diff options
author | Alex Auvolat <alex@adnab.me> | 2023-03-24 12:58:44 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2023-03-24 12:58:44 +0100 |
commit | a0db30ca26ee0ca8c8efbabd76ba584331b5337c (patch) | |
tree | b9829924799c71028084a0f37b469226a35c1ee9 /cluster/prod/app/guichet/secrets.toml | |
parent | 76c8e8f0b0a703c7b067d3315a93d0512fbf2e76 (diff) | |
download | nixcfg-a0db30ca26ee0ca8c8efbabd76ba584331b5337c.tar.gz nixcfg-a0db30ca26ee0ca8c8efbabd76ba584331b5337c.zip |
Sanitize DNS configuration
- get rid of outside nameserver, unbound does the recursive resolving
itself (and it checks DNSSEC)
- remove CAP_NET_BIND_SERVICE for Consul as it is no longer binding on
port 53 (was already obsolete)
- make unbound config independant of LAN IPv4 address
Diffstat (limited to 'cluster/prod/app/guichet/secrets.toml')
0 files changed, 0 insertions, 0 deletions