modules/tailscale.nix at 7ba380354e97d5f59a294c6d4911f77aeceb3c63 · ryan.freumh.org/nixos

ryan.freumh.org / nixos

btw i use nix

nixos / modules / tailscale.nix

at 7ba380354e97d5f59a294c6d4911f77aeceb3c63 466 B view raw

 1{ config, lib, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.custom;
 7in
 8{
 9  options.custom.tailscale = mkEnableOption "tailscale";
10
11  config = lib.mkIf cfg.tailscale {
12    # set up with `tailscale up --login-server https://headscale.freumh.org --hostname`
13    services.tailscale.enable = true;
14    networking.firewall = {
15      checkReversePath = "loose";
16      trustedInterfaces = [ "tailscale0" ];
17      allowedUDPPorts = [ config.services.tailscale.port ];
18    };
19  };
20}