24 lines
No EOL
671 B
Nix
24 lines
No EOL
671 B
Nix
{ config, pkgs, ... }: {
|
|
# Enable tailscale and open port 22 on it
|
|
services.tailscale = {
|
|
enable = true;
|
|
interfaceName = "tailscale0";
|
|
extraUpFlags = [
|
|
"--login-server=https://headscale.sysctl.io"
|
|
"--accept-dns"
|
|
"--accept-routes"
|
|
];
|
|
};
|
|
networking.firewall.interfaces.tailscale0.allowedTCPPorts = [ 22 ];
|
|
|
|
# This allows using an exit-node
|
|
networking.firewall.checkReversePath = "loose";
|
|
|
|
# Because of the split DNS, hosts forget which IP
|
|
# (external or internal) is promtail/loki.
|
|
# Setting them manually here helps.
|
|
networking.extraHosts = ''
|
|
100.64.0.14 influx.sysctl.io
|
|
100.64.0.14 loki.sysctl.io
|
|
'';
|
|
} |