Working config for fw13 amd

system/network/avahi.nix

@@ -0,0 +1,12 @@
+{
+  # network discovery, mDNS
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    publish = {
+      enable = true;
+      domain = true;
+      userServices = true;
+    };
+  };
+}

system/network/default.nix

@@ -0,0 +1,28 @@
+# networking configuration
+{pkgs, ...}: {
+  networking = {
+    # use quad9 with DNS over TLS
+    nameservers = ["9.9.9.9#dns.quad9.net"];
+
+    networkmanager = {
+      enable = true;
+      dns = "systemd-resolved";
+      wifi.powersave = true;
+    };
+  };
+
+  services = {
+    openssh = {
+      enable = true;
+      settings.UseDns = true;
+    };
+
+    # DNS resolver
+    resolved = {
+      enable = true;
+      dnsovertls = "opportunistic";
+    };
+  };
+
+  systemd.services.NetworkManager-wait-online.serviceConfig.ExecStart = ["" "${pkgs.networkmanager}/bin/nm-online -q"];
+}

system/network/tailscale.nix

@@ -0,0 +1,13 @@
+{
+  networking.firewall = {
+    trustedInterfaces = ["tailscale0"];
+    # required to connect to Tailscale exit nodes
+    checkReversePath = "loose";
+  };
+
+  # inter-machine VPN
+  services.tailscale = {
+    enable = true;
+    openFirewall = true;
+  };
+}