harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 15:13:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(google-tdx): disable LLMNR and MulticastDNS

Browse source 
- Configured resolved service, disabling LLMNR and MulticastDNS
  for improved resolution settings.

- Removed commented-out Prometheus Node config

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
This commit is contained in:
Harald Hoyer 2025-02-10 10:46:34 +01:00
parent fae9ad7f58
commit c5cdc1e4ab
Signed by: harald
GPG key ID: F519A1143B3FBE32
1 changed files with 7 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

9
packages/tdx_google/configuration.nix
View file

@ -26,6 +26,13 @@
networking.firewall.allowedTCPPortRanges = [{ from = 1024; to = 65535; }]; networking.firewall.allowedTCPPortRanges = [{ from = 1024; to = 65535; }];
networking.firewall.allowedUDPPortRanges = [{ from = 1024; to = 65535; }]; networking.firewall.allowedUDPPortRanges = [{ from = 1024; to = 65535; }];
services.resolved.enable = true;
services.resolved.llmnr = "false";
services.resolved.extraConfig = ''
[Resolve]
MulticastDNS=no
'';
networking.useNetworkd = lib.mkDefault true; networking.useNetworkd = lib.mkDefault true;
# don't fill up the logs # don't fill up the logs
@ -80,8 +87,6 @@
disabledCollectors = [ disabledCollectors = [
"textfile" "textfile"
]; ];
#openFirewall = true;
#firewallFilter = "-i br0 -p tcp -m tcp --dport 9100";
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [