Allow nftabless db

2026-05-06 02:58:42 +02:00
parent 9600f7a370
commit 158bee36f8
2 changed files with 6 additions and 6 deletions
--- a/modules/server/containers/default.nix
+++ b/modules/server/containers/default.nix
@@ -11,12 +11,6 @@ let
 in
 {
  config = lib.mkIf ( enabledConfigs != {} ) {
-    virtualisation.containers.containersConf.settings = {
-      containers = {
-        host_containers_internal = true;
-        additional_hosts = [ "host.internal:host-gateway" ];
-      };
-    };

    virtualisation.oci-containers = {
      backend = "podman";
--- a/modules/server/nftables/default.nix
+++ b/modules/server/nftables/default.nix
@@ -9,6 +9,12 @@

    networking.nftables.enable = true;
    networking.nftables.ruleset = ''
+      table inet filter {
+        chain input {
+          type filter hook input priority filter; policy accept;
+          tcp dport 5432 ip saddr { 10.0.0.0/8 } accept
+        }
+      }
      table inet nat {
        chain prerouting {
          type nat hook prerouting priority dstnat; policy accept;