erwin/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Wiki Activity Actions

docker: Make interface name dependent on whether nftables is used

Browse source
This commit is contained in:
Erwin Boskma 2024-01-02 22:44:04 +01:00
parent f3857b3bae
commit 9546c19d9b
Signed by: erwin
SSH key fingerprint: SHA256:/Wk1WZdLg+vQHs3in9qq7PsIp8SMzwGSk/RLZ5zPuZk
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
modules/docker/default.nix
View file

@ -5,6 +5,8 @@
}: }:
with lib; let with lib; let
cfg = config.eboskma.podman; cfg = config.eboskma.podman;
podmanInterfaces = if config.networking.nftables.enable then "podman*" else "podman+";
in in
{ {
options.eboskma.podman = { options.eboskma.podman = {
@ -55,7 +57,7 @@ in
users.extraUsers.${config.eboskma.var.mainUser}.extraGroups = [ "podman" ]; users.extraUsers.${config.eboskma.var.mainUser}.extraGroups = [ "podman" ];
# Make DNS work in containers # Make DNS work in containers
networking.firewall.interfaces."podman*" = { networking.firewall.interfaces.${podmanInterfaces} = {
allowedUDPPorts = [ 53 ]; allowedUDPPorts = [ 53 ];
allowedTCPPorts = [ 53 ]; allowedTCPPorts = [ 53 ];
}; };