From 53e7c51b94b5d30b71f7f23f170062a49f5c140c Mon Sep 17 00:00:00 2001
From: magic_rb <magic_rb@redalder.org>
Date: Thu, 18 Jan 2024 14:09:59 +0100
Subject: [PATCH] Restore podman iptable rules after nftable restart on omen

Signed-off-by: magic_rb <magic_rb@redalder.org>
---
 nixos/systems/omen/firewall.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/nixos/systems/omen/firewall.nix b/nixos/systems/omen/firewall.nix
index 80ea66c..0a85d15 100644
--- a/nixos/systems/omen/firewall.nix
+++ b/nixos/systems/omen/firewall.nix
@@ -17,6 +17,13 @@
       # pkgs.writeText "nftables.json" (builtins.toJSON (with notnft.dsl; with payload; ruleset
       with notnft.dsl; with payload; ruleset {
         filter = add table { family = f: f.inet; } {
+  networking.notnft.postStop = ''
+    ${lib.getExe pkgs.podman} network reload -a
+  '';
+
+  networking.notnft.postStart = ''
+    ${lib.getExe pkgs.podman} network reload -a
+  '';
           trace = traceChain;
 
           ### lo