headscale: rm acls

modules/services/headscale/acl-policy.json

@@ -1,37 +0,0 @@
-{
-  "groups": {
-    "group:admin": ["motiejus@", "servers@"]
-  },
-
-  "tagOwners": {
-    "tag:public-server": ["servers@"]
-  },
-  
-  "acls": [
-    {
-      "action": "accept",
-      "src": ["group:admin"],
-      "dst": ["*:*"]
-    },
-    
-    {
-      "action": "accept",
-      "src": ["*"],
-      "dst": ["tag:public-server:*"]
-    },
-    
-    {
-      "action": "accept",
-      "src": ["*"],
-      "proto": "tcp",
-      "dst": ["*:22"]
-    },
-    
-    {
-      "action": "accept",
-      "src": ["*"],
-      "proto": "icmp",
-      "dst": ["*:*"]
-    }
-  ]
-}

modules/services/headscale/default.nix

@@ -29,7 +29,7 @@
           prefixes.v4 = config.mj.services.headscale.subnetCIDR;
           #log.level = "debug";
           log.level = "info";
-          policy.path = ./acl-policy.json;
+          #policy.path = ./acl-policy.json;
           dns = {
             nameservers.global = [
               "1.1.1.1"