services: tailscale: loosen firewall policy

See https://github.com/tailscale/tailscale/issues/4432
This commit is contained in:
Antoine Martin 2022-05-15 19:45:42 +02:00
parent df62816288
commit a4d3e6b6f8

View file

@ -28,6 +28,8 @@ in {
networking.firewall = {
trustedInterfaces = ["tailscale0"];
allowedUDPPorts = [config.services.tailscale.port];
# needed for exit node usage
checkReversePath = mkIf (!cfg.exitNode) "loose";
};
# enable IP forwarding to use as exit node