From b11667a8b0335709f5a3ac73c89b967bd8e352e9 Mon Sep 17 00:00:00 2001
From: Fuwn <contact@fuwn.me>
Date: Fri, 20 Sep 2024 06:48:10 -0700
Subject: server: restrict open ports

---
 modules/server/virtualisation.nix | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'modules/server/virtualisation.nix')

diff --git a/modules/server/virtualisation.nix b/modules/server/virtualisation.nix
index 0bda69e..151cd9d 100644
--- a/modules/server/virtualisation.nix
+++ b/modules/server/virtualisation.nix
@@ -5,7 +5,14 @@ in
 {
   virtualisation = {
     containers.enable = true;
-    docker.enable = containerEngine == "docker";
+
+    docker = {
+      enable = containerEngine == "docker";
+
+      daemon.settings = {
+        iptables = false;
+      };
+    };
 
     podman = {
       enable = containerEngine == "podman";
-- 
cgit v1.2.3