{ config, pkgs, ... }: {
  # Enable tailscale and open port 22 on it
  services.tailscale.enable = true;
  networking.firewall.interfaces.tailscale0.allowedTCPPorts = [ 22 ];
}