docker: block external connections

2025-01-10 11:06:58 -03:00 · 2025-01-10 11:06:58 -03:00 · be3686db82
commit be3686db82
parent 7b670efc67
3 changed files with 42 additions and 1 deletions
--- a/system/containers.nix
+++ b/system/containers.nix
@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, lib, ... }:
 {
  services.flatpak.enable = true;

@ -22,6 +22,8 @@
    };
  };

+  networking.firewall.extraCommands = lib.getExe pkgs._docker-block-external-connections;
+
  programs.extra-container.enable = true;

  programs.firejail.enable = true;