penal-colony/nixos-vps
2
0
Fork 1
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
nixos-vps/modules
History
Franz Kafka 9092d6ec58 fix(openclaw): remove --network=host, use bridge network 
- Drops --network=host from OpenClaw container
- Container now runs on Podman's default bridge network
- Gateway port already mapped via ports config (127.0.0.1:18789:8080)
- Container retains outbound internet access for Discord API, model providers, etc.
- Cannot reach other host services (Forgejo, Vaultwarden, etc.) — principle of least privilege

Note: If OpenClaw needs to reach local services in the future, add explicit
extraOptions like --network=bridge or create a shared Podman network.
2026-03-19 15:09:05 +00:00
..
adguard.nix Allow AdGuard Home to read ACME certificates via ReadOnlyPaths 2026-03-18 22:12:28 +01:00
backup.nix feat: add backup module with Restic + Backblaze B2 2026-03-18 14:11:11 +01:00
crowdsec.nix Fix CrowdSec GeoIP filter syntax 2026-03-18 21:54:34 +01:00
default.nix Add Forgejo self-hosted Git service with Nginx, PostgreSQL, and Restic backups 2026-03-18 23:32:01 +01:00
forgejo.nix feat(nginx): add security headers with per-domain CSP 2026-03-19 13:42:41 +00:00
nginx.nix feat(nginx): add security headers with per-domain CSP 2026-03-19 13:42:41 +00:00
openclaw-config.json Add Brave Search web search to OpenClaw 2026-03-18 02:50:09 +01:00
openclaw-podman.nix fix(openclaw): remove --network=host, use bridge network 2026-03-19 15:09:05 +00:00
podman.nix Add modular service configuration with SearXNG and Nginx 2026-03-17 19:47:43 +01:00
searxng.nix Simplify SearXNG module to use root-based podman 2026-03-17 20:17:20 +01:00
system.nix Add auto-update and maintenance options to system module 2026-03-19 00:03:58 +01:00
vaultwarden.nix feat(nginx): add security headers with per-domain CSP 2026-03-19 13:42:41 +00:00