From a4d3e6b6f8854c49dc63c37455a6b42caaed5291 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 15 May 2022 19:45:42 +0200 Subject: [PATCH] services: tailscale: loosen firewall policy See https://github.com/tailscale/tailscale/issues/4432 --- services/tailscale.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/services/tailscale.nix b/services/tailscale.nix index ff3a4b1..41fe9f8 100644 --- a/services/tailscale.nix +++ b/services/tailscale.nix @@ -28,6 +28,8 @@ in { networking.firewall = { trustedInterfaces = ["tailscale0"]; allowedUDPPorts = [config.services.tailscale.port]; + # needed for exit node usage + checkReversePath = mkIf (!cfg.exitNode) "loose"; }; # enable IP forwarding to use as exit node