From 55609b1d19313165c9a93e931f780f91644a7f57 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jonathan@jlebon.com>
Date: Mon, 16 Sep 2024 15:55:51 -0400
Subject: [PATCH] tier-0: pull in iptables-nft instead of iptables-legacy

As per the comment, currently we're pulling in iptables-legacy because
for some reason the `iptables` Provides is fulfilled by that instead of
iptables-nft. Explicitly name the latter to avoid this.

Note in tier-1 we do pull iptables-nft only because it's explicitly
named there.
---
 tier-0/bootc.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tier-0/bootc.yaml b/tier-0/bootc.yaml
index a862e6c..d44ee08 100644
--- a/tier-0/bootc.yaml
+++ b/tier-0/bootc.yaml
@@ -2,6 +2,10 @@
 packages:
  - systemd
  - bootc
+ # bootc pulls in podman, which pulls in containers-common, which wants
+ # `iptables`. Currently that pulls in iptables-legacy. Let's explicitly name
+ # iptables-nft instead to satisfy it.
+ - iptables-nft
  # Required by bootc install today, though we'll likely switch bootc to use a Rust crate instead of sgdisk
  - gdisk xfsprogs e2fsprogs dosfstools