25 lines
562 B
Nix
25 lines
562 B
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
environment.systemPackages = with pkgs; [ tailscale ];
|
|
|
|
services.tailscale = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
useRoutingFeatures = "both"; # Act as a client and a server (exit node)
|
|
|
|
# extraSetFlags = [
|
|
# "--advertise-exit-node"
|
|
# ];
|
|
|
|
disableUpstreamLogging = true;
|
|
disableTaildrop = true;
|
|
};
|
|
|
|
# Enable IP forwarding for subnet routers
|
|
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
|
|
|
# TODO: this fixes MagicDNS but breaks DNS resolution on LAN (Pihole)
|
|
# services.resolved.enable = true;
|
|
}
|
|
|