Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

l sync-containers3: allow ctr0 in FORWARD

Browse Source
This commit is contained in:
lassulus 2023-01-02 18:48:12 +01:00
parent 7bbcac3e5e
commit a38c39424f
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lass/3modules/sync-containers3.nix
View File

@ -296,6 +296,10 @@ in {
krebs.iptables.tables.filter.INPUT.rules = [ krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i ctr0"; target = "ACCEPT"; } { predicate = "-i ctr0"; target = "ACCEPT"; }
]; ];
krebs.iptables.tables.filter.FORWARD.rules = [
{ predicate = "-i ctr0"; target = "ACCEPT"; }
{ predicate = "-o ctr0"; target = "ACCEPT"; }
];
}) })
(lib.mkIf cfg.inContainer.enable { (lib.mkIf cfg.inContainer.enable {
users.groups.container_sync = {}; users.groups.container_sync = {};