From 1235ec9071bdb8959ce7a95aa3c51af14ee41936 Mon Sep 17 00:00:00 2001 From: Harald Hoyer Date: Sat, 22 Feb 2025 08:23:38 +0100 Subject: [PATCH] feat(network): enable systemd-resolved with custom settings - Enable systemd-resolved and configure DNSSEC with downgrade option. - Add extra configuration to allow resolving unicast single-label names. This improves DNS handling and ensures compatibility for SGX setup. --- systems/x86_64-linux/sgx/network.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/systems/x86_64-linux/sgx/network.nix b/systems/x86_64-linux/sgx/network.nix index 6615531..bcd5db2 100644 --- a/systems/x86_64-linux/sgx/network.nix +++ b/systems/x86_64-linux/sgx/network.nix @@ -5,6 +5,12 @@ ... }: { + services.resolved.enable = true; + services.resolved.dnssec = "allow-downgrade"; + services.resolved.extraConfig = '' + ResolveUnicastSingleLabel=yes + ''; + networking.hostName = "sgx"; # Define your hostname. networking.useDHCP = false;