fix: add Podman subnet rule for internet access

2026-03-06 23:14:43 +01:00 · 2026-03-06 23:14:43 +01:00 · 9dd1ba8b3a
commit 9dd1ba8b3a
parent 74d98c0e52
1 changed files with 2 additions and 0 deletions
--- a/modules/nixos/cloudflare-firewall.nix
+++ b/modules/nixos/cloudflare-firewall.nix
@ -127,6 +127,8 @@ in
            ip saddr 10.89.0.0/16 accept
            
            # Allow RFC1918 Private Networks (LAN, Containers, Link-Local)
+            # 10.89.0.0/16 covers all typical podman subnets including 10.89.2.0/24
+            ip saddr 10.89.0.0/16 accept
            ${lib.optionalString cfg.allowLocalTraffic ''
              ip saddr 10.0.0.0/8 accept
              ip saddr 172.16.0.0/12 accept