setup automatic tailscale connection
This commit is contained in:
parent
5f8e50471c
commit
d94c67596d
SSH key fingerprint:
SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
4 changed files with 23 additions and 0 deletions
1
.gitattributes
vendored
Normal file
1
.gitattributes
vendored
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
tailscale-client-secret filter=git-agecrypt diff=git-agecrypt
|
||||||
5
git-agecrypt.toml
Normal file
5
git-agecrypt.toml
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
[config]
|
||||||
|
tailscale-client-secret = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINwo8TGBe91mmkc/QonsXtTBKCJtsAGz3YzphDZlzmaO infinidoge@Infini-FRAMEWORK",
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIUIcQljnMxXsLU8RO33kqFRqEOgQi7U0x+UFG4Caskk infinidoge@Infini-DL360",
|
||||||
|
]
|
||||||
16
kiosk.nix
16
kiosk.nix
|
|
@ -35,4 +35,20 @@ in
|
||||||
enable = true;
|
enable = true;
|
||||||
pulse.enable = true;
|
pulse.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.tailscale = {
|
||||||
|
enable = true;
|
||||||
|
extraUpFlags = [ "--advertise-tags" "tag:kiosk" ];
|
||||||
|
authKeyFile = ./tailscale-client-secret;
|
||||||
|
authKeyParameters.ephemeral = false;
|
||||||
|
openFirewall = true;
|
||||||
|
};
|
||||||
|
networking.firewall.trustedInterfaces = [ "tailscale0" ];
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
PermitRootLogin = "yes";
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
1
tailscale-client-secret
Normal file
1
tailscale-client-secret
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
tskey-client-kJTcn9TxqB21CNTRL-3wZR8ZywdWHdTXqqNRxSWHSz9wRng25jG
|
||||||
Loading…
Reference in a new issue