dev: NixOS 25.11 매뉴얼 로컬 사본 추가

nixpkgs nixos-25.11 브랜치의 nixos/doc/manual/ 디렉토리를 sparse clone으로
가져와 ~/obsidian/dev/nixos-manual/에 복사. _index.md에 구조/갱신 방법 정리.

오프라인 참조 + AI 에이전트 컨텍스트용. sandbox-tokyo 같은 NixOS 노드 운영 시
빠른 참조로 사용.

dev/nixos-manual/configuration/profiles/hardened.section.md

@@ -0,0 +1,20 @@
+# Hardened {#sec-profile-hardened}
+
+A profile with most (vanilla) hardening options enabled by default,
+potentially at the cost of stability, features and performance.
+
+This includes a hardened kernel, and limiting the system information
+available to processes through the `/sys` and
+`/proc` filesystems. It also disables the User Namespaces
+feature of the kernel, which stops Nix from being able to build anything
+(this particular setting can be overridden via
+[](#opt-security.allowUserNamespaces)). See the
+[profile source](https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix)
+for further detail on which settings are altered.
+
+::: {.warning}
+This profile enables options that are known to affect system
+stability. If you experience any stability issues when using the
+profile, try disabling it. If you report an issue and use this
+profile, always mention that you do.
+:::