From 3ae89fd0cf39b22f9f06a5b9756eb7dd6a11fed0 Mon Sep 17 00:00:00 2001
From: ElnuDev <elnu@elnu.com>
Date: Sun, 22 Sep 2024 21:06:02 -0700
Subject: [PATCH] thinkpads: tailscale config

---
 hosts/configuration.nix     | 10 ++--------
 hosts/thinkpads/default.nix | 12 +++++++++++-
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/hosts/configuration.nix b/hosts/configuration.nix
index 4dfde72..808f24a 100644
--- a/hosts/configuration.nix
+++ b/hosts/configuration.nix
@@ -26,16 +26,10 @@
     networkmanager.enable = true;
     # networking.nameservers doesn't apply to resolvconf
     #nameservers = [ "9.9.9.9" "1.1.1.1" ];
-    resolvconf.extraConfig = "name_servers=\"9.9.9.9 1.1.1.1\"";
+    # resolvconf.extraConfig = "name_servers=\"9.9.9.9 1.1.1.1\"";
     # Temporary since MagicDNS is broken
     hosts = {
-      "192.168.0.26" = [ "elnuhub.local" ];
-      "24.199.72.8" = [ "elnudrop.local" ];
-      "100.64.0.1" = [ "elnu" ];
-      "100.64.0.2" = [ "elnuhub" ];
-      "100.64.0.3" = [ "elnudrop" ];
-      "100.64.0.4" = [ "pang13" ];
-      "100.64.0.5" = [ "elnucentre" ];
+      "192.168.1.168" = [ "elnuhub.local" ];
     };
   };
 
diff --git a/hosts/thinkpads/default.nix b/hosts/thinkpads/default.nix
index 1c8e664..206848e 100644
--- a/hosts/thinkpads/default.nix
+++ b/hosts/thinkpads/default.nix
@@ -1,4 +1,4 @@
-{ ... }:
+{ config, ... }:
 
 {
   imports = [ (import ./hardware-configuration.nix) ];
@@ -15,6 +15,16 @@
     };
   };
 
+  services.tailscale.enable = true;
+  networking.nameservers = [ "100.100.100.100" ];
+  networking.search = [ "junko-dace.ts.net" ];
+
+  networking.firewall = {
+    checkReversePath = "loose";
+    trustedInterfaces = [ "tailscale0" ];
+    allowedUDPPorts = [ config.services.tailscale.port ];
+  };
+
   # Use X11 caps lock to escape remap in TTY
   console.useXkbConfig = true;
   services.xserver.xkbOptions = "caps:escape";