container dns

rm dns
enable firewall
2025-08-04 16:55:29 +02:00 · 2025-08-04 16:55:29 +02:00 · 2025-08-04 16:55:29 +02:00 · 2025-08-04 16:55:29 +02:00 · 2025-08-04 16:55:29 +02:00 · 2025-08-04 16:55:29 +02:00
1 changed files with 2 additions and 1 deletions
--- a/machines/dev/fedi203/woodpecker.nix
+++ b/machines/dev/fedi203/woodpecker.nix
@ -202,7 +202,6 @@
  };

  networking = {
-    nftables.enable = lib.mkForce false;
    firewall = {
      enable = lib.mkForce true;
      allowedTCPPorts = [
@ -216,6 +215,8 @@
        allowedTCPPorts = [ 53 ];
      };
    };
+    # helps make sure DNS resolves from the containers
+    nftables.enable = lib.mkForce false;
  };

  virtualisation.podman = {
Author	SHA1	Message	Date
Kiara Grouwstra	bfa3843aaf	container dns rm dns	2025-08-04 16:55:29 +02:00
Kiara Grouwstra	790556f4ff	enable firewall	2025-08-04 16:55:29 +02:00
Kiara Grouwstra	06875412d0	document nftables	2025-08-04 16:55:29 +02:00
Kiara Grouwstra	bb11ebbb9e	rm agent exec plug hole in firewall format	2025-08-04 16:55:29 +02:00
Kiara Grouwstra	e448ef55a8	disable exec agent make service group setting conditional make secrets conditional make things conditional rm group	2025-08-04 16:55:29 +02:00
Kiara Grouwstra	56891170ad	set service groups add agent groups	2025-08-04 16:55:29 +02:00