fw/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

MMore stuff

Browse source
This commit is contained in:
fwastring 2025-09-15 21:08:36 +02:00
parent 01c04cd91c
commit 35fd1799a2
18 changed files with 62 additions and 291 deletions
Download patch file Download diff file Expand all files Collapse all files

7
moduler/base.nix
View file

@ -92,6 +92,13 @@
enable = true;
};
services.tailscale.enable = true;
networking.firewall = {
checkReversePath = "loose";
trustedInterfaces = [ "tailscale0" ];
allowedUDPPorts = [ config.services.tailscale.port ];
};
services = {
printing.enable = true;
clipmenu.enable = true;

28
moduler/services/headscale/default.nix
View file

@ -8,11 +8,21 @@ with lib;
options = {
headscale = {
enable = mkEnableOption "enables headscale";
port = lib.mkOption {
type = lib.types.int;
default = 8082;
description = "The port that headscale is served on.";
};
domain = lib.mkOption {
type = lib.types.str;
default = "headscale.wastring.com";
description = "The domain that headscale is served on.";
};
baseDomain = lib.mkOption {
type = lib.types.str;
default = "tailnet.wastring.com";
description = "The base-domain that headscale is served on.";
};
};
};
@ -22,21 +32,25 @@ with lib;
headscale = {
enable = true;
address = "0.0.0.0";
port = 8080;
server_url = "https://${domain}";
dns = {
baseDomain = "example.com";
};
port = config.headscale.port;
settings = {
server_url = "https://${config.headscale.domain}";
logtail.enabled = false;
dns = {
base_domain = config.headscale.baseDomain;
nameservers.global = [
"1.1.1.1"
"8.8.8.8"
];
};
};
};
nginx.virtualHosts.${domain} = {
nginx.virtualHosts.${config.headscale.domain} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyPass = "http://localhost:${toString config.headscale.port}";
proxyWebsockets = true;
};
};