Merge pull request #178483 from twitchyliquid64/tailscale-networkd

tailscale: ignore tailscale link when using networkd
author: Bernardo Meurer <bernardo@meurer.org> 2022-06-23 12:10:14 -0400
committer: GitHub <noreply@github.com> 2022-06-23 12:10:14 -0400
commit: 5332bc174acb5276eb7e75e21a4782fba93ace80 (patch)
tree: d8c2d5e9f83ba53d04f362f2f995a686b0836cb6 /nixos
parent: ce201e84f240cae0d9d5e1743f93082f3a3fdb17 (diff)
parent: 3b8a1626800c6ddf0cfc8fdf4b8acd34f4401224 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/tailscale.nix b/nixos/modules/services/networking/tailscale.nix
index 0133874d0e0d0..f84252289abff 100644
--- a/nixos/modules/services/networking/tailscale.nix
+++ b/nixos/modules/services/networking/tailscale.nix
@@ -6,6 +6,7 @@ let
   cfg = config.services.tailscale;
   firewallOn = config.networking.firewall.enable;
   rpfMode = config.networking.firewall.checkReversePath;
+  isNetworkd = config.networking.useNetworkd;
   rpfIsStrict = rpfMode == true || rpfMode == "strict";
 in {
   meta.maintainers = with maintainers; [ danderson mbaillie twitchyliquid64 ];
@@ -69,5 +70,17 @@ in {
       # linux distros.
       stopIfChanged = false;
     };
+
+    networking.dhcpcd.denyInterfaces = [ cfg.interfaceName ];
+
+    systemd.network.networks."50-tailscale" = mkIf isNetworkd {
+      matchConfig = {
+        Name = cfg.interfaceName;
+      };
+      linkConfig = {
+        Unmanaged = true;
+        ActivationPolicy = "manual";
+      };
+    };
   };
 }
author	Bernardo Meurer <bernardo@meurer.org>	2022-06-23 12:10:14 -0400
committer	GitHub <noreply@github.com>	2022-06-23 12:10:14 -0400
commit	5332bc174acb5276eb7e75e21a4782fba93ace80 (patch)
tree	d8c2d5e9f83ba53d04f362f2f995a686b0836cb6 /nixos
parent	ce201e84f240cae0d9d5e1743f93082f3a3fdb17 (diff)
parent	3b8a1626800c6ddf0cfc8fdf4b8acd34f4401224 (diff)