-1

host-specific/touma-wsl.nix

reviewed

··· 9 9 { 10 10 imports = [ 11 11 # WSL has no hardware configuration 12 12 - ../networking.nix 13 12 ../users.nix 14 13 ../services.nix 15 14 ];

-18

networking.nix

reviewed

··· 1 1 - { ... }: 2 2 - { 3 3 - 4 4 - services.avahi = { 5 5 - enable = true; 6 6 - nssmdns4 = true; 7 7 - nssmdns6 = true; 8 8 - ipv6 = true; 9 9 - openFirewall = true; 10 10 - publish = { 11 11 - enable = true; 12 12 - addresses = true; 13 13 - workstation = true; 14 14 - domain = true; 15 15 - hinfo = true; 16 16 - }; 17 17 - }; 18 18 - }

+11

services.nix

reviewed

··· 8 8 # Fish shell, the best 9 9 programs.fish.enable = true; 10 10 11 11 + # Use nftables 12 12 + networking.nftables.enable = true; 13 13 + 11 14 # Tailscale 12 15 services.tailscale = { 13 16 enable = true; 14 17 useRoutingFeatures = "client"; 15 18 }; 19 19 + # Support native nftables in tailscale 20 20 + systemd.services.tailscaled.serviceConfig.Environment = [ 21 21 + "TS_DEBUG_FIREWALL_MODE=nftables" 22 22 + ]; 23 23 + # Don't wait for networks on boot, should speed up boot 24 24 + systemd.network.wait-online.enable = false; 25 25 + boot.initrd.systemd.network.wait-online.enable = false; 26 26 + networking.firewall.trustedInterfaces = [ "tailscale0" ]; 16 27 17 28 # Enable the OpenSSH daemon. 18 29 services.openssh = {