setup automatic tailscale connection

2024-12-07 18:28:24 -05:00 · 2024-12-07 18:28:24 -05:00 · 75008ffe53
commit 75008ffe53
parent bb53626336
2 changed files with 16 additions and 0 deletions
--- a/kiosk.nix
+++ b/kiosk.nix
@ -35,4 +35,20 @@ in
    enable = true;
    pulse.enable = true;
  };
+
+  services.tailscale = {
+    enable = true;
+    extraUpFlags = [ "--advertise-tags" "tag:kiosk" ];
+    authKeyFile = ./tailscale-client-secret.key;
+    authKeyParameters.ephemeral = false;
+    openFirewall = true;
+  };
+  networking.firewall.trustedInterfaces = [ "tailscale0" ];
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "yes";
+    };
+  };
 }
--- a/tailscale-client-secret.key
+++ b/tailscale-client-secret.key