diff options
author | Profpatsch <mail@profpatsch.de> | 2022-06-26 15:53:21 +0200 |
---|---|---|
committer | Profpatsch <mail@profpatsch.de> | 2022-06-26 16:00:52 +0200 |
commit | c76943d1c026319ebb1e88ba9aa42b09f9494856 (patch) | |
tree | da37da0fc8430a4307f6bda5eaec81f8cbb597ba /machines/profpatsch/shiki.nix | |
parent | a3f8e4ff17fd5937bdfdd32513b4b5f86717fc3a (diff) |
machines/shiki: enable tailscale
Diffstat (limited to 'machines/profpatsch/shiki.nix')
-rw-r--r-- | machines/profpatsch/shiki.nix | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/machines/profpatsch/shiki.nix b/machines/profpatsch/shiki.nix index 9ff81746..0ec468fa 100644 --- a/machines/profpatsch/shiki.nix +++ b/machines/profpatsch/shiki.nix @@ -4,7 +4,10 @@ let myLib = import ./lib.nix { inherit pkgs lib; }; myPkgs = import ./pkgs.nix { inherit pkgs lib myLib unfreeAndNonDistributablePkgs; }; + tailscaleInterface = "tailscale0"; + lock-screen = pkgs.writers.writeDashBin "lock-screen" '' + set -e revert() { # never turn off the screen (disable dpms) @@ -164,8 +167,16 @@ in { networking.networkmanager.enable = true; - services.tailscale.enable = true; + services.tailscale = { + enable = true; + interfaceName = tailscaleInterface; + }; + networking.firewall.interfaces.${tailscaleInterface} = { + allowedTCPPorts = [ + # Open ports that should be accessible via tailscale VPN here + ]; + } ; services.mullvad-vpn.enable = true; |