Compare commits
2 commits
f0eb027550
...
e7ec6720da
Author | SHA1 | Date | |
---|---|---|---|
Gabriel Simmer | e7ec6720da | ||
Gabriel Simmer | 22439f958f |
|
@ -9,6 +9,7 @@
|
|||
boot = {
|
||||
supportedFilesystems = [ "nfs" ];
|
||||
kernelPackages = pkgs.linuxPackages_rpi4;
|
||||
kernelParams = [ "cgroup_enable=memory" "cgroup_enable=cpuset" "cgroup_memory=1" ];
|
||||
loader = {
|
||||
grub.enable = false;
|
||||
generic-extlinux-compatible.enable = true;
|
||||
|
@ -46,7 +47,9 @@
|
|||
firewall = {
|
||||
trustedInterfaces = ["tailscale0"];
|
||||
checkReversePath = "loose";
|
||||
enable = false;
|
||||
allowedUDPPorts = [ 41641 ];
|
||||
allowedTCPPorts = [ 22 53 80 443 ];
|
||||
enable = true;
|
||||
};
|
||||
nftables.enable = true;
|
||||
};
|
||||
|
|
|
@ -57,9 +57,10 @@
|
|||
hostName = "LONDON";
|
||||
networkmanager.enable = true;
|
||||
firewall = {
|
||||
enable = false;
|
||||
enable = true;
|
||||
allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
|
||||
allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
|
||||
allowedUDPPorts = [ 41641 ];
|
||||
trustedInterfaces = [ "tailscale0" ];
|
||||
checkReversePath = "loose";
|
||||
};
|
||||
|
|
|
@ -217,7 +217,7 @@
|
|||
checkReversePath = "loose";
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 22 53 80 443 ];
|
||||
allowedUDPPorts = [ 53 ];
|
||||
allowedUDPPorts = [ 53 41641 ];
|
||||
};
|
||||
nftables.enable = true;
|
||||
};
|
||||
|
|
|
@ -39,6 +39,7 @@
|
|||
{ from = 4000; to = 4007; }
|
||||
{ from = 8000; to = 8010; }
|
||||
];
|
||||
allowedUDPPorts = [ 41641 ];
|
||||
enable = true;
|
||||
};
|
||||
nftables.enable = true;
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
boot = {
|
||||
supportedFilesystems = [ "nfs" ];
|
||||
kernelPackages = pkgs.linuxPackages_rpi4;
|
||||
kernelParams = [ "cgroup_enable=memory" "cgroup_enable=cpuset" "cgroup_memory=1" ];
|
||||
loader = {
|
||||
grub.enable = false;
|
||||
generic-extlinux-compatible.enable = true;
|
||||
|
@ -46,7 +47,9 @@
|
|||
firewall = {
|
||||
trustedInterfaces = ["tailscale0"];
|
||||
checkReversePath = "loose";
|
||||
enable = false;
|
||||
allowedTCPPorts = [ 22 53 80 443 ];
|
||||
allowedUDPPorts = [ 41641 ];
|
||||
enable = true;
|
||||
};
|
||||
nftables.enable = true;
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue