Compare commits
2 commits
f0eb027550
...
e7ec6720da
Author | SHA1 | Date | |
---|---|---|---|
Gabriel Simmer | e7ec6720da | ||
Gabriel Simmer | 22439f958f |
|
@ -9,6 +9,7 @@
|
||||||
boot = {
|
boot = {
|
||||||
supportedFilesystems = [ "nfs" ];
|
supportedFilesystems = [ "nfs" ];
|
||||||
kernelPackages = pkgs.linuxPackages_rpi4;
|
kernelPackages = pkgs.linuxPackages_rpi4;
|
||||||
|
kernelParams = [ "cgroup_enable=memory" "cgroup_enable=cpuset" "cgroup_memory=1" ];
|
||||||
loader = {
|
loader = {
|
||||||
grub.enable = false;
|
grub.enable = false;
|
||||||
generic-extlinux-compatible.enable = true;
|
generic-extlinux-compatible.enable = true;
|
||||||
|
@ -46,7 +47,9 @@
|
||||||
firewall = {
|
firewall = {
|
||||||
trustedInterfaces = ["tailscale0"];
|
trustedInterfaces = ["tailscale0"];
|
||||||
checkReversePath = "loose";
|
checkReversePath = "loose";
|
||||||
enable = false;
|
allowedUDPPorts = [ 41641 ];
|
||||||
|
allowedTCPPorts = [ 22 53 80 443 ];
|
||||||
|
enable = true;
|
||||||
};
|
};
|
||||||
nftables.enable = true;
|
nftables.enable = true;
|
||||||
};
|
};
|
||||||
|
|
|
@ -57,9 +57,10 @@
|
||||||
hostName = "LONDON";
|
hostName = "LONDON";
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
firewall = {
|
firewall = {
|
||||||
enable = false;
|
enable = true;
|
||||||
allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
|
allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
|
||||||
allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
|
allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
|
||||||
|
allowedUDPPorts = [ 41641 ];
|
||||||
trustedInterfaces = [ "tailscale0" ];
|
trustedInterfaces = [ "tailscale0" ];
|
||||||
checkReversePath = "loose";
|
checkReversePath = "loose";
|
||||||
};
|
};
|
||||||
|
|
|
@ -217,7 +217,7 @@
|
||||||
checkReversePath = "loose";
|
checkReversePath = "loose";
|
||||||
enable = true;
|
enable = true;
|
||||||
allowedTCPPorts = [ 22 53 80 443 ];
|
allowedTCPPorts = [ 22 53 80 443 ];
|
||||||
allowedUDPPorts = [ 53 ];
|
allowedUDPPorts = [ 53 41641 ];
|
||||||
};
|
};
|
||||||
nftables.enable = true;
|
nftables.enable = true;
|
||||||
};
|
};
|
||||||
|
|
|
@ -39,6 +39,7 @@
|
||||||
{ from = 4000; to = 4007; }
|
{ from = 4000; to = 4007; }
|
||||||
{ from = 8000; to = 8010; }
|
{ from = 8000; to = 8010; }
|
||||||
];
|
];
|
||||||
|
allowedUDPPorts = [ 41641 ];
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
nftables.enable = true;
|
nftables.enable = true;
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
boot = {
|
boot = {
|
||||||
supportedFilesystems = [ "nfs" ];
|
supportedFilesystems = [ "nfs" ];
|
||||||
kernelPackages = pkgs.linuxPackages_rpi4;
|
kernelPackages = pkgs.linuxPackages_rpi4;
|
||||||
|
kernelParams = [ "cgroup_enable=memory" "cgroup_enable=cpuset" "cgroup_memory=1" ];
|
||||||
loader = {
|
loader = {
|
||||||
grub.enable = false;
|
grub.enable = false;
|
||||||
generic-extlinux-compatible.enable = true;
|
generic-extlinux-compatible.enable = true;
|
||||||
|
@ -46,7 +47,9 @@
|
||||||
firewall = {
|
firewall = {
|
||||||
trustedInterfaces = ["tailscale0"];
|
trustedInterfaces = ["tailscale0"];
|
||||||
checkReversePath = "loose";
|
checkReversePath = "loose";
|
||||||
enable = false;
|
allowedTCPPorts = [ 22 53 80 443 ];
|
||||||
|
allowedUDPPorts = [ 41641 ];
|
||||||
|
enable = true;
|
||||||
};
|
};
|
||||||
nftables.enable = true;
|
nftables.enable = true;
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue