2024-01-06 03:06:53 +01:00
|
|
|
{ ... }:
|
2022-06-26 13:12:01 +02:00
|
|
|
|
|
|
|
|
{
|
2024-05-26 16:45:38 +02:00
|
|
|
imports = [
|
|
|
|
|
./common.nix
|
|
|
|
|
./vpn.nix
|
|
|
|
|
];
|
2022-08-12 16:48:27 +02:00
|
|
|
|
|
|
|
|
# use xserver without display manager
|
|
|
|
|
services.xserver.displayManager.startx.enable = true;
|
2024-01-25 02:15:35 +01:00
|
|
|
|
|
|
|
|
# Allow web server to be accessible when running Tailscale with exit node
|
|
|
|
|
networking.nftables.enable = true;
|
|
|
|
|
networking.nftables.ruleset = ''
|
|
|
|
|
table inet allow-incoming-traffic {
|
|
|
|
|
chain allow-incoming {
|
|
|
|
|
type filter hook input priority -100; policy accept;
|
2025-01-17 13:58:03 +01:00
|
|
|
tcp dport {80, 443, 2222} meta mark set 0x80000;
|
|
|
|
|
udp dport {80, 443, 2222} meta mark set 0x80000;
|
2024-01-25 02:15:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
chain allow-outgoing {
|
|
|
|
|
type route hook output priority -100; policy accept;
|
2025-01-17 13:58:03 +01:00
|
|
|
tcp sport {80, 443, 2222} meta mark set 0x80000;
|
|
|
|
|
udp sport {80, 443, 2222} meta mark set 0x80000;
|
2024-01-25 02:15:35 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
'';
|
2022-06-26 13:12:01 +02:00
|
|
|
}
|
