pederbs/config
pederbs
/
config
2
1
Fork 0
Code Issues Pull Requests Releases Activity

tailscale exit nodes

This commit is contained in:
Peder Bergebakken Sundt 2024-10-14 11:36:47 +02:00
parent e79ceed010
commit 5a69f3246c
2 changed files with 24 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
flake.nix
View File

@ -272,6 +272,7 @@
p1005 = ./hardware/printer/hp-laserjet-p1005.nix;
au = ./profiles/auto-upgrade.nix;
ts = ./profiles/tailscale.nix;
tse = ./profiles/tailscale-exit-node.nix;
#rb = ./profiles/known-hosts.nix; # TODO
nixld = ./profiles/nix-ld.nix;
dns64 = { config, ... }: {
@ -282,13 +283,13 @@
};
in builtins.mapAttrs (hostname: curried: curried hostname) {
#hostname "domain" "system" inputs "state" [ modules ... ]
noximilien = mk "pbsds.net" "x86_64-linux" inputs-2405 "23.11" [ au ts intel ];
noximilien = mk "pbsds.net" "x86_64-linux" inputs-2405 "23.11" [ au tse intel ];
brumlebasse = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au amd nspawn ];
nord = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au ts intel-novga hw.common-gpu-intel-sandy-bridge rocm hidpi ];
sopp = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au ts nixld intel cuda p1005 ];
bjarte = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ ts nixld intel hw.lenovo-thinkpad-x1-7th-gen ];
bolle = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au dns64 intel ];
eple = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au ts dns64 intel rocm ];
eple = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au tse dns64 intel rocm ];
garp = mk "pbsds.net" "x86_64-linux" inputs-2405 "24.05" [ au dns64 intel-novga cuda ];
hasselknippe= mk "pbsds.net" "aarch64-linux" inputs-2405 "24.05" [ ts hw.pine64-pinebook-pro ];
#gomperud smattkuken skrytebiffen skalkesnerken balleby bingus skjrlaltatjlstad

14
profiles/tailscale-exit-node.nix Normal file
View File

@ -0,0 +1,14 @@
{ config, ... }:
{
# exit nodes must be approved in admin interface
# https://login.tailscale.com/admin/machines
imports = [ ./tailscale.nix ];
# if host is _upgraded_ to exit node, reload with
# sudo systemctl start tailscaled-autoconnect
# or maybe even
# sudo systemctl start tailscaled-set
services.tailscale.useRoutingFeatures = "both";
services.tailscale.extraSetFlags = [ "--advertise-exit-node" ];
}