break tailscale into 2 configs for server and client

2025-11-02 09:58:21 -06:00
parent 021c4a9172
commit b08cb2ea82
5 changed files with 5 additions and 3 deletions
--- a/hosts/nixos/snowbelle/configuration.nix
+++ b/hosts/nixos/snowbelle/configuration.nix
@@ -25,7 +25,6 @@ in
    sops.enable = true;
    podman.enable = true;
    yubikey.enable = true;
    tailscale.enable = true;
    nvidia.enable = true;
  };
  holocron = {
@@ -38,6 +37,7 @@ in
  };
  homelab = {
    enable = true;
    tailscale.enable = true;
    backups.enable = true;
    motd.enable = true;
    postfix.enable = true;
--- a/modules/homelab/default.nix
+++ b/modules/homelab/default.nix
@@ -62,6 +62,7 @@ in
    ./arr/flaresolverr
    ./home/mosquitto
    ./uptime-kuma
    ./tailscale
  ];
  config = lib.mkIf cfg.enable {
--- a/modules/system/default.nix
+++ b/modules/system/default.nix
@@ -20,7 +20,7 @@
  system.ssh.enable = lib.mkDefault true;
  system.sops.enable = lib.mkDefault true;
  system.docker.enable = lib.mkDefault false;
-  system.tailscale.enable = lib.mkDefault true;
+  system.tailscale.enable = lib.mkDefault false;
  system.vpns.enable = lib.mkDefault false;
  system.vpn-confinement.enable = lib.mkDefault false;
  system.syncthing.enable = lib.mkDefault false;
--- a/modules/system/tailscale/default.nix
+++ b/modules/system/tailscale/default.nix
@@ -17,7 +17,7 @@ in {
      useRoutingFeatures = "both";
      authKeyFile = authkey_file;
      extraUpFlags = [
-        "--accept-routes=false" # true is equilivant to useRoutingFeatures = "client" (breaks shit)
+        "--accept-routes=true" # true is equilivant to useRoutingFeatures = "client" (breaks shit)
        "--accept-dns=true" # explicitly allow resolved
      ];
    };
--- a/users/blake/dots/default.nix
+++ b/users/blake/dots/default.nix
@@ -9,6 +9,7 @@
    ./kitty
    ./dunst
    ./waybar
    ./stylix
    ./hypr
    ./tofi
    ./nvf