modules/system/containers: enable nat for container interfaces

2025-03-04 13:47:56 +01:00 · 2025-03-04 13:47:56 +01:00 · 713235a92d
commit 713235a92d
parent 9a4289e6f3
1 changed files with 13 additions and 0 deletions
--- a/modules/system/containers.nix
+++ b/modules/system/containers.nix
@ -85,6 +85,14 @@ let

          services.openssh.hostKeys = [ ];
          system.stateVersion = lib.mkDefault config.system.stateVersion;
+
+          networking = lib.mkDefault {
+            useHostResolvConf = false;
+            nameservers = [
+              "1.1.1.1"
+              "1.0.0.1"
+            ];
+          };
        };

        bindMounts = {
@ -95,6 +103,11 @@ let
        privateNetwork = lib.mkForce true;
      }
    ) config.settei.containers;
+
+    networking.nat = lib.mkIf (config.settei.containers != { }) {
+      enable = true;
+      internalInterfaces = [ "ve-+" ];
+    };
  };

  darwinConfig = lib.optionalAttrs (!isLinux) {