From 47e81a7c5087421428e8f6735e29a2005a60f578 Mon Sep 17 00:00:00 2001
From: Myned <dev@bjork.tech>
Date: Sat, 22 Mar 2025 13:45:49 -0500
Subject: [PATCH] docker: disable userland proxy

---
 options/custom/containers/default.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/options/custom/containers/default.nix b/options/custom/containers/default.nix
index 436a1ca..796f2e7 100644
--- a/options/custom/containers/default.nix
+++ b/options/custom/containers/default.nix
@@ -43,6 +43,15 @@ in {
         enable = true;
         enableOnBoot = cfg.boot; # Socket activation
         storageDriver = "overlay2";
+
+        # https://docs.docker.com/reference/cli/dockerd/#daemon-configuration-file
+        daemon.settings = {
+          # Disable userland-proxy to pass client IP to containers
+          # https://github.com/moby/moby/issues/15086
+          # https://github.com/moby/moby/issues/14856
+          # https://github.com/docker/docs/issues/17312
+          userland-proxy = false;
+        };
       };
 
       # https://github.com/containers/podman