From 1563d0ed26f99b79cd4cf1156311b196a24ee281 Mon Sep 17 00:00:00 2001
From: Kiara Grouwstra <kiara@procolix.eu>
Date: Mon, 4 Aug 2025 12:45:08 +0200
Subject: [PATCH] disable firewall nftables

disables nftables for woodpecker, just like for forgejo-ci
---
 machines/dev/fedi203/woodpecker.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/machines/dev/fedi203/woodpecker.nix b/machines/dev/fedi203/woodpecker.nix
index 1a2bd660..da5d3f9e 100644
--- a/machines/dev/fedi203/woodpecker.nix
+++ b/machines/dev/fedi203/woodpecker.nix
@@ -281,6 +281,10 @@
       };
   };
 
+  networking = {
+    nftables.enable = lib.mkForce false;
+  };
+
   networking.firewall.allowedTCPPorts = [
     22
     80