refactor: comment out resolved DNS customization

Commented out DNSSEC configuration and single-label resolution in systemd-resolved. This change disables custom DNS behavior to potentially align with default system behavior or compatibility requirements.

systems/aarch64-linux/m4nix/default.nix

@@ -55,7 +55,7 @@ with lib.metacfg;
   services.ratbagd.enable = true;
 
   services.resolved.enable = true;
-  services.resolved.dnssec = "allow-downgrade";
+  #services.resolved.dnssec = "allow-downgrade";
   services.resolved.extraConfig = ''
     ResolveUnicastSingleLabel=yes
   '';

systems/x86_64-linux/sgx/network.nix

@@ -6,7 +6,7 @@
 }:
 {
   services.resolved.enable = true;
-  services.resolved.dnssec = "allow-downgrade";
+  #services.resolved.dnssec = "allow-downgrade";
   services.resolved.extraConfig = ''
     ResolveUnicastSingleLabel=yes
   '';

systems/x86_64-linux/t15/default.nix

@@ -28,7 +28,7 @@
   system.stateVersion = "23.11";
 
   services.resolved.enable = true;
-  services.resolved.dnssec = "allow-downgrade";
+  #services.resolved.dnssec = "allow-downgrade";
 
   sops.age.sshKeyPaths = [ "/persist/ssh/ssh_host_ed25519_key" ];
   sops.secrets.backup-s3.sopsFile = ../../../.secrets/t15/backup-s3.yaml;

systems/x86_64-linux/x1/default.nix

@@ -51,10 +51,10 @@ with lib.metacfg;
   services.ratbagd.enable = true;
 
   services.resolved.enable = true;
-  services.resolved.dnssec = "allow-downgrade";
-  services.resolved.extraConfig = ''
-    ResolveUnicastSingleLabel=yes
-  '';
+  #services.resolved.dnssec = "allow-downgrade";
+  #services.resolved.extraConfig = ''
+  #  ResolveUnicastSingleLabel=yes
+  #'';
 
   systemd.packages = [ pkgs.cloudflare-warp ]; # for warp-cli