45 lines
1.2 KiB
Plaintext
45 lines
1.2 KiB
Plaintext
// Fleet Node Profile
|
|
// Optimized for distributed fleet deployment with minimal footprint
|
|
|
|
profile "fleet-node" {
|
|
description "Optimized for fleet deployment with minimal dependencies"
|
|
|
|
domains {
|
|
// Lightweight init system
|
|
init "dinit"
|
|
|
|
// Minimal runtime - musl for smaller binaries
|
|
runtime "musl" "systemd-shim"
|
|
|
|
// Headless - no graphics
|
|
graphics "headless"
|
|
|
|
// No audio needed
|
|
audio "none"
|
|
|
|
// Strong security for production
|
|
security "pie" "relro" "stack-protector" "hardened"
|
|
|
|
// Aggressive optimization for size and speed
|
|
optimization "lto" "strip"
|
|
|
|
// Fleet integration
|
|
integration "nipcells" "nexus-api"
|
|
|
|
// Modern networking
|
|
network "ipv6" "wireguard" "mesh"
|
|
|
|
// Minimal developer tools
|
|
developer "none"
|
|
}
|
|
|
|
compiler {
|
|
// Optimize for size and security
|
|
CFLAGS "-Os -flto -fstack-protector-strong -D_FORTIFY_SOURCE=2"
|
|
CXXFLAGS "-Os -flto -fstack-protector-strong -D_FORTIFY_SOURCE=2"
|
|
LDFLAGS "-Wl,-O1 -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -flto"
|
|
MAKEFLAGS "-j8"
|
|
RUSTFLAGS "-C opt-level=z -C lto=fat"
|
|
}
|
|
}
|