emelie/nix-deploy
1
0
Fork 0
Code Issues 1 Pull requests 1 Projects Releases Wiki Activity

Add tailscale

Browse source
This commit is contained in:
Emelie Graven 2022-10-24 11:13:11 +02:00
parent b738c1451f
commit 25fb72c8ec
No known key found for this signature in database
GPG key ID: 1098DC5C94CB1C87
9 changed files with 166 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

12
config/hosts/rudiger/configuration.nix
View file

@ -6,7 +6,8 @@
./hardware-configuration.nix
./data/secrets/secrets.nix
../../common/services/ssh.nix
../../common/users.nix
../../common/services/tailscale.nix
../../common/users.nix
./services/acme.nix
./services/nextcloud.nix
./services/nginx.nix
@ -65,6 +66,7 @@
htop
iotop
dig
tailscale
];
security.sudo.wheelNeedsPassword = false;
@ -76,7 +78,13 @@
users.groups.redis.members = [ "nextcloud" ];
users.groups.backup.members = [ "nextcloud" "postgres" ];
networking.firewall.allowedTCPPorts = [ 22 80 443 ];
networking.firewall = {
allowedTCPPorts = [ 22 80 443 ];
allowedUDPPorts = [ config.services.tailscale.port ];
trustedInterfaces = [ "tailscale0" ];
enable = true;
checkReversePath = "loose";
};
# networking.firewall.allowedUDPPorts = [ ... ];
system.stateVersion = "21.05";