From 1043b12ec969fbc62392b27836feafa572e4bd4b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= <dev@felschr.com>
Date: Sun, 8 Dec 2024 21:32:57 +0100
Subject: [PATCH] fix(vpn): disable --accept-routes on home-server

This caused some issues for me when trying to access home-server
services from other devices in my LAN that aren't in the Tailnet.
---
 hosts/home-pc.nix     | 1 +
 hosts/home-server.nix | 2 +-
 system/vpn.nix        | 1 -
 3 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hosts/home-pc.nix b/hosts/home-pc.nix
index 23864bc..de48f35 100644
--- a/hosts/home-pc.nix
+++ b/hosts/home-pc.nix
@@ -42,6 +42,7 @@
   };
 
   services.tailscale.extraUpFlags = [
+    "--accept-routes"
     "--operator=felschr"
     "--advertise-routes=192.168.1.0/24"
   ];
diff --git a/hosts/home-server.nix b/hosts/home-server.nix
index c9ecdad..a8c04c3 100644
--- a/hosts/home-server.nix
+++ b/hosts/home-server.nix
@@ -129,7 +129,7 @@ in
   };
 
   services.tailscale.extraUpFlags = [
-    "--advertise-routes=192.168.1.0/24"
+    # "--accept-routes" # breaks incoming connections from outside Tailnet
     "--advertise-tags=tag:felschr-com"
     "--advertise-connector"
   ];
diff --git a/system/vpn.nix b/system/vpn.nix
index a5d7b8f..cb34d70 100644
--- a/system/vpn.nix
+++ b/system/vpn.nix
@@ -22,7 +22,6 @@ in
     useRoutingFeatures = "both";
     extraUpFlags = [
       "--reset"
-      "--accept-routes"
       "--exit-node-allow-lan-access"
       "--exit-node=de-dus-wg-001.mullvad.ts.net"
     ];