diff options
author | makefu <github@syntax-fehler.de> | 2022-01-27 20:51:53 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2022-01-27 20:51:53 +0100 |
commit | bdbb5cea1e6afd8c11a3874b88292f20a1635b6d (patch) | |
tree | 33744605065d05faf8bebd76ac34e97d9cd855d0 | |
parent | 377ee283e3227ebf80b5340f5e0ad5274b20dfa0 (diff) |
ma tinc/retiolum: disable LocalDiscovery for supernodes
-rw-r--r-- | makefu/2configs/tinc/retiolum.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/makefu/2configs/tinc/retiolum.nix b/makefu/2configs/tinc/retiolum.nix index 0d2774209..a2b24d35a 100644 --- a/makefu/2configs/tinc/retiolum.nix +++ b/makefu/2configs/tinc/retiolum.nix @@ -1,10 +1,18 @@ -{ pkgs, config, ... }: +{ pkgs, lib, config, ... }: { imports = [ ../binary-cache/lass.nix ]; krebs.tinc.retiolum.enable = true; + krebs.tinc.retiolum.extraConfig = '' + StrictSubnets = yes + ${lib.optionalString (config.krebs.build.host.nets.retiolum.via != null) '' + LocalDiscovery = no + ''} + ''; + #krebs.tinc.retiolum.connectTo = [ "gum" ]; environment.systemPackages = [ pkgs.tinc ]; networking.firewall.allowedTCPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ]; networking.firewall.allowedUDPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ]; + } |