home.r630: add docker, fix firewall
This commit is contained in:
parent
4238eeb6d8
commit
453d2a7889
1 changed files with 7 additions and 1 deletions
|
@ -1,9 +1,15 @@
|
||||||
hostname = "172.19.138.22"
|
hostname = "172.19.138.22"
|
||||||
groups = ["debian-bookworm"]
|
groups = ["debian-bookworm"]
|
||||||
|
bundles = ["docker-engine", "nginx", "redis"]
|
||||||
|
|
||||||
[metadata]
|
[metadata]
|
||||||
icinga_options.exclude_from_monitoring = true
|
icinga_options.exclude_from_monitoring = true
|
||||||
|
|
||||||
|
[metadata.docker-engine.config]
|
||||||
|
# this is a dev machine, it's fine if docker does shenanigans with
|
||||||
|
# iptables
|
||||||
|
iptables = true
|
||||||
|
|
||||||
[metadata.interfaces.eno3]
|
[metadata.interfaces.eno3]
|
||||||
ips = [
|
ips = [
|
||||||
"172.19.138.22/24",
|
"172.19.138.22/24",
|
||||||
|
@ -11,7 +17,7 @@ ips = [
|
||||||
gateway4 = "172.19.138.1"
|
gateway4 = "172.19.138.1"
|
||||||
ipv6_accept_ra = true
|
ipv6_accept_ra = true
|
||||||
|
|
||||||
[metadata.nftable.forward]
|
[metadata.nftables.forward]
|
||||||
50-local-forward = [
|
50-local-forward = [
|
||||||
'ct state { related, established } accept',
|
'ct state { related, established } accept',
|
||||||
'iifname eno3 accept',
|
'iifname eno3 accept',
|
||||||
|
|
Loading…
Reference in a new issue