From bf994f7e13d0b20fd4e84ae6bb347fbcfa82e91b Mon Sep 17 00:00:00 2001
From: Nathan <nathanblunkall5@gmail.com>
Date: Sun, 18 Jan 2026 23:59:14 -0600
Subject: [PATCH] try compartmental traefik

---
 .../services/containers/traefik/default.nix   | 22 +++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/system/services/containers/traefik/default.nix b/system/services/containers/traefik/default.nix
index 0b48408..efc1825 100644
--- a/system/services/containers/traefik/default.nix
+++ b/system/services/containers/traefik/default.nix
@@ -44,6 +44,18 @@
             };
 
             config = {
+                
+                environment.etc."resolv.conf" = {
+                    enable = true;
+                    text = ''
+                        nameserver 1.1.1.1
+                        nameserver 1.0.0.1
+                        options edns0
+                        '';
+
+                    user = "root";
+                    mode = "0664";
+                };
 
                 services.traefik = {
 
@@ -266,8 +278,14 @@
                     };
                 };
 
-                networking.firewall.allowedTCPPorts = [ 80 443 81 444 ];
-                networking.firewall.allowedUDPPorts = [ 80 443 81 444 ];
+                networking = {
+                    firewall = {
+                        allowedTCPPorts = [ 80 443 81 444 ];
+                        allowedUDPPorts = [ 80 443 81 444 ];
+                    };
+
+                    useHostResolvConf = false;
+                };
 
                 system.stateVersion = "24.05";
             };