forked from CCCHH/nix-infra
21 lines
711 B
Nix
21 lines
711 B
Nix
# Sources for this configuration:
|
|
# - https://woodpecker-ci.org/docs/administration/deployment/nixos
|
|
# - https://woodpecker-ci.org/docs/administration/backends/docker
|
|
# - https://nixos.wiki/wiki/Podman
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
{
|
|
virtualisation.podman = {
|
|
enable = true;
|
|
defaultNetwork.settings.dns_enabled = true;
|
|
};
|
|
|
|
networking.firewall.interfaces."podman0" = {
|
|
# allowedUDPPorts = [ 53 ] gets already set by virtualisation.podman.defaultNetwork.settings.dns_enabled, but set it here explicitly anyway.
|
|
allowedUDPPorts = [ 53 ];
|
|
# For git.hamburg.ccc.de to resolve in the clone step for example, allowedTCPPorts also needs to be set to allow DNS.
|
|
allowedTCPPorts = [ 53 ];
|
|
};
|
|
}
|