Merge remote-tracking branch 'lass/master'

author: makefu <github@syntax-fehler.de> 2024-01-14 21:45:31 +0100
committer: makefu <github@syntax-fehler.de> 2024-01-14 21:45:31 +0100
commit: 9b553ebec7cb3315d5d7ad551ba942005e0da501 (patch)
tree: a4efff47471b575d8ed90aa0ae1afd56d5ced281 /krebs/2configs/default.nix
parent: 2ca25d5fc3b5bcabe15b0934208b5f5201420eb2 (diff)
parent: 9368e6d78abbe1523a2a54279fd4e9db01a4f610 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix
index 905eaaef7..5d64555c8 100644
--- a/krebs/2configs/default.nix
+++ b/krebs/2configs/default.nix
@@ -8,7 +8,17 @@ with import ../../lib/pure.nix { inherit lib; };
   ];
   krebs.announce-activation.enable = true;
   krebs.enable = true;
-  krebs.tinc.retiolum.enable = mkDefault true;
+
+  # retiolum
+  krebs.tinc.retiolum = {
+    enable = mkDefault true;
+    extraConfig = ''
+      AutoConnect = yes
+      LocalDiscovery = yes
+    '';
+  };
+  networking.firewall.allowedTCPPorts = [ 655 ];
+  networking.firewall.allowedUDPPorts = [ 655 ];
 
   # trust krebs ACME CA
   krebs.ssl.trustIntermediate = true;
@@ -52,6 +62,7 @@ with import ../../lib/pure.nix { inherit lib; };
     config.krebs.users.makefu.pubkey
     config.krebs.users.tv.pubkey
     config.krebs.users.kmein.pubkey
+    config.krebs.users.mic92.pubkey
   ];
 
   # The NixOS release to be compatible with for stateful data such as databases.
author	makefu <github@syntax-fehler.de>	2024-01-14 21:45:31 +0100
committer	makefu <github@syntax-fehler.de>	2024-01-14 21:45:31 +0100
commit	9b553ebec7cb3315d5d7ad551ba942005e0da501 (patch)
tree	a4efff47471b575d8ed90aa0ae1afd56d5ced281 /krebs/2configs/default.nix
parent	2ca25d5fc3b5bcabe15b0934208b5f5201420eb2 (diff)
parent	9368e6d78abbe1523a2a54279fd4e9db01a4f610 (diff)