albert/nix
albert/nix
1
0
Fork 0
Code Issues Pull requests Activity Actions

Update Docker / Podman to allow Tailscale as a trusted netwoork

Browse source
This commit is contained in:
albert 2024-12-23 21:01:56 +01:00
parent 70e6a38ca7
commit 01513e980f
Signed by: albert
GPG key ID: 3895DD267CA11BA9
2 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
nixos/common/services/docker.nix
View file

@ -8,6 +8,12 @@
"net.ipv4.tcp_max_syn_backlog" = 4096; "net.ipv4.tcp_max_syn_backlog" = 4096;
}; };
# Allow Docker containers to access Tailscale network
networking.firewall = {
trustedInterfaces = [ "tailscale0" ];
allowedUDP = [ 41641 ]; # Tailscale port
};
virtualisation.docker = { virtualisation.docker = {
enable = true; enable = true;
enableOnBoot = true; enableOnBoot = true;

6
nixos/common/services/podman.nix
View file

@ -6,6 +6,12 @@
"fs.inotify.max_user_instances" = 1024; "fs.inotify.max_user_instances" = 1024;
}; };
# Allow Docker containers to access Tailscale network
networking.firewall = {
trustedInterfaces = [ "tailscale0" ];
allowedUDPPorts = [ 41641 ]; # Tailscale port
};
virtualisation.podman = { virtualisation.podman = {
enable = true; enable = true;
dockerSocket.enable = true; dockerSocket.enable = true;