vleeuwenmenno/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactors internal communication rules in server configuration

Browse Source
This commit is contained in:
Menno van Leeuwen 2024-11-16 02:26:26 +01:00
parent 7e1a49c29e
commit 7bf22e7023
Signed by: vleeuwenmenno
SSH Key Fingerprint: SHA256:OJFmjANpakwD3F2Rsws4GLtbdz1TJ5tkQF0RZmF0TRE
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
config/nixos/common/server.nix
View File

@ -49,16 +49,16 @@
];
# Extra rules for allowing internal communication
# extraCommands = ''
# # Allow established connections
# iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
extraCommands = ''
# Allow established connections
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# # Allow all traffic on internal networks
# iptables -A INPUT -i docker0 -j ACCEPT
# iptables -A INPUT -i tailscale0 -j ACCEPT
# Allow all traffic on internal networks
iptables -A INPUT -i docker0 -j ACCEPT
iptables -A INPUT -i tailscale0 -j ACCEPT
# # Allow traffic between Docker containers
# iptables -A DOCKER-USER -i docker0 -o docker0 -j ACCEPT
# '';
# Allow traffic between Docker containers
iptables -A DOCKER-USER -i docker0 -o docker0 -j ACCEPT
'';
};
}