ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Require tun device and trust Tailscale interface in firewall

Browse source
This commit is contained in:
RingOfStorms (Joshua Bell) 2026-01-05 23:05:43 -06:00
parent 485694c33f
commit 3bb634f358
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
flakes/common/nix_modules/tailnet.nix
View file

@ -20,6 +20,16 @@
"--no-logs-no-support" "--no-logs-no-support"
]; ];
}; };
systemd.services.tailscaled = {
after = [
"systemd-modules-load.service"
"dev-net-tun.device"
];
wants = [ "dev-net-tun.device" ];
requires = [ "dev-net-tun.device" ];
};
networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
networking.firewall.checkReversePath = "loose"; networking.firewall.checkReversePath = "loose";
} }