about summary refs log tree commit diff
path: root/users/wpcarro/nixos/ava
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2022-05-16T19·23-0700
committerclbot <clbot@tvl.fyi>2022-06-21T19·56+0000
commitcf91baa93883bc2f61a53f2f6c78348b9cebd7b7 (patch)
treeaac99ae03bdb46d4cf2fd8b152915e0cb1d1eeae /users/wpcarro/nixos/ava
parent8e72ab6f425420b2454f34bf166778da5b628ee9 (diff)
feat(ava): Set firewall.checkReversePath to "loose" r/4250
I was being warned while running `sudo rebuild-system`.

Change-Id: Ie8b730760e069086c2ef88f8edf00887cbbb5c93
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5627
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
Diffstat (limited to 'users/wpcarro/nixos/ava')
-rw-r--r--users/wpcarro/nixos/ava/default.nix2
1 files changed, 2 insertions, 0 deletions
diff --git a/users/wpcarro/nixos/ava/default.nix b/users/wpcarro/nixos/ava/default.nix
index b3ef095be08e..47a93ed2ef7c 100644
--- a/users/wpcarro/nixos/ava/default.nix
+++ b/users/wpcarro/nixos/ava/default.nix
@@ -26,6 +26,8 @@ in
   # Support IP forwarding to use this device as a Tailscale exit node.
   boot.kernel.sysctl."net.ipv4.ip_forward" = true;
   boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
+  # Additionall exit node settings that Tailscale recommends.
+  networking.firewall.checkReversePath = "loose";
 
   time.timeZone = "America/Los_Angeles";