ma tinc/retiolum: disable LocalDiscovery for supernodes

author: makefu <github@syntax-fehler.de> 2022-01-27 20:51:53 +0100
committer: makefu <github@syntax-fehler.de> 2022-01-27 20:51:53 +0100
commit: bdbb5cea1e6afd8c11a3874b88292f20a1635b6d (patch)
tree: 33744605065d05faf8bebd76ac34e97d9cd855d0 /makefu/2configs/tinc
parent: 377ee283e3227ebf80b5340f5e0ad5274b20dfa0 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/makefu/2configs/tinc/retiolum.nix b/makefu/2configs/tinc/retiolum.nix
index 0d2774209..a2b24d35a 100644
--- a/makefu/2configs/tinc/retiolum.nix
+++ b/makefu/2configs/tinc/retiolum.nix
@@ -1,10 +1,18 @@
-{ pkgs, config, ... }:
+{ pkgs, lib, config, ... }:
 {
   imports = [
     ../binary-cache/lass.nix
   ];
   krebs.tinc.retiolum.enable = true;
+  krebs.tinc.retiolum.extraConfig = ''
+      StrictSubnets = yes
+      ${lib.optionalString (config.krebs.build.host.nets.retiolum.via != null) ''
+        LocalDiscovery = no
+      ''}
+    '';
+  #krebs.tinc.retiolum.connectTo = [ "gum" ];
   environment.systemPackages = [ pkgs.tinc ];
   networking.firewall.allowedTCPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ];
   networking.firewall.allowedUDPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ];
+
 }
author	makefu <github@syntax-fehler.de>	2022-01-27 20:51:53 +0100
committer	makefu <github@syntax-fehler.de>	2022-01-27 20:51:53 +0100
commit	bdbb5cea1e6afd8c11a3874b88292f20a1635b6d (patch)
tree	33744605065d05faf8bebd76ac34e97d9cd855d0 /makefu/2configs/tinc
parent	377ee283e3227ebf80b5340f5e0ad5274b20dfa0 (diff)