diff options
Diffstat (limited to 'machines')
| -rw-r--r-- | machines/nixos/x86_64-linux/rivendell.nix | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/machines/nixos/x86_64-linux/rivendell.nix b/machines/nixos/x86_64-linux/rivendell.nix index dc0205d..271da7f 100644 --- a/machines/nixos/x86_64-linux/rivendell.nix +++ b/machines/nixos/x86_64-linux/rivendell.nix @@ -23,6 +23,9 @@ wireguard = { file = ../../../secrets/rivendell/wireguard.age; }; + ts = { + file = ../../../secrets/rivendell/ts.age; + }; }; }; @@ -79,6 +82,17 @@ networking.firewall.allowedUDPPorts = [ 51871 ]; + services.tailscale = { + useRoutingFeatures = "both"; + authKeyFile = config.age.secrets.ts.path; + extraSetFlags = [ + "--accept-dns=true" + "--accept-routes=true" + "--advertise-exit-node=true" + "--ssh" + ]; + }; + my.modules.hardware.baremetal.enable = true; my.modules.remote-unlock.enable = true; |