From 8837ea1b4e8953cc33104dcf9e15fc93fa240b14 Mon Sep 17 00:00:00 2001
From: Hilton Chain <hako@ultrarare.space>
Date: Fri, 8 Aug 2025 01:28:35 +0800
Subject: [PATCH] rosenthal: sing-box: Set default wireguard listen port for
 tailscale.

* modules/rosenthal/packages/networking.scm (sing-box) [arguments] <#:phases>:
Add 'set-tailscale-default-wireguard-port'.
---
 modules/rosenthal/packages/networking.scm | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/modules/rosenthal/packages/networking.scm b/modules/rosenthal/packages/networking.scm
index 0cd2cbb..1f1b0a1 100644
--- a/modules/rosenthal/packages/networking.scm
+++ b/modules/rosenthal/packages/networking.scm
@@ -186,6 +186,12 @@ bypass network restrictions." )
                "vendor")))
           (replace 'install-license-files
             (assoc-ref gnu:%standard-phases 'install-license-files))
+          (add-after 'unpack 'set-tailscale-default-wireguard-port
+            (lambda _
+              ;; See also: https://tailscale.com/kb/1082/firewall-ports
+              ;; https://github.com/tailscale/tailscale/blob/51c11a864b1241d1cf1a736fbc94b0f8c76da563/cmd/tailscaled/tailscaled.go#L102
+              (substitute* "vendor/github.com/sagernet/tailscale/tsnet/tsnet.go"
+                (("s\\.Port") "41641"))))
           (add-after 'install 'install-extras
             (lambda _
               (let ((sing-box