diff --git a/hosts/micronix/system.nix b/hosts/micronix/system.nix
index 527bad2..19f66aa 100644
--- a/hosts/micronix/system.nix
+++ b/hosts/micronix/system.nix
@@ -7,11 +7,30 @@
     ./config/sysctl.d/hardening.nix
   ];
 
-  boot.kernelPackages = pkgs.linuxPackages_cachyos;
+  boot.loader = {
+    generationsDir.copyKernels = true;
+  };
+
+  boot.kernelPackages = pkgs.linuxPackages_cachyos-lto;
 
   boot.kernelParams = [
     "default_hugepagesz=1G"
     "hugepagesz=1G"
+    "slab_nomerge"
+    "init_on_alloc=1"
+    "randomize_kstack_offset=on"
+    "init_on_free=1"
+    "page_alloc.shuffle=1"
+    "pti=on"
+    "vsyscall=none"
+    "debugfs=off"
+    "oops=panic"
+    "module.sig_enforce=1"
+    "lockdown=confidentiality"
+    "mce=0"
+    "quiet"
+    "splash"
+    "loglevel=0"
   ];
 
   services.scx = {