From 3862992b76b9672d5ec26172c374b31ebc8f3689 Mon Sep 17 00:00:00 2001
From: Antoine Martin <antoine@alarsyo.net>
Date: Tue, 13 Jul 2021 23:36:13 +0200
Subject: [PATCH] poseidon: trust tailscale0 interface in firewall

---
 hosts/poseidon/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix
index 20b325c..298f35d 100644
--- a/hosts/poseidon/default.nix
+++ b/hosts/poseidon/default.nix
@@ -40,6 +40,10 @@ in
   systemd.services.tailscaled = {
       path = [ pkgs.procps ];
   };
+  networking.firewall = {
+    trustedInterfaces = [ "tailscale0" ];
+    allowedUDPPorts = [ config.services.tailscale.port ];
+  };
 
   virtualisation.docker = {
     enable = true;