summaryrefslogtreecommitdiff
path: root/modules/nixosModules/desktop/mullvad.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixosModules/desktop/mullvad.nix')
-rw-r--r--modules/nixosModules/desktop/mullvad.nix22
1 files changed, 22 insertions, 0 deletions
diff --git a/modules/nixosModules/desktop/mullvad.nix b/modules/nixosModules/desktop/mullvad.nix
new file mode 100644
index 0000000..9f2892c
--- /dev/null
+++ b/modules/nixosModules/desktop/mullvad.nix
@@ -0,0 +1,22 @@
+{lib, ...}: {
+ flake.nixosModules.mullvad = { pkgs, ... }: {
+ services.mullvad-vpn = {
+ enable = true;
+ package = pkgs.mullvad-vpn;
+ enableExcludeWrapper = true;
+ };
+
+ # allow tailscale traffic through
+ networking.nftables.tables.mullvad_tailscale = {
+ content = ''
+ chain output {
+ type route hook output priority 0; policy accept;
+ ip daddr 100.64.0.0/10 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
+ }
+ '';
+ family = "inet";
+ };
+
+ systemd.services.tailscaled.serviceConfig.Environment = [ "TS_DEBUG_FIREWALL_MODE=nftables" ];
+ };
+}
generated by cgit v1.3 (git 2.53.0) at 2026-04-26 21:14:40 +0000