Add tailscale flags and update docs
This commit is contained in:
parent
ce8f2a9c1a
commit
ff4b69e8dc
3 changed files with 13 additions and 1 deletions
|
@ -8,6 +8,8 @@ nixos-rebuild switch --flake '/etc/nixos#<HOSTNAME>'
|
||||||
![Gruv'd Hyprland](./screenshot.png "Hyprland with a Gruvboxy theme")
|
![Gruv'd Hyprland](./screenshot.png "Hyprland with a Gruvboxy theme")
|
||||||
---
|
---
|
||||||
# To Do List
|
# To Do List
|
||||||
|
* [ ] Find a way to remove all default search engines in Firefox (Google, Amazon, etc)
|
||||||
|
* [ ] Figure out what the home-manager `account` options are for.
|
||||||
* [ ] Figure out how to get GPG SSH auth working
|
* [ ] Figure out how to get GPG SSH auth working
|
||||||
* [ ] Security hardening
|
* [ ] Security hardening
|
||||||
* [ ] cronjob
|
* [ ] cronjob
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
{ config, pkgs, hostname, ... }: {
|
{ config, pkgs, hostname, ... }: {
|
||||||
|
# By default no ports are open.
|
||||||
|
# When ./tailscale.nix is imported, port 22 on the tailscale interface is then opened.
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# Defaults to true -- I don't like it when services default to true for opening firewalls.
|
# Defaults to true -- I don't like it when services default to true for opening firewalls.
|
||||||
|
|
|
@ -1,5 +1,13 @@
|
||||||
{ config, pkgs, ... }: {
|
{ config, pkgs, ... }: {
|
||||||
# Enable tailscale and open port 22 on it
|
# Enable tailscale and open port 22 on it
|
||||||
services.tailscale.enable = true;
|
services.tailscale = {
|
||||||
|
enable = true;
|
||||||
|
interfaceName = "tailscale0";
|
||||||
|
extraUpFlags = [
|
||||||
|
--login-server='https://headscale.sysctl.io'
|
||||||
|
--accept-dns
|
||||||
|
--accept-routes
|
||||||
|
];
|
||||||
|
};
|
||||||
networking.firewall.interfaces.tailscale0.allowedTCPPorts = [ 22 ];
|
networking.firewall.interfaces.tailscale0.allowedTCPPorts = [ 22 ];
|
||||||
}
|
}
|
Loading…
Reference in a new issue