- Replace read-only bind mount for openclaw.json with a full directory bind mount.
- Use systemd preStart to copy the Nix declarative config file before startup.
- This prevents the EBUSY crash loop when OpenClaw attempts to modify its own config file on launch.
- Remove `internalOnly = true` flag from Vaultwarden, Forgejo, and AdGuard Home to make them publicly accessible again.
- This also re-exposes the DNS-over-HTTPS (DoH) endpoint on the AdGuard Home domain.
- Add DNS rewrites in AdGuard Home for `*.ashisgreat.xyz` to route to the Tailscale IP (`100.64.0.3`).
- Securely expose the AdGuard Home Web UI to the Tailscale network instead of blocking it completely.
- Add `internalOnly` option to nginx module to block public access.
- Apply `internalOnly` flag to Forgejo and Vaultwarden to ensure they are only accessible over the VPN or localhost.
- Configure Headscale to use the VPS Tailscale IP (100.64.0.3) as the global DNS server instead of external providers.
- Add firewall rules to allow DNS requests over the `tailscale0` interface.
- Add iptables PREROUTING rules to redirect standard DNS (port 53) from Tailscale clients to AdGuard Home (port 5353) to resolve port conflicts with `aardvark-dns`.
New module: modules/headscale.nix
- Headscale service listening on localhost with Nginx reverse proxy
- SQLite database (appropriate for personal use)
- Tailscale public DERP relays for NAT traversal fallback
- MagicDNS enabled with Mullvad/Quad9 upstream resolvers
- Optional OIDC authentication (Google, GitHub, etc.)
- Default auth: pre-shared API keys (headscale apikeys create)
- Added to backup paths (SQLite DB)
- headscale CLI tool added to system packages
Configuration:
- Domain: vpn.ashisgreat.xyz
- OIDC disabled by default (documented how to enable in configuration.nix)
To register a device after deploying:
sudo headscale apikeys create
tailscale up --login-server=https://vpn.ashisgreat.xyz --authkey=<key>
DNS record needed: vpn.ashisgreat.xyz → VPS IP
- Drops --network=host from OpenClaw container
- Container now runs on Podman's default bridge network
- Gateway port already mapped via ports config (127.0.0.1:18789:8080)
- Container retains outbound internet access for Discord API, model providers, etc.
- Cannot reach other host services (Forgejo, Vaultwarden, etc.) — principle of least privilege
Note: If OpenClaw needs to reach local services in the future, add explicit
extraOptions like --network=bridge or create a shared Podman network.
- Global rate limit: 10 req/s with burst of 20
- Connection limit: 30 concurrent per IP
- Per-domain override support (requests, burst, enable/disable)
- SearXNG gets higher limits (20/40) to tolerate bot traffic
- Returns 429 when rate limited
