29 lines
899 B
Nix
29 lines
899 B
Nix
{ config, lib, ...}:
|
|
|
|
# THIS IS NOT USED
|
|
# see tailscale-{inner,outer}.nix instead
|
|
|
|
let
|
|
cfg = config.services.tailscale;
|
|
ifPbsds = lib.mkIf (
|
|
config.services.desktopManager.gnome.enable
|
|
&& (config.users.users ? "pbsds" && config.users.users."pbsds".enable)
|
|
);
|
|
in
|
|
|
|
lib.mkIf (!config.virtualisation.isVmVariant)
|
|
|
|
{
|
|
services.tailscale.enable = true;
|
|
networking.firewall.checkReversePath = "loose";
|
|
networking.firewall.trustedInterfaces = [ cfg.interfaceName ];
|
|
networking.firewall.allowedUDPPorts = [ cfg.port ];
|
|
|
|
services.tailscale.extraSetFlags = ifPbsds [ "--operator=pbsds" ];
|
|
services.tailscale.extraUpFlags = ifPbsds [ "--operator=pbsds" ];
|
|
|
|
# remote sudo nixos-rebuild switch --flake . -L
|
|
# remote-quick sudo tailscale up --login-server 'https://head.pbsds.net'
|
|
# ssh noximilien.pbsds.net sudo headscale --namespace 'ts' nodes register --key <machine_key>
|
|
}
|