From 7ac80d78f13e1409db787a3c5f72d1f3d40af532 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= <dev@felschr.com> Date: Fri, 6 Jun 2025 18:05:31 +0200 Subject: [PATCH] feat(vpn): improve tailscale routing --- hosts/home-server/default.nix | 1 + system/vpn.nix | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/home-server/default.nix b/hosts/home-server/default.nix index 461cd35..f127875 100644 --- a/hosts/home-server/default.nix +++ b/hosts/home-server/default.nix @@ -128,6 +128,7 @@ in inherit hostKeys; }; + services.tailscale.useRoutingFeatures = "both"; services.tailscale.extraUpFlags = [ # "--accept-routes" # breaks incoming connections from outside Tailnet "--advertise-tags=tag:felschr-com" diff --git a/system/vpn.nix b/system/vpn.nix index c8543b4..f9cfcc0 100644 --- a/system/vpn.nix +++ b/system/vpn.nix @@ -19,7 +19,7 @@ in enable = true; package = pkgs.unstable.tailscale; openFirewall = true; - useRoutingFeatures = "both"; + useRoutingFeatures = lib.mkDefault "client"; extraUpFlags = [ "--reset" "--exit-node-allow-lan-access"