Restore podman iptable rules after nftable restart on omen

Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-11-21 23:54:22 +01:00 · 2024-01-18 14:09:59 +01:00 · 2024-01-18 14:09:59 +01:00 · 53e7c51b94
parent 97d1ff5896
commit 53e7c51b94
1 changed files with 7 additions and 0 deletions
--- a/nixos/systems/omen/firewall.nix
+++ b/nixos/systems/omen/firewall.nix
@ -17,6 +17,13 @@
      # pkgs.writeText "nftables.json" (builtins.toJSON (with notnft.dsl; with payload; ruleset
      with notnft.dsl; with payload; ruleset {
        filter = add table { family = f: f.inet; } {
+  networking.notnft.postStop = ''
+    ${lib.getExe pkgs.podman} network reload -a
+  '';
+
+  networking.notnft.postStart = ''
+    ${lib.getExe pkgs.podman} network reload -a
+  '';
          trace = traceChain;

          ### lo