nixos-config/machines/calcite/network.nix

46 lines
875 B
Nix
Raw Normal View History

{ pkgs, ...}:
{
2023-09-26 15:32:52 +00:00
imports = [
../sing-box.nix
];
# Enable networking
networking = {
networkmanager = {
enable = true;
2023-05-27 01:39:16 +00:00
dns = "systemd-resolved";
};
2023-05-27 01:39:16 +00:00
};
services.resolved = {
enable = true;
};
# Enable Tailscale
services.tailscale.enable = true;
# services.tailscale.useRoutingFeatures = "both";
# Open ports in the firewall.
2023-09-26 15:32:52 +00:00
networking.firewall.enable = true;
2023-05-27 01:39:16 +00:00
networking.firewall.allowedTCPPorts = [ ];
networking.firewall.allowedUDPPorts = [ 41641 ];
2023-05-27 01:39:16 +00:00
networking.firewall.trustedInterfaces = [
2023-09-26 15:32:52 +00:00
"tun0"
2023-05-27 01:39:16 +00:00
"tailscale0"
];
2023-09-26 15:32:52 +00:00
# Use nftables to manager firewall
networking.nftables.enable = true;
# Add gsconnect, open firewall
programs.kdeconnect = {
enable = true;
package = pkgs.gnomeExtensions.gsconnect;
};
programs.wireshark = {
enable = true;
package = pkgs.wireshark-qt;
};
2023-05-27 01:39:16 +00:00
}