nixos/docker: ensure ipv4 forwarding is enabled

Fixes #118656
This commit is contained in:
Laurynas Alekna 2021-05-07 20:46:21 +01:00
parent 87f9307b94
commit 9317570735
2 changed files with 7 additions and 0 deletions

View file

@ -150,6 +150,10 @@ in
config = mkIf cfg.enable (mkMerge [{
boot.kernelModules = [ "bridge" "veth" ];
boot.kernel.sysctl = {
"net.ipv4.conf.all.forwarding" = mkOverride 99 true;
"net.ipv4.conf.default.forwarding" = mkOverride 99 true;
};
environment.systemPackages = [ cfg.package ]
++ optional cfg.enableNvidia pkgs.nvidia-docker;
users.groups.docker.gid = config.ids.gids.docker;

View file

@ -45,5 +45,8 @@ import ./make-test-python.nix ({ pkgs, ...} : {
# Must match version 4 times to ensure client and server git commits and versions are correct
docker.succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "4" ]')
docker.succeed("systemctl restart systemd-sysctl")
docker.succeed("grep 1 /proc/sys/net/ipv4/conf/all/forwarding")
docker.succeed("grep 1 /proc/sys/net/ipv4/conf/default/forwarding")
'';
})