sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity

Allow nftabless db

Browse Source
This commit is contained in:
soraefir
2026-05-06 02:58:42 +02:00
parent 9600f7a370
commit 158bee36f8
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
modules/server/containers/default.nix
View File

@@ -11,12 +11,6 @@ let
in in
{ {
config = lib.mkIf ( enabledConfigs != {} ) { config = lib.mkIf ( enabledConfigs != {} ) {
virtualisation.containers.containersConf.settings = {
containers = {
host_containers_internal = true;
additional_hosts = [ "host.internal:host-gateway" ];
};
};
virtualisation.oci-containers = { virtualisation.oci-containers = {
backend = "podman"; backend = "podman";

6
modules/server/nftables/default.nix
View File

@@ -9,6 +9,12 @@
networking.nftables.enable = true; networking.nftables.enable = true;
networking.nftables.ruleset = '' networking.nftables.ruleset = ''
table inet filter {
chain input {
type filter hook input priority filter; policy accept;
tcp dport 5432 ip saddr { 10.0.0.0/8 } accept
}
}
table inet nat { table inet nat {
chain prerouting { chain prerouting {
type nat hook prerouting priority dstnat; policy accept; type nat hook prerouting priority dstnat; policy accept;