machines/shiki: enable tailscale

author: Profpatsch <mail@profpatsch.de> 2022-06-26 15:53:21 +0200
committer: Profpatsch <mail@profpatsch.de> 2022-06-26 16:00:52 +0200
commit: c76943d1c026319ebb1e88ba9aa42b09f9494856 (patch)
tree: da37da0fc8430a4307f6bda5eaec81f8cbb597ba /machines/profpatsch
parent: a3f8e4ff17fd5937bdfdd32513b4b5f86717fc3a (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/machines/profpatsch/shiki.nix b/machines/profpatsch/shiki.nix
index 9ff81746..0ec468fa 100644
--- a/machines/profpatsch/shiki.nix
+++ b/machines/profpatsch/shiki.nix
@@ -4,7 +4,10 @@ let
   myLib  = import ./lib.nix  { inherit pkgs lib; };
   myPkgs = import ./pkgs.nix { inherit pkgs lib myLib unfreeAndNonDistributablePkgs; };
 
+  tailscaleInterface = "tailscale0";
+
   lock-screen = pkgs.writers.writeDashBin "lock-screen" ''
+
     set -e
     revert() {
       # never turn off the screen (disable dpms)
@@ -164,8 +167,16 @@ in {
 
     networking.networkmanager.enable = true;
 
-    services.tailscale.enable = true;
+    services.tailscale = {
+      enable = true;
+      interfaceName = tailscaleInterface;
+    };
 
+    networking.firewall.interfaces.${tailscaleInterface} = {
+      allowedTCPPorts = [
+        # Open ports that should be accessible via tailscale VPN here
+      ];
+    } ;
 
     services.mullvad-vpn.enable = true;
author	Profpatsch <mail@profpatsch.de>	2022-06-26 15:53:21 +0200
committer	Profpatsch <mail@profpatsch.de>	2022-06-26 16:00:52 +0200
commit	c76943d1c026319ebb1e88ba9aa42b09f9494856 (patch)
tree	da37da0fc8430a4307f6bda5eaec81f8cbb597ba /machines/profpatsch
parent	a3f8e4ff17fd5937bdfdd32513b4b5f86717fc3a (diff)