zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

Fix tailscale networking when incus is on

Browse Source
This commit is contained in:
Zuckerberg
2026-02-17 21:28:28 -08:00
parent 3d08a3e9bc
commit 136f024cf0
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
common/network/tailscale.nix
View File

@@ -10,6 +10,10 @@ in
config.services.tailscale.enable = mkDefault (!config.boot.isContainer); config.services.tailscale.enable = mkDefault (!config.boot.isContainer);
# Trust Tailscale interface - access control is handled by Tailscale ACLs.
# Required because nftables (used by Incus) breaks Tailscale's automatic iptables rules.
config.networking.firewall.trustedInterfaces = mkIf cfg.enable [ "tailscale0" ];
# MagicDNS # MagicDNS
config.networking.nameservers = mkIf cfg.enable [ "1.1.1.1" "8.8.8.8" ]; config.networking.nameservers = mkIf cfg.enable [ "1.1.1.1" "8.8.8.8" ];
config.networking.search = mkIf cfg.enable [ "koi-bebop.ts.net" ]; config.networking.search = mkIf cfg.enable [ "koi-bebop.ts.net" ];