From 453d2a78891e676dc7a0847e5f1c399f0e4d8052 Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Sat, 26 Oct 2024 16:27:16 +0200
Subject: [PATCH] home.r630: add docker, fix firewall

---
 nodes/home.r630.toml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/nodes/home.r630.toml b/nodes/home.r630.toml
index 2a18418..cdfc4ba 100644
--- a/nodes/home.r630.toml
+++ b/nodes/home.r630.toml
@@ -1,9 +1,15 @@
 hostname = "172.19.138.22"
 groups = ["debian-bookworm"]
+bundles = ["docker-engine", "nginx", "redis"]
 
 [metadata]
 icinga_options.exclude_from_monitoring = true
 
+[metadata.docker-engine.config]
+# this is a dev machine, it's fine if docker does shenanigans with
+# iptables
+iptables = true
+
 [metadata.interfaces.eno3]
 ips = [
     "172.19.138.22/24",
@@ -11,7 +17,7 @@ ips = [
 gateway4 = "172.19.138.1"
 ipv6_accept_ra = true
 
-[metadata.nftable.forward]
+[metadata.nftables.forward]
 50-local-forward = [
     'ct state { related, established } accept',
     'iifname eno3 accept',