Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enabling networking.nftables breaks compose2nix with podman due to wildcard syntax difference #74

Closed
aqxa1 opened this issue Jan 28, 2025 · 1 comment · Fixed by #76
Closed

Enabling networking.nftables breaks compose2nix with podman due to wildcard syntax difference #74

aqxa1 opened this issue Jan 28, 2025 · 1 comment · Fixed by #76
Labels
nixos NixOS podman Podman-specific

Comments

@aqxa1
Copy link

aqxa1 commented Jan 28, 2025

See discussion here: NixOS/nixpkgs#226365 (comment)

Because nftables uses '*' instead of '+' for matching wildcards, this line in the generated .nix file causes nixos to fail to build:

networking.firewall.interfaces."podman+".allowedUDPPorts = [ 53 ];

Changing the line to:

networking.firewall.interfaces."podman*".allowedUDPPorts = [ 53 ];

works around the issue.
@aksiksi aksiksi added the nixos NixOS label Feb 1, 2025
@aksiksi aksiksi mentioned this issue Feb 1, 2025
Merged
@aksiksi aksiksi added the podman Podman-specific label Feb 2, 2025
@aksiksi
Copy link
Owner

aksiksi commented Feb 2, 2025

@aqxa1 This should now be fixed. Please let me know if you hit any issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
nixos NixOS podman Podman-specific
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Podman DNS match pattern for nftables aksiksi/compose2nix
2 participants
@aksiksi @aqxa1