From 158bee36f813abf61f245198dbb593c76cf1dbd9 Mon Sep 17 00:00:00 2001
From: soraefir <soraefir+git@helcel>
Date: Wed, 6 May 2026 02:58:42 +0200
Subject: [PATCH] Allow nftabless db

---
 modules/server/containers/default.nix | 6 ------
 modules/server/nftables/default.nix   | 6 ++++++
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/modules/server/containers/default.nix b/modules/server/containers/default.nix
index 7f63352..6dd47cc 100644
--- a/modules/server/containers/default.nix
+++ b/modules/server/containers/default.nix
@@ -11,12 +11,6 @@ let
 in
 {
   config = lib.mkIf ( enabledConfigs != {} ) {
-    virtualisation.containers.containersConf.settings = {
-      containers = {
-        host_containers_internal = true;
-        additional_hosts = [ "host.internal:host-gateway" ];
-      };
-    };
 
     virtualisation.oci-containers = {
       backend = "podman";
diff --git a/modules/server/nftables/default.nix b/modules/server/nftables/default.nix
index d35df24..29d5571 100644
--- a/modules/server/nftables/default.nix
+++ b/modules/server/nftables/default.nix
@@ -9,6 +9,12 @@
 
     networking.nftables.enable = true;
     networking.nftables.ruleset = ''
+      table inet filter {
+        chain input {
+          type filter hook input priority filter; policy accept;
+          tcp dport 5432 ip saddr { 10.0.0.0/8 } accept
+        }
+      }
       table inet nat {
         chain prerouting {
           type nat hook prerouting priority dstnat; policy accept;