Add tailscale flags and update docs
This commit is contained in:
parent
ce8f2a9c1a
commit
ff4b69e8dc
3 changed files with 13 additions and 1 deletions
|
@ -8,6 +8,8 @@ nixos-rebuild switch --flake '/etc/nixos#<HOSTNAME>'
|
|||
![Gruv'd Hyprland](./screenshot.png "Hyprland with a Gruvboxy theme")
|
||||
---
|
||||
# To Do List
|
||||
* [ ] Find a way to remove all default search engines in Firefox (Google, Amazon, etc)
|
||||
* [ ] Figure out what the home-manager `account` options are for.
|
||||
* [ ] Figure out how to get GPG SSH auth working
|
||||
* [ ] Security hardening
|
||||
* [ ] cronjob
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
{ config, pkgs, hostname, ... }: {
|
||||
# By default no ports are open.
|
||||
# When ./tailscale.nix is imported, port 22 on the tailscale interface is then opened.
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
# Defaults to true -- I don't like it when services default to true for opening firewalls.
|
||||
|
|
|
@ -1,5 +1,13 @@
|
|||
{ config, pkgs, ... }: {
|
||||
# Enable tailscale and open port 22 on it
|
||||
services.tailscale.enable = true;
|
||||
services.tailscale = {
|
||||
enable = true;
|
||||
interfaceName = "tailscale0";
|
||||
extraUpFlags = [
|
||||
--login-server='https://headscale.sysctl.io'
|
||||
--accept-dns
|
||||
--accept-routes
|
||||
];
|
||||
};
|
||||
networking.firewall.interfaces.tailscale0.allowedTCPPorts = [ 22 ];
|
||||
}
|
Loading…
Reference in a new issue