diff --git a/nixos/tailscale.nix b/nixos/tailscale.nix
index ef9aa44..b8be00c 100755
--- a/nixos/tailscale.nix
+++ b/nixos/tailscale.nix
@@ -1,15 +1,20 @@
+{ user, ...}:
 {
   services.tailscale = {
     enable = true;
     # When using this configuration, make sure to create a file at /run/secrets/tailscale
     # with the contents of your Tailscale auth key.
     # Make sure your permissions are set correctly, e.g. 0600.
+    # The secret file will be automatically deleted on system reboot.
+    # You do not need to recreate it again unless you remove the system from your Tailscale account.
     authKeyFile = "/run/secrets/tailscale";
+    # change this to "server" if you are this device as an exit node
+    useRoutingFeatures = "client";
     extraUpFlags = [
       "--ssh"
       "--accept-routes"
       "--accept-dns"
-      "--operator=cswimr"
+      "--operator=${user}"
     ];
   };
 }