tailscale: ignore tailscale link when using networkd

2 years ago · 3b8a162680
parent 170a413797
commit 3b8a162680
1 changed files with 13 additions and 0 deletions
--- a/nixos/modules/services/networking/tailscale.nix
+++ b/nixos/modules/services/networking/tailscale.nix
@ -6,6 +6,7 @@ let
  cfg = config.services.tailscale;
  firewallOn = config.networking.firewall.enable;
  rpfMode = config.networking.firewall.checkReversePath;
+  isNetworkd = config.networking.useNetworkd;
  rpfIsStrict = rpfMode == true || rpfMode == "strict";
 in {
  meta.maintainers = with maintainers; [ danderson mbaillie twitchyliquid64 ];
@ -69,5 +70,17 @@ in {
      # linux distros.
      stopIfChanged = false;
    };
+
+    networking.dhcpcd.denyInterfaces = [ cfg.interfaceName ];
+
+    systemd.network.networks."50-tailscale" = mkIf isNetworkd {
+      matchConfig = {
+        Name = cfg.interfaceName;
+      };
+      linkConfig = {
+        Unmanaged = true;
+        ActivationPolicy = "manual";
+      };
+    };
  };
 }