DATA/deerflow-factory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Network isolation: egress firewall + named bridge

Browse Source 
Adds the host-level egress firewall recommended by the upstream
DeerFlow team's "run in a VLAN" guidance, adapted to a Fritzbox-only
home network where LAN VLANs are not available.

- docker/docker-compose.override.yaml: pins the upstream deer-flow
  Docker network to a stable Linux bridge name br-deerflow so the
  firewall can address it without guessing Docker's auto-generated
  br-<hash>. Used as a -f overlay on top of the upstream compose file.

- scripts/deerflow-firewall.sh: idempotent up/down/status wrapper that
  installs DOCKER-USER iptables rules. Allowlist for 10.67.67.1 (Searx)
  and 10.67.67.2 (XTTS/Whisper/Ollama-local), hard block for
  192.168.3.0/24 (home LAN), 10.0.0.0/8, 172.16.0.0/12. Stateful return
  rule keeps inbound LAN access to published ports working.

- scripts/deerflow-firewall.nix: NixOS module snippet defining a
  systemd unit ordered After=docker.service so the rules survive
  dockerd restarts and follow its lifecycle. Copy into
  configuration.nix and nixos-rebuild switch.

- HARDENING.md: new section 2.7 "Network isolation (egress firewall)"
  with allow/block tables, bring-up steps, and smoke-test commands.

Guarantees: rules match on -i br-deerflow, so if the bridge does not
exist, the rules are no-ops and do not affect any other container
(paperclip, telebrowser, openclaw-gateway, ...). Stopping the
container leaves the rules in place but inert; stopping the systemd
unit removes them.
This commit is contained in:
DATA
2026-04-12 14:56:26 +02:00
parent 6de0bf9f5b
commit 75315d958e
4 changed files with 298 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
docker/docker-compose.override.yaml Normal file
View File

@@ -0,0 +1,27 @@
# DeerFlow hardening overlay.
#
# This override turns the upstream `deer-flow` bridge network into a
# stably-named Linux bridge (`br-deerflow`) so that the host-level
# egress firewall (deerflow-firewall.service) can reference it without
# guessing Docker's auto-generated `br-<hash>` name.
#
# Use it together with the upstream compose file:
#
# cd deerflow-factory
# docker compose \
# -f deer-flow/docker/docker-compose.yaml \
# -f docker/docker-compose.override.yaml \
# up -d
#
# After the network is created (or recreated), the firewall rules
# installed by deerflow-firewall.service automatically take effect on
# the new bridge — no further action required.
#
# If you ever rename or delete the bridge, restart the firewall unit:
# systemctl restart deerflow-firewall.service
networks:
deer-flow:
driver: bridge
driver_opts:
com.docker.network.bridge.name: br-deerflow