From be7f6e49170287aec581a9948442ad86bba38e92 Mon Sep 17 00:00:00 2001 From: June Date: Sat, 22 Jun 2024 17:11:11 +0200 Subject: [PATCH] Fix clone step failing, because git.hamburg.ccc.de could not be resolved --- config/hosts/woodpecker/woodpecker-agent/podman.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/config/hosts/woodpecker/woodpecker-agent/podman.nix b/config/hosts/woodpecker/woodpecker-agent/podman.nix index 08b0312..c76740b 100644 --- a/config/hosts/woodpecker/woodpecker-agent/podman.nix +++ b/config/hosts/woodpecker/woodpecker-agent/podman.nix @@ -10,4 +10,11 @@ enable = true; defaultNetwork.settings.dns_enabled = true; }; + + networking.firewall.interfaces."podman0" = { + # allowedUDPPorts = [ 53 ] gets already set by virtualisation.podman.defaultNetwork.settings.dns_enabled, but set it here explicitly anyway. + allowedUDPPorts = [ 53 ]; + # For git.hamburg.ccc.de to resolve in the clone step for example, allowedTCPPorts also needs to be set to allow DNS. + allowedTCPPorts = [ 53 ]; + }; }