Disable kernel modules locking

configuration.nix

@@ -23,14 +23,6 @@ in {
   time.timeZone = "UTC";
 
   boot.kernelPackages = unstable.linuxPackages_latest;
-  boot.kernelModules = [
-    "pl2303"
-    "fuse"
-    "veth" "usbnet" "mii" "cdc_ether"
-    "ipt_REJECT" "xt_CHECKSUM" "iptable_mangle"
-    "snd_usb_audio"
-    "thunderbolt" "intel_wmi_thunderbolt"
-  ];
   boot.blacklistedKernelModules = [ "nouveau" ];
   boot.earlyVconsoleSetup = true;
 

security.nix

@@ -8,6 +8,7 @@ let
 in {
   security.allowUserNamespaces = true;
   security.allowSimultaneousMultithreading = true;
+  security.lockKernelModules = false;
 
   programs.ssh.startAgent = false;
   programs.gnupg = {