From 31430b0a1ad73a444b9498f6ea3b965421ab6405 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= <nikodem@rabulinski.com>
Date: Tue, 4 Mar 2025 13:47:56 +0100
Subject: [PATCH 1/2] modules/system/containers: enable nat for container
 interfaces

---
 modules/system/containers.nix | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/modules/system/containers.nix b/modules/system/containers.nix
index a0942f9..8287fae 100644
--- a/modules/system/containers.nix
+++ b/modules/system/containers.nix
@@ -75,7 +75,7 @@ let
         };
     };
 
-  linuxConfig = lib.optionalAttrs isLinux {
+  linuxConfig = lib.optionalAttrs (isLinux && config.settei.containers != {}) {
     containers = lib.mapAttrs (
       _: container:
       container
@@ -95,6 +95,11 @@ let
         privateNetwork = lib.mkForce true;
       }
     ) config.settei.containers;
+
+    networking.nat = {
+      enable = true;
+      internalInterfaces = ["ve-+"];
+    };
   };
 
   darwinConfig = lib.optionalAttrs (!isLinux) {

From 03571c00d5209672a4f3ad92dd1b1bdc6290346d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= <nikodem@rabulinski.com>
Date: Tue, 4 Mar 2025 13:47:56 +0100
Subject: [PATCH 2/2] modules/system/containers: enable nat for container
 interfaces

---
 modules/system/containers.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/modules/system/containers.nix b/modules/system/containers.nix
index a0942f9..5b1376d 100644
--- a/modules/system/containers.nix
+++ b/modules/system/containers.nix
@@ -95,6 +95,11 @@ let
         privateNetwork = lib.mkForce true;
       }
     ) config.settei.containers;
+
+    networking.nat = lib.mkIf (config.settei.containers != { }) {
+      enable = true;
+      internalInterfaces = [ "ve-+" ];
+    };
   };
 
   darwinConfig = lib.optionalAttrs (!isLinux) {