|
|
|
@ -1,4 +1,4 @@
|
|
|
|
|
{ ... }: {
|
|
|
|
|
{ pkgs, config, ... }: {
|
|
|
|
|
imports = [
|
|
|
|
|
./hardware-configuration.nix
|
|
|
|
|
];
|
|
|
|
@ -13,6 +13,43 @@
|
|
|
|
|
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/QDX2Ex5rol7Cxr3paGipIhCBG/T6EsBZfJpwmPrcY Idylls services key''
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
services.tailscale = {
|
|
|
|
|
enable = true;
|
|
|
|
|
interfaceName = "olympus";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.headscale = {
|
|
|
|
|
enable = true;
|
|
|
|
|
address = "127.0.0.1";
|
|
|
|
|
port = 8777;
|
|
|
|
|
settings = {
|
|
|
|
|
server_url = "https://headscale.idylls.net";
|
|
|
|
|
dns_config.base_domain = "olympus.wg";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.caddy = {
|
|
|
|
|
enable = true;
|
|
|
|
|
virtualHosts = {
|
|
|
|
|
"headscale.idylls.net" = {
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
reverse_proxy ${config.services.headscale.address}:${builtins.toString config.services.headscale.port}
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
tailscale
|
|
|
|
|
headscale
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
networking.firewall = {
|
|
|
|
|
trustedInterfaces = [ config.services.tailscale.interfaceName ];
|
|
|
|
|
allowedUDPPorts = [ config.services.headscale.port ];
|
|
|
|
|
allowedTCPPorts = [ config.services.headscale.port 80 443 ];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
|
system.stateVersion = "23.05";
|
|
|
|
|
}
|
|
|
|
|