erwin/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Wiki Activity Actions

tailscale: Set firewall mode when nftables is enabled

Browse source
This commit is contained in:
Erwin Boskma 2024-01-02 22:46:09 +01:00
parent e59585530e
commit 92edb06f46
Signed by: erwin
SSH key fingerprint: SHA256:/Wk1WZdLg+vQHs3in9qq7PsIp8SMzwGSk/RLZ5zPuZk
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
modules/tailscale/default.nix
View file

@ -4,14 +4,17 @@ let
cfg = config.eboskma.tailscale; cfg = config.eboskma.tailscale;
in in
{ {
options.eboskma.tailscale = { enable = mkEnableOption "tailscale"; }; options.eboskma.tailscale = {
enable = mkEnableOption "tailscale";
nftables = mkEnableOption "nftables";
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.tailscale = { services.tailscale = {
enable = true; enable = true;
}; };
systemd.services.tailscaled.environment = { systemd.services.tailscaled.environment = mkIf cfg.nftables {
TS_DEBUG_FIREWALL_MODE = "auto"; TS_DEBUG_FIREWALL_MODE = "auto";
}; };
}; };