mixins/tailscale.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

{
  pkgs,
  config,
  ...
}: {
  config = {
    services.tailscale.enable = true;
    networking.firewall = {
      trustedInterfaces = ["tailscale0"];
      allowedUDPPorts = [41641];
    };

    environment.persistence."/nix/persist".directories = ["/var/lib/tailscale"];

    # systemd.services.tailscaled = {
    #   restartIfChanged = false;
    #   serviceConfig.ExecStart = [
    #     ""
    #     "${config.services.tailscale.package}/bin/tailscaled --state=mem: --port $PORT $FLAGS"
    #   ];
    # };
  };
}