teepot

mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 07:03:56 +02:00

Author	SHA1	Message	Date
Harald Hoyer	eb39705ff1	feat: compat code for non `x86_64-linux` - do not build packages, which require `x86_64-linux` - use Phala `dcap-qvl` crate for remote attestation, if possible - nix: exclude `nixsgx` on non `x86_64-linux` platforms Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-04-10 11:57:46 +02:00
Harald Hoyer	3f90e4f80b	feat(tdx_google): add iproute2 and vector initialization wait - Include iproute2 in the container path for required networking tools. - Add a script to wait for vector to initialize before proceeding.	2025-03-21 13:11:23 +01:00
Harald Hoyer	cf4a6cfb60	feat(tdx_google): add onFailure action to reboot on metadata.service errors - Introduce `onFailure` handler to trigger reboot after 5 minutes. - Enhances system reliability by automating recovery measures. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-20 15:32:51 +01:00
Harald Hoyer	a5cf220c57	feat(tdx_google): add support for attestation in container - Mount `/sys/kernel/config` to enable attestation for TDX containers. - Ensures compatibility with TDX guest measurements during runtime.	2025-02-20 12:14:10 +01:00
Harald Hoyer	439574f22c	chore(tdx_google): remove unused `teepot` package from system environment Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-19 15:01:02 +01:00
Harald Hoyer	760ff7eff1	refactor(tdx_google): simplify service configurations - Replaced hardcoded metadata-fetching logic with shared metadata service. - Removed custom pre-start scripts and refactored environment handling. - Updated Vector configuration to include custom field transformations. - Streamlined container startup process and ensured proper cleanup. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-19 15:00:43 +01:00
Harald Hoyer	5d2ad57cfd	refactor(tdx_google): modularize tdx_google configuration - Split `tdx_google/configuration.nix` into smaller modules: `vector.nix`, and `container.nix`. - Simplified the main configuration by leveraging modular imports for better readability and maintainability. Signed-off-by: Harald Hoyer <harald@matterlabs.dev> # Conflicts: # packages/tdx_google/configuration.nix	2025-02-19 15:00:42 +01:00
Harald Hoyer	bbbce81541	feat(configuration): update journald and serial settings - Set journald console to `/dev/ttyS0` for improved logging. - Disable `serial-getty@ttyS0` service to avoid conflicts.	2025-02-19 11:16:34 +01:00
Harald Hoyer	a41460b7f0	feat(tdx-google): enhance container service setup - Add `vector.service` and `chronyd.service` dependencies to `docker_start_container` service. - Use `EnvironmentFile` and a pre-start script to dynamically generate environment variables for container setup. - Improve error handling and clarity in container initialization.	2025-02-14 16:47:43 +01:00
Harald Hoyer	9266a9f072	feat(google-tdx): add Vector service integration - Enable Vector service and configure OpenTelemetry source. - Add sinks for logs output to console and Kafka. - Configure environment setup for Kafka using GCP metadata API. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-12 08:34:18 +01:00
Harald Hoyer	ff22db6054	chore(google-tdx): removed commented-out ssh debugging Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-11 08:29:34 +01:00
Harald Hoyer	c5cdc1e4ab	feat(google-tdx): disable LLMNR and MulticastDNS - Configured resolved service, disabling LLMNR and MulticastDNS for improved resolution settings. - Removed commented-out Prometheus Node config Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-02-11 08:29:29 +01:00
Harald Hoyer	dc1e756ec6	feat(tdx): add nix build for TDX google VMs Signed-off-by: Harald Hoyer <harald@matterlabs.dev>	2025-01-14 14:50:43 +01:00

13 commits