22 lines
550 B
Nix
22 lines
550 B
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
{
|
|
# Enable Tailscale service for NixOS
|
|
services.tailscale = {
|
|
enable = true;
|
|
# Enable MagicDNS for better name resolution on NixOS server
|
|
useRoutingFeatures = "server";
|
|
extraUpFlags = [
|
|
"--advertise-routes=10.1.1.0/24"
|
|
"--advertise-exit-node"
|
|
];
|
|
};
|
|
|
|
# Allow Tailscale through the firewall if enabled
|
|
networking.firewall = {
|
|
# Allow Tailscale UDP port
|
|
allowedUDPPorts = [ 41641 ];
|
|
# Allow traffic from Tailscale subnet
|
|
trustedInterfaces = [ "tailscale0" ];
|
|
};
|
|
}
|