From 0d3f6328010b3b6ef07a0748391d3756ca65bcc4 Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Wed, 18 Jan 2023 07:27:49 -0500
Subject: [PATCH] Force DNSSEC for Debian

Signed-off-by: Tommy <contact@tommytran.io>
---
 GCP-Debian-11.sh | 3 +++
 Proxmox-7.sh     | 5 ++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/GCP-Debian-11.sh b/GCP-Debian-11.sh
index 41412e6..6a31b2a 100644
--- a/GCP-Debian-11.sh
+++ b/GCP-Debian-11.sh
@@ -26,3 +26,6 @@ curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.con
 echo "* hard core 0" | tee -a /etc/security/limits.conf
 
 sed -i 's/#GSSAPIAuthentication no/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
+
+sed -i 's/#DNSSEC=no/DNSSEC=yes/g' /etc/systemd/resolved.conf
+systemctl restart systemd-resolved
\ No newline at end of file
diff --git a/Proxmox-7.sh b/Proxmox-7.sh
index 6f6ec68..cc9cfd8 100644
--- a/Proxmox-7.sh
+++ b/Proxmox-7.sh
@@ -54,4 +54,7 @@ bash <(curl -s https://raw.githubusercontent.com/Weilbyte/PVEDiscordDark/master/
 systemctl restart pveproxy.service
 
 echo "GSSAPIAuthentication no" > /etc/ssh/ssh_config.d/10-custom.conf
-echo "VerifyHostKeyDNS yes" >> /etc/ssh/ssh_config.d/10-custom.conf
\ No newline at end of file
+echo "VerifyHostKeyDNS yes" >> /etc/ssh/ssh_config.d/10-custom.conf
+
+sed -i 's/#DNSSEC=no/DNSSEC=yes/g' /etc/systemd/resolved.conf
+systemctl restart systemd-resolved
\ No newline at end of file