fix: fix tailscale routing, etc.

2025-09-26 15:54:24 +02:00
parent 312b3906ab
commit b2bf32dc73
4 changed files with 6 additions and 2 deletions
--- a/ekman/default.nix
+++ b/ekman/default.nix
@@ -108,6 +108,7 @@ let
      firewall.extraCommands = ''
        iptables -I INPUT -s 10.255.241.0/24 -j ACCEPT
        iptables -I INPUT -s 10.255.243.0/24 -j ACCEPT
+        iptables -I INPUT -s 100.64.0.0/24 -j ACCEPT
      '';
    };

@@ -143,7 +144,9 @@ let
    features.hpc.slurm = {
        enable = true;
        client = true;
+        # clusterName = "ekman";
        mungeKey = ./munge.key;
+        # jwtKey = ./jwt_hs256.key;
        mungeUid = mkDefault 996; # hack
        # pkey = "0x7666";
        controlMachine = "ekman-manage";
--- a/ekman/jwt_hs256.key
+++ b/ekman/jwt_hs256.key
--- a/ekman/login/default.nix
+++ b/ekman/login/default.nix
@@ -26,7 +26,7 @@ in
        opt = false;
        work = true;
        data = true;
-        backup = true;
+        backup =false;
        ceph = true;
      };
    };
@@ -338,7 +338,7 @@ in
        "--login-server=https://headscale.svc.oceanbox.io"
        "--accept-dns"
        "--advertise-exit-node"
-        "--advertise-routes=10.255.241.241.0/24"
+        "--advertise-routes=10.255.241.0/24"
        "--advertise-tags=tag:ekman"
      ];
    };
--- a/ekman/manage/default.nix
+++ b/ekman/manage/default.nix
@@ -325,6 +325,7 @@ in {
      "--login-server=https://headscale.svc.oceanbox.io"
      "--accept-dns=false"
      "--advertise-exit-node"
+      "--advertise-routes=10.255.241.0/24"
    ];
  };