diff --git a/states/systemd/defaults.yaml b/states/systemd/defaults.yaml index 437492f..51618f9 100644 --- a/states/systemd/defaults.yaml +++ b/states/systemd/defaults.yaml @@ -10,6 +10,17 @@ systemd: networkd: Network: SpeedMeter: "yes" + resolved: + Resolve: + DNS: 9.9.9.9 149.112.112.112 2620:fe::fe 2620:fe::9 + Domains: paulbsd.com + LLMNR: "no" + MulticastDNS: "no" + DNSSEC: "no" + DNSOverTLS: "no" + DNSStubListener: "yes" + Cache: "yes" + ReadEtcHosts: "yes" presets: ssh: - enable ssh.service diff --git a/states/vector/templates/vector.service.j2 b/states/vector/templates/vector.service.j2 index 12fde3a..c44a6a9 100644 --- a/states/vector/templates/vector.service.j2 +++ b/states/vector/templates/vector.service.j2 @@ -13,6 +13,7 @@ ExecStartPre=/usr/local/bin/vector validate ExecStart=/usr/local/bin/vector ExecReload=/usr/local/bin/vector validate ExecReload=/bin/kill -HUP $MAINPID +ExecStop=/bin/kill $MAINPID Restart=always AmbientCapabilities=CAP_NET_BIND_SERVICE EnvironmentFile=-/etc/default/vector