aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCraig Jennings <c@cjennings.net>2026-05-31 14:21:05 -0500
committerCraig Jennings <c@cjennings.net>2026-05-31 14:21:05 -0500
commit763e76797e2f6d05f007032734eaf8332cba5530 (patch)
tree34cb589526fdc22d254e5f25e9111462c543b5db
parentb26bfab59b81aa43c6a08f13021108a7136982e3 (diff)
downloadarchsetup-763e76797e2f6d05f007032734eaf8332cba5530.tar.gz
archsetup-763e76797e2f6d05f007032734eaf8332cba5530.zip
docs: note that Tailscale traffic traverses ufw on ratio
Diffstat
-rw-r--r--CLAUDE.md1
1 files changed, 1 insertions, 0 deletions
diff --git a/CLAUDE.md b/CLAUDE.md
index 093cb78..9b90e25 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -119,6 +119,7 @@ Full palette reference: `assets/color-themes/dupre/dupre-palette.org`
## Notes
- Desktop file overrides go in `dotfiles/hyprland/.local/share/applications/`
- MPD is configured but mpv handles audio file associations
+- Firewall is ufw (configured in `archsetup`, default-deny incoming, explicit allow list). Tailscale traffic **does** traverse ufw on ratio — a probe from a tailnet IP is still blocked unless a rule covers the port. Don't assume tailnet-only services bypass the firewall; they need an explicit ufw rule like any other.
- This machine is **ratio**; **velox** is a laptop. Both run Hyprland (Wayland). archsetup still supports dwm/X11, but no current machine uses it.
- Remote repository on cjennings.net
- .ai/ is gitignored; living project context is in .ai/notes.org