wiro.world / dotfiles
yep, more dotfiles
fork atom

server: enable own derp server

wiro.world 2f45d00e e6e1ce8e

verified
+7
+7
nixos/profiles/server.nix
··· 62 62 thelounge-hostname = "lounge.wiro.world"; 63 63 64 64 headscale-port = 3006; 65 + headscale-derp-port = 3478; 65 66 headscale-hostname = "headscale.wiro.world"; 66 67 67 68 lldap-port = 3007; ··· 120 121 121 122 # Reflect firewall configuration on Hetzner 122 123 firewall.allowedTCPPorts = [ 22 80 443 ]; 124 + firewall.allowedUDPPorts = [ headscale-derp-port ]; 123 125 }; 124 126 125 127 services.qemuGuest.enable = true; ··· 404 406 client_secret_path = config.age.secrets.headscale-oidc-secret.path; 405 407 scope = [ "openid" "profile" "email" "groups" ]; 406 408 pkce.enabled = true; 409 + }; 410 + 411 + derp.server = { 412 + enable = true; 413 + stun_listen_addr = "0.0.0.0:${toString headscale-derp-port}"; 407 414 }; 408 415 }; 409 416 };