nix/nixos/common/services/tailscale.nix
2024-01-06 12:22:24 +09:00

25 lines
No EOL
652 B
Nix

{ config, pkgs, ... }: {
# Enable tailscale and open port 22 on it
services.tailscale = {
enable = true;
interfaceName = "tailscale0";
extraUpFlags = [
"--login-server=https://headscale.sysctl.io"
"--accept-dns"
"--accept-routes"
];
};
networking.firewall.interfaces.tailscale0.allowedTCPPorts = [ 22 ];
# Because of the split DNS< hosts forget which IP
# (external or internal) is promtail/loki.
# Setting them manually here helps.
networking.extraHosts = ''
100.64.0.14 influx.sysctl.io
100.64.0.14 loki.sysctl.io
'';
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = true;
};
}