PATCH] kyra(hardening): journalctl audit settings

Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>
---
 kyra/services/journalctl.nix | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 kyra/services/journalctl.nix

diff --git a/kyra/services/journalctl.nix b/kyra/services/journalctl.nix
new file mode 100644
index 0000000..ea895b3
--- /dev/null
+++ b/kyra/services/journalctl.nix
@@ -0,0 +1,14 @@
+_: {
+  services = {
+    journald = {
+      audit = true;
+      storage = "volatile";
+      rateLimitBurst = 1000;
+      rateLimitInterval = "30s";
+      extraConfig = ''
+        RuntimeMaxUse=128M
+        MaxRetentionSec=1day
+      '';
+    };
+  };
+}