hosts/pi-server | re-enable tailscale
This commit is contained in:
Don Harper
parent
7e42c835c7
commit
a75a667c52
1 changed files with 16 additions and 1 deletions
|
|
@ -74,6 +74,7 @@
|
|||
services = {
|
||||
beszel-agent = {enable = true;};
|
||||
nscd = {enableNsncd = true;};
|
||||
tailscale = {enable = true;};
|
||||
locate = {
|
||||
enable = true;
|
||||
package = pkgs.mlocate;
|
||||
|
|
@ -119,7 +120,7 @@
|
|||
};
|
||||
|
||||
zramSwap = {
|
||||
enable = true;
|
||||
enable = false;
|
||||
memoryPercent = 25;
|
||||
memoryMax = 2147483648;
|
||||
};
|
||||
|
|
@ -152,7 +153,21 @@
|
|||
# Open ports in the firewall.
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
trustedInterfaces = ["tailscale0"];
|
||||
checkReversePath = "loose";
|
||||
allowedUDPPorts = [config.services.tailscale.port];
|
||||
allowedTCPPortRanges = [
|
||||
{
|
||||
from = 1714;
|
||||
to = 1764;
|
||||
}
|
||||
];
|
||||
allowedUDPPortRanges = [
|
||||
{
|
||||
from = 1714;
|
||||
to = 1764;
|
||||
}
|
||||
];
|
||||
allowedTCPPorts = [22];
|
||||
};
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue