christoph/flake-nixinator
1
Fork 0
Code Activity

Modules/Docker: Enable IP forwarding + add IPv6 fallback dns

Browse Source
This commit is contained in:
Christoph Urlacher
2026-01-24 01:32:14 +01:00
parent 69beab4812
commit eac705bdfb
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
system/systemmodules/docker/default.nix
View File

@ -19,8 +19,9 @@ in {
networking.firewall.trustedInterfaces = ["docker0" "podman0"]; networking.firewall.trustedInterfaces = ["docker0" "podman0"];
# Needed for default bridge network to automatically work # Needed for default bridge network to automatically work
# boot.kernel.sysctl."net.ipv4.ip_forward" = 1; boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
# boot.kernel.sysctl."net.ipv6.ip_forward" = 1; boot.kernel.sysctl."net.ipv6.ip_forward" = 1;
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
virtualisation = { virtualisation = {
docker = { docker = {
@ -36,12 +37,14 @@ in {
}; };
daemon.settings = { daemon.settings = {
# Enables IPv6 for all networks by default and sets the subnet for the bridge.
# We don't need the bridge network and only have 4 IPv6 prefixes, so leave this off.
# ipv6 = true; # ipv6 = true;
# fixed-cidr-v6 = "2001::/80"; # fixed-cidr-v6 = "fd00::/80";
dns = [ dns = [
"8.8.8.8" "8.8.8.8"
# "2001:4860:4860::8888" "2001:4860:4860::8888"
# "127.0.0.1" # "127.0.0.1"
# "192.168.86.25" # "192.168.86.25"
@ -78,6 +81,7 @@ in {
then "${config.virtualisation.podman.package}/bin/podman" then "${config.virtualisation.podman.package}/bin/podman"
else "${config.virtualisation.docker.package}/bin/docker"; else "${config.virtualisation.docker.package}/bin/docker";
# TODO: This is bugged. Won't create the network even if it doesn't exist...
mkDockerNetwork = options: mkDockerNetwork = options:
builtins.concatStringsSep "\n" [ builtins.concatStringsSep "\n" [
# Make sure to return true on fail to not crash # Make sure to return true on fail to not crash