Noratrieb/nixos
1
0
Fork 0
mirror of https://github.com/Noratrieb/nixos.git synced 2026-01-14 11:45:06 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

tailscale

Browse source
This commit is contained in:
nora 2023-10-18 21:19:48 +02:00
parent af15a84bc0
commit f86f3a6137
2 changed files with 23 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -8,7 +8,6 @@
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nur.url = "github:nix-community/NUR"; nur.url = "github:nix-community/NUR";
nur.inputs.nixpkgs.follows = "nixpkgs";
# Home manager # Home manager
home-manager.url = "github:nix-community/home-manager"; home-manager.url = "github:nix-community/home-manager";

34
nixos/configuration.nix
View file

@ -84,6 +84,11 @@
}; };
}; };
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
# Enable the X11 windowing system. # Enable the X11 windowing system.
services.xserver = { services.xserver = {
enable = true; enable = true;
@ -146,6 +151,11 @@
#media-session.enable = true; #media-session.enable = true;
}; };
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
};
# TODO: Configure your system-wide user settings (groups, etc), add more users as needed. # TODO: Configure your system-wide user settings (groups, etc), add more users as needed.
users = { users = {
users = { users = {
@ -179,13 +189,7 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
vim vim
wget wget
(curl.override { curl
# error: implicit declaration of function 'SSL_set_quic_use_legacy_codepoint' :(
# http3Support = true;
# curl: (60) rustls_connection_process_new_packets: invalid peer certificate: BadSignature :(
# opensslSupport = false;
# rustlsSupport = true;
})
firefox firefox
os-prober os-prober
git git
@ -201,6 +205,7 @@
podman-compose podman-compose
man-pages man-pages
man-pages-posix man-pages-posix
tailscale
]; ];
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
@ -236,10 +241,17 @@
hardware.openrazer.enable = true; hardware.openrazer.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; networking.firewall = {
# networking.firewall.allowedUDPPorts = [ ... ]; enable = true;
# Or disable the firewall altogether. trustedInterfaces = [ "tailscale0" ];
# networking.firewall.enable = false; allowedUDPPorts = [ config.services.tailscale.port ];
allowedTCPPorts = [ /*SSH*/ 22 ];
# https://github.com/tailscale/tailscale/issues/4432#issuecomment-1112819111
checkReversePath = "loose";
};
networking.interfaces.enp39s0.wakeOnLan.enable = true;
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions