fix: move tailscale relay to fs-work for now

2025-10-11 17:53:23 +02:00
parent 29e65c1598
commit e101653b7f
4 changed files with 58 additions and 39 deletions
--- a/rossby/manage/default.nix
+++ b/rossby/manage/default.nix
@@ -264,31 +264,28 @@ in {

    virtualisation.docker.enable = pkgs.lib.mkForce true;

-    services.tailscale =  {
-      enable = true;
-      authKeyFile = "/var/lib/secrets/tailscale.key";
-      useRoutingFeatures = "both"; # for exit-node usage
-      extraUpFlags = [
-        "--login-server=https://headscale.svc.oceanbox.io"
-        "--accept-dns=true"
-        "--accept-routes=true"
-        "--advertise-routes=172.16.238.0/24,172.16.239.0/24"
-        "--snat-subnet-routes=false"
-      ];
-    };
-    services.networkd-dispatcher = {
-      enable = true;
-      rules = {
-        "tailscale-router" = {
-          onState = [ "routable" ];
-          script = ''
-          #!${pkgs.runtimeShell}
-          ${pkgs.ethtool}/bin/ethtool -K enp65s0np0 rx-udp-gro-forwarding on
-          ${pkgs.ethtool}/bin/ethtool -K enp65s0np0 rx-gro-list off
-          ${pkgs.ethtool}/bin/ethtool -K enp65s0np0 tx-udp-segmentation on
-          exit 0
-          '';
-        };
+  services.tailscale =  {
+    enable = true;
+    authKeyFile = "/var/lib/secrets/tailscale.key";
+    useRoutingFeatures = "both"; # for exit-node usage
+    extraUpFlags = [
+      "--login-server=https://headscale.svc.oceanbox.io"
+      "--accept-dns=true"
+      # "--accept-routes=true"
+      # "--advertise-routes=172.16.238.0/24,172.16.239.0/24"
+      # "--snat-subnet-routes=false"
+    ];
+  };
+  services.networkd-dispatcher = {
+    enable = true;
+    rules = {
+      "tailscale-router" = {
+        onState = [ "routable" ];
+        script = ''
+        #!${pkgs.runtimeShell}
+        ${pkgs.ethtool}/bin/ethtool -K enp65s0np0 rx-udp-gro-forwarding on rx-gro-list off
+        exit 0
+        '';
      };
    };