From 228867acb77400b0970a8ceaa4a6e3b6413b437e Mon Sep 17 00:00:00 2001
From: teutat3s <teutates@mailbox.org>
Date: Sun, 5 Mar 2023 14:45:09 +0100
Subject: [PATCH] dumpyourvms: enable tailscale

---
 hosts/dumpyourvms/dumpyourvms.nix | 1 +
 hosts/dumpyourvms/networking.nix  | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/hosts/dumpyourvms/dumpyourvms.nix b/hosts/dumpyourvms/dumpyourvms.nix
index d0934b06..64033652 100644
--- a/hosts/dumpyourvms/dumpyourvms.nix
+++ b/hosts/dumpyourvms/dumpyourvms.nix
@@ -64,6 +64,7 @@ in {
     };
     services.mozillavpn.enable = true;
     networking = import ./networking.nix;
+    services.tailscale.enable = true;
 
     security.pki.certificateFiles = [./consul-agent-ca.pem];
 
diff --git a/hosts/dumpyourvms/networking.nix b/hosts/dumpyourvms/networking.nix
index 5661c54d..b6296cbe 100644
--- a/hosts/dumpyourvms/networking.nix
+++ b/hosts/dumpyourvms/networking.nix
@@ -1,5 +1,8 @@
 {
   networkmanager.dns = "systemd-resolved";
+
+  # https://github.com/tailscale/tailscale/issues/4432#issuecomment-1112819111
+  firewall.checkReversePath = "loose";
   #resolvconf.enable = true;
 
   hosts = {