mirror of
https://github.com/anotherhadi/nixy.git
synced 2026-04-02 11:12:09 +02:00
-tailscale
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
This commit is contained in:
Hadi
@@ -11,7 +11,6 @@
|
|||||||
../../nixos/sddm.nix
|
../../nixos/sddm.nix
|
||||||
../../nixos/users.nix
|
../../nixos/users.nix
|
||||||
../../nixos/utils.nix
|
../../nixos/utils.nix
|
||||||
../../nixos/tailscale.nix
|
|
||||||
../../nixos/hyprland.nix
|
../../nixos/hyprland.nix
|
||||||
../../nixos/docker.nix
|
../../nixos/docker.nix
|
||||||
|
|
||||||
|
|||||||
@@ -1,41 +0,0 @@
|
|||||||
# Tailscale is a VPN service that makes it easy to connect your devices between each other.
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
inputs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
username = config.var.username;
|
|
||||||
in {
|
|
||||||
security.sudo.extraRules = [
|
|
||||||
{
|
|
||||||
users = [username];
|
|
||||||
# Allow running Tailscale commands without a password
|
|
||||||
commands = [
|
|
||||||
{
|
|
||||||
command = "/etc/profiles/per-user/${username}/bin/tailscale";
|
|
||||||
options = ["NOPASSWD"];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
command = "/run/current-system/sw/bin/tailscale";
|
|
||||||
options = ["NOPASSWD"];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
environment.systemPackages = with inputs.nixpkgs-stable.legacyPackages.x86_64-linux; [
|
|
||||||
tailscale
|
|
||||||
];
|
|
||||||
|
|
||||||
services.tailscale = {
|
|
||||||
enable = true;
|
|
||||||
package = inputs.nixpkgs-stable.legacyPackages.x86_64-linux.tailscale;
|
|
||||||
openFirewall = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.firewall = {
|
|
||||||
trustedInterfaces = ["tailscale0"];
|
|
||||||
# required to connect to Tailscale exit nodes
|
|
||||||
checkReversePath = "loose";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
Reference in New Issue
Block a user