tailscale exit nodes

This commit is contained in:
Peder Bergebakken Sundt 2024-10-14 11:36:47 +02:00
parent e79ceed010
commit 5a69f3246c
2 changed files with 24 additions and 9 deletions

View File

@ -272,6 +272,7 @@
p1005 = ./hardware/printer/hp-laserjet-p1005.nix; p1005 = ./hardware/printer/hp-laserjet-p1005.nix;
au = ./profiles/auto-upgrade.nix; au = ./profiles/auto-upgrade.nix;
ts = ./profiles/tailscale.nix; ts = ./profiles/tailscale.nix;
tse = ./profiles/tailscale-exit-node.nix;
#rb = ./profiles/known-hosts.nix; # TODO #rb = ./profiles/known-hosts.nix; # TODO
nixld = ./profiles/nix-ld.nix; nixld = ./profiles/nix-ld.nix;
dns64 = { config, ... }: { dns64 = { config, ... }: {
@ -282,15 +283,15 @@
}; };
in builtins.mapAttrs (hostname: curried: curried hostname) { in builtins.mapAttrs (hostname: curried: curried hostname) {
#hostname "domain" "system" inputs "state" [ modules ... ] #hostname "domain" "system" inputs "state" [ modules ... ]
noximilien = mk "pbsds.net" "x86_64-linux" inputs-2405 "23.11" [ au ts intel ]; noximilien = mk "pbsds.net" "x86_64-linux" inputs-2405 "23.11" [ au tse intel ];
brumlebasse = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au amd nspawn ]; brumlebasse = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au amd nspawn ];
nord = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au ts intel-novga hw.common-gpu-intel-sandy-bridge rocm hidpi ]; nord = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au ts intel-novga hw.common-gpu-intel-sandy-bridge rocm hidpi ];
sopp = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au ts nixld intel cuda p1005 ]; sopp = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au ts nixld intel cuda p1005 ];
bjarte = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ ts nixld intel hw.lenovo-thinkpad-x1-7th-gen ]; bjarte = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ ts nixld intel hw.lenovo-thinkpad-x1-7th-gen ];
bolle = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au dns64 intel ]; bolle = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au dns64 intel ];
eple = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au ts dns64 intel rocm ]; eple = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au tse dns64 intel rocm ];
garp = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au dns64 intel-novga cuda ]; garp = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au dns64 intel-novga cuda ];
hasselknippe= mk "pbsds.net" "aarch64-linux" inputs-2405 "24.05" [ ts hw.pine64-pinebook-pro ]; hasselknippe= mk "pbsds.net" "aarch64-linux" inputs-2405 "24.05" [ ts hw.pine64-pinebook-pro ];
#gomperud smattkuken skrytebiffen skalkesnerken balleby bingus skjrlaltatjlstad #gomperud smattkuken skrytebiffen skalkesnerken balleby bingus skjrlaltatjlstad
#bergjlot snortheimsmoen ditlefsen skrukkerud podebusk zmaragd makrell alfnes blix urke pytte uddu imdorf rosenqvist #bergjlot snortheimsmoen ditlefsen skrukkerud podebusk zmaragd makrell alfnes blix urke pytte uddu imdorf rosenqvist
}; };

View File

@ -0,0 +1,14 @@
{ config, ... }:
{
# exit nodes must be approved in admin interface
# https://login.tailscale.com/admin/machines
imports = [ ./tailscale.nix ];
# if host is _upgraded_ to exit node, reload with
# sudo systemctl start tailscaled-autoconnect
# or maybe even
# sudo systemctl start tailscaled-set
services.tailscale.useRoutingFeatures = "both";
services.tailscale.extraSetFlags = [ "--advertise-exit-node" ];
}