ma tinc/retiolum: disable LocalDiscovery for supernodes
This commit is contained in:
parent
377ee283e3
commit
bdbb5cea1e
@ -1,10 +1,18 @@
|
|||||||
{ pkgs, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../binary-cache/lass.nix
|
../binary-cache/lass.nix
|
||||||
];
|
];
|
||||||
krebs.tinc.retiolum.enable = true;
|
krebs.tinc.retiolum.enable = true;
|
||||||
|
krebs.tinc.retiolum.extraConfig = ''
|
||||||
|
StrictSubnets = yes
|
||||||
|
${lib.optionalString (config.krebs.build.host.nets.retiolum.via != null) ''
|
||||||
|
LocalDiscovery = no
|
||||||
|
''}
|
||||||
|
'';
|
||||||
|
#krebs.tinc.retiolum.connectTo = [ "gum" ];
|
||||||
environment.systemPackages = [ pkgs.tinc ];
|
environment.systemPackages = [ pkgs.tinc ];
|
||||||
networking.firewall.allowedTCPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ];
|
networking.firewall.allowedTCPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ];
|
||||||
networking.firewall.allowedUDPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ];
|
networking.firewall.allowedUDPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ];
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user