services: tailscale: loosen firewall policy
See https://github.com/tailscale/tailscale/issues/4432
This commit is contained in:
parent
df62816288
commit
a4d3e6b6f8
|
@ -28,6 +28,8 @@ in {
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
trustedInterfaces = ["tailscale0"];
|
trustedInterfaces = ["tailscale0"];
|
||||||
allowedUDPPorts = [config.services.tailscale.port];
|
allowedUDPPorts = [config.services.tailscale.port];
|
||||||
|
# needed for exit node usage
|
||||||
|
checkReversePath = mkIf (!cfg.exitNode) "loose";
|
||||||
};
|
};
|
||||||
|
|
||||||
# enable IP forwarding to use as exit node
|
# enable IP forwarding to use as exit node
|
||||||
|
|
Loading…
Reference in a new issue