headscale: prepare for jellyfin move

2023-09-22 23:59:48 +02:00 · 2023-09-22 23:59:48 +02:00 · 51457c2bee
commit 51457c2bee
parent c776c47d8e
4 changed files with 22 additions and 1 deletions
--- a/agenix/hosts/tanker/headscale/acls.age
+++ b/agenix/hosts/tanker/headscale/acls.age
--- a/system/nixos/adguardhome.nix
+++ b/system/nixos/adguardhome.nix
@ -44,7 +44,7 @@

  networking.firewall.interfaces =
    let
-      interfaces = lib.mapAttrsToList (_: lib.attrsets.attrByPath [ "matchConfig" "Name" ] null) config.systemd.network.networks;
+      interfaces = lib.mapAttrsToList (_: lib.attrsets.attrByPath [ "matchConfig" "Name" ] null) config.systemd.network.networks ++ [ "tailscale0" ];
    in
    builtins.listToAttrs
      (builtins.map
--- a/system/nixos/headscale.nix
+++ b/system/nixos/headscale.nix
@ -25,6 +25,17 @@ in

      server_url = "https://${fqdn}";
      acl_policy_path = config.age.secrets.headscale-acls.path;
+
+      dns_config = {
+        override_local_dns = false;
+
+        nameservers = [
+          "100.64.10.1"
+          "100.64.10.6"
+        ];
+
+        base_domain = "mesh.kempkens.network";
+      };
    };
  };

--- a/system/nixos/jellyfin.nix
+++ b/system/nixos/jellyfin.nix
@ -30,12 +30,22 @@
        addr = "0.0.0.0";
        port = 9920;
        ssl = true;
+        extraParameters = [
+          "fastopen=63"
+          "backlog=1023"
+          "deferred"
+        ];
      }

      {
        addr = "[::0]";
        port = 9920;
        ssl = true;
+        extraParameters = [
+          "fastopen=63"
+          "backlog=1023"
+          "deferred"
+        ];
      }
    ];