From 31ccc723c834693d28a5ef7290a20250eb7819ac Mon Sep 17 00:00:00 2001
From: BuyMyMojo <hello+git@buymymojo.net>
Date: Sun, 6 Apr 2025 15:03:04 +1000
Subject: [PATCH] Update networking to work with tailscale

---
 nixos/hosts/nixos/hardware-configuration.nix |  9 ++++++++-
 nixos/hosts/nixos/services.nix               | 12 +++++++-----
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/nixos/hosts/nixos/hardware-configuration.nix b/nixos/hosts/nixos/hardware-configuration.nix
index 1eb57b7..98bd912 100644
--- a/nixos/hosts/nixos/hardware-configuration.nix
+++ b/nixos/hosts/nixos/hardware-configuration.nix
@@ -189,13 +189,20 @@
   # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true;
   # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
 
-  systemd.network.enable = true;
+
+  networking.useNetworkd = true;
+  networking.useDHCP = false;
+  networking.interfaces.enp4s0.useDHCP = true;
+  networking.interfaces.enp6s0.useDHCP = true;
+  networking.interfaces.tailscale0.useDHCP = false;
+  networking.nftables.enable = true;
 
   networking.nameservers = [
     "1.1.1.1#one.one.one.one"
     "1.0.0.1#one.one.one.one"
   ];
 
+  # systemd.network.enable = false;
   systemd.network.networks."10-wan" = {
     # match the interface by name
     matchConfig.Name = "enp4s0";
diff --git a/nixos/hosts/nixos/services.nix b/nixos/hosts/nixos/services.nix
index cd01a2f..d82103f 100644
--- a/nixos/hosts/nixos/services.nix
+++ b/nixos/hosts/nixos/services.nix
@@ -54,7 +54,11 @@
       };
     };
 
-    tailscale.enable = true;
+    tailscale = {
+      enable = true;
+      useRoutingFeatures = "both";
+      package = unstable.tailscale;
+    };
 
     # tailscale.extraSetFlags = [
     #   "--advertise-exit-node"
@@ -63,8 +67,8 @@
 
     resolved = {
       enable = true;
-      dnssec = "true";
-      domains = [ "~." ];
+      # dnssec = "true";
+      # domains = [ "~." ];
       fallbackDns = [
         "1.1.1.1#one.one.one.one"
         "1.0.0.1#one.one.one.one"
@@ -72,8 +76,6 @@
       dnsovertls = "true";
     };
 
-
-
     # blocky = {
     #   enable = true;
     #   settings = {