From 5f971a03d9c00ec8bfab3550aff054642c75b503 Mon Sep 17 00:00:00 2001 From: Erwin Boskma Date: Wed, 20 Dec 2023 11:34:47 +0100 Subject: [PATCH] tailscale: Move to separate module --- machines/loki/configuration.nix | 4 ++-- machines/mimir/configuration.nix | 2 +- modules/tailscale/default.nix | 18 ++++++++++++++++++ 3 files changed, 21 insertions(+), 3 deletions(-) create mode 100644 modules/tailscale/default.nix diff --git a/machines/loki/configuration.nix b/machines/loki/configuration.nix index 4213069..20570c9 100644 --- a/machines/loki/configuration.nix +++ b/machines/loki/configuration.nix @@ -64,6 +64,7 @@ }; podman.enable = true; tablet.enable = false; + tailscale.enable = true; sound = { enable = true; jack = true; @@ -131,7 +132,7 @@ }; firewall = { - trustedInterfaces = [ "lo" ]; + trustedInterfaces = [ "lo" "tailscale0" ]; allowedTCPPorts = [ # NFS 111 @@ -331,7 +332,6 @@ envfs.enable = false; cpupower-gui.enable = true; teamviewer.enable = true; - tailscale.enable = true; sunshine = { enable = true; user = "erwin"; diff --git a/machines/mimir/configuration.nix b/machines/mimir/configuration.nix index 91fabd0..a503452 100644 --- a/machines/mimir/configuration.nix +++ b/machines/mimir/configuration.nix @@ -93,6 +93,7 @@ }; sound.enable = true; systemd.enable = true; + tailscale.enable = true; }; fileSystems = { @@ -349,7 +350,6 @@ cpupower-gui.enable = true; flatpak.enable = true; - tailscale.enable = true; teamviewer.enable = true; udisks2 = { diff --git a/modules/tailscale/default.nix b/modules/tailscale/default.nix new file mode 100644 index 0000000..0109d84 --- /dev/null +++ b/modules/tailscale/default.nix @@ -0,0 +1,18 @@ +{ config, lib, ... }: +with lib; +let + cfg = config.eboskma.tailscale; +in +{ + options.eboskma.tailscale = { enable = mkEnableOption "tailscale"; }; + + config = mkIf cfg.enable { + services.tailscale = { + enable = true; + }; + + systemd.services.tailscaled.environment = { + TS_DEBUG_FIREWALL_MODE = "auto"; + }; + }; +}