configure tailscale and stuff
This commit is contained in:
parent
76b0dd1a4e
commit
947249cc79
7 changed files with 70 additions and 24 deletions
|
|
@ -26,6 +26,7 @@
|
|||
./attic.nix
|
||||
./forgejo.nix
|
||||
./garage.nix
|
||||
./tailscale.nix
|
||||
];
|
||||
|
||||
sops.age.keyFile = "/root/.config/sops/age/keys.txt";
|
||||
|
|
@ -66,10 +67,12 @@
|
|||
"attic/env" = {
|
||||
sopsFile = ../../secrets/services/attic.yaml;
|
||||
};
|
||||
|
||||
"garage/env" = {
|
||||
sopsFile = ../../secrets/services/garage.yaml;
|
||||
};
|
||||
"tailscale/auth" = {
|
||||
sopsFile = ../../secrets/services/tailscale.yaml;
|
||||
};
|
||||
};
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
|
|
|
|||
9
hosts/chunk/tailscale.nix
Normal file
9
hosts/chunk/tailscale.nix
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
{ config, ... }: {
|
||||
services.tailscale = {
|
||||
enable = true;
|
||||
authKeyFile = config.sops.secrets."tailscale/auth".path;
|
||||
extraUpFlags = [ "--advertise-exit-node" ];
|
||||
useRoutingFeatures = "server";
|
||||
openFirewall = true;
|
||||
};
|
||||
}
|
||||
|
|
@ -9,6 +9,7 @@
|
|||
./hardware-configuration.nix
|
||||
../common.nix
|
||||
../zsh.nix
|
||||
./tailscale.nix
|
||||
];
|
||||
|
||||
sops.age.keyFile = "/root/.config/sops/age/keys.txt";
|
||||
|
|
@ -32,6 +33,9 @@
|
|||
sopsFile = ../../secrets/newsboat.yaml;
|
||||
owner = "yt";
|
||||
};
|
||||
"tailscale/auth" = {
|
||||
sopsFile = ../../secrets/services/tailscale.yaml;
|
||||
};
|
||||
};
|
||||
|
||||
boot = {
|
||||
|
|
@ -58,6 +62,7 @@
|
|||
pkiBundle = "/var/lib/sbctl";
|
||||
};
|
||||
kernel.sysctl."kernel.sysrq" = 1;
|
||||
binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||
};
|
||||
|
||||
networking = {
|
||||
|
|
@ -128,6 +133,7 @@
|
|||
"wheel"
|
||||
"libvirtd"
|
||||
"docker"
|
||||
"disk"
|
||||
];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
|
@ -314,4 +320,8 @@
|
|||
programs.niri.enable = true;
|
||||
programs.niri.package = pkgs.niri-unstable;
|
||||
programs.xwayland.enable = true;
|
||||
|
||||
services.udev.extraHwdb = ''
|
||||
SUBSYSTEM=="usb", SYSFS{idVendor}=="090c", SYSFS{idProduct}=="1000", ACTION=="add", GROUP="users", MODE="0664"
|
||||
'';
|
||||
}
|
||||
|
|
|
|||
11
hosts/ytnix/tailscale.nix
Normal file
11
hosts/ytnix/tailscale.nix
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
{ config, ... }: {
|
||||
services.tailscale = {
|
||||
enable = true;
|
||||
authKeyFile = config.sops.secrets."tailscale/auth".path;
|
||||
openFirewall = true;
|
||||
useRoutingFeatures = "client";
|
||||
extraUpFlags = [
|
||||
"--exit-node=100.122.132.30"
|
||||
];
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue