From fd9cc887467c448ffb63594dedab13c9749879b6 Mon Sep 17 00:00:00 2001
From: Jamil <jamilbk@users.noreply.github.com>
Date: Sat, 9 Dec 2023 13:49:56 -0500
Subject: [PATCH] Don't use host mode networking for gateways on prod (#2845)

Try fixing masquerading by not using host mode to deploy gateway in GCP.
---
 .../gateway-google-cloud-compute/templates/cloud-init.yaml      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/modules/gateway-google-cloud-compute/templates/cloud-init.yaml b/terraform/modules/gateway-google-cloud-compute/templates/cloud-init.yaml
index 539b60f8a..9a4eca3ff 100644
--- a/terraform/modules/gateway-google-cloud-compute/templates/cloud-init.yaml
+++ b/terraform/modules/gateway-google-cloud-compute/templates/cloud-init.yaml
@@ -107,7 +107,7 @@ write_files:
       TimeoutStartSec=0
       Restart=always
       ExecStartPre=/usr/bin/docker pull ${container_image}
-      ExecStart=/bin/sh -c 'docker run --rm --name=${container_name} --cap-add=NET_ADMIN --volume /etc/firezone --device="/dev/net/tun:/dev/net/tun" --network=host --env FIREZONE_NAME=$(hostname) --env FIREZONE_ID=$(echo $RANDOM$(hostname) | md5sum | head -c 20; echo;) --env-file="/etc/firezone-gateway/.env" ${container_image}'
+      ExecStart=/bin/sh -c 'docker run --rm --name=${container_name} --cap-add=NET_ADMIN --volume /etc/firezone --device="/dev/net/tun:/dev/net/tun" --env FIREZONE_NAME=$(hostname) --env FIREZONE_ID=$(echo $RANDOM$(hostname) | md5sum | head -c 20; echo;) --env-file="/etc/firezone-gateway/.env" ${container_image}'
       ExecStop=/usr/bin/docker stop gateway
       ExecStopPost=/usr/bin/docker rm gateway