From 80be293482d238ef66b24fdd7294b6aa4667ff9b Mon Sep 17 00:00:00 2001
From: Nolan Darilek <nolan@thewordnerd.info>
Date: Thu, 17 Apr 2025 16:01:16 -0500
Subject: [PATCH] Fixes for exit node support.

---
 roles/tailscale.nix | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/roles/tailscale.nix b/roles/tailscale.nix
index f41449e..9300026 100644
--- a/roles/tailscale.nix
+++ b/roles/tailscale.nix
@@ -6,7 +6,14 @@
 }:
 
 {
-  services.tailscale.enable = true;
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "both";
+  };
   # See https://github.com/NixOS/nixpkgs/issues/180175#issuecomment-2541381489
-  systemd.services.tailscaled.after = [ "systemd-networkd-wait-online.service" ];
+  systemd.services.tailscaled.after = [
+    "systemd-networkd-wait-online.service"
+  ];
+  # See https://github.com/tailscale/tailscale/issues/4432#issuecomment-1112819111
+  networking.firewall.checkReversePath = "loose";
 }