gortium/compose
1
1
Fork 0
Code Issues Pull Requests 18 Actions Packages Projects Releases Wiki Activity

fix: remove apk add iptables-nft — built-in on Alpine 3.18+

Browse Source 
In Alpine 3.18+, the 'iptables' package IS the nftables variant.
iptables-nft is not a separate package anymore — just need to flip
update-alternatives from iptables-legacy to iptables-nft.
This commit is contained in:
Hermes
2026-05-13 12:47:29 -04:00
parent 2bf31c7ccc
commit f4fd15643d
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
vpn/Dockerfile
View File

@@ -3,8 +3,7 @@
FROM ghcr.io/wg-easy/wg-easy:latest FROM ghcr.io/wg-easy/wg-easy:latest
# The upstream image defaults to iptables-legacy via update-alternatives. # The upstream image defaults to iptables-legacy via update-alternatives.
# Switch to iptables-nft so it works on kernels where only nftables # Switch iptables to the nftables backend (already provided by the 'iptables'
# netfilter modules are available (iptable_nat module missing). # package on Alpine 3.18+). No apk add needed — iptables-nft is built-in.
RUN apk add --no-cache iptables-nft && \ RUN update-alternatives --set iptables /usr/sbin/iptables-nft && \
update-alternatives --set iptables /usr/sbin/iptables-nft && \
update-alternatives --set ip6tables /usr/sbin/ip6tables-nft update-alternatives --set ip6tables /usr/sbin/ip6tables-nft