nixos-config/modules/headscale.nix

{ pkgs, lib, ... }:
let
  headscalePort = "6969";
  headscaleDomain = "vpn.mc-fucker.cool";
in
{
  environment = {
    systemPackages = with pkgs; [ headscale wireguard-tools ];
    etc = {
      "headscale/derp-example.yaml".text = ''
        regions:
          900:
            regionid: 900
            regioncode: custom
            regionname: My Region
            nodes:
            - name: 1a
              regionid: 1
              hostname: myderp.mydomain.no
              ipv4: 123.123.123.123
              ipv6: "2604:a880:400:d1::828:b001"
              stunport: 0
              stunonly: false
              derptestport: 0
      '';
    };
  };

  services.headscale = {
    address = "0.0.0.0";
    enable = true;
    port = (lib.strings.toInt headscalePort);
    settings = {
      server_url = "http://${headscaleDomain}:${headscalePort}";
      db_path = "/var/lib/headscale/db.sqlite";
      db_type = "sqlite3";
      ip_prefixes = [ "100.64.0.0/16" ];
      derp.paths = [ "/etc/headscale/derp-example.yaml" ];
      derp.urls = [ "https://controlplane.tailscale.com/derpmap/default" ];
      dns_config.base_domain = headscaleDomain;
      dns_config.nameservers = [ "9.9.9.9" ];
      #dns_config.extra_records = [
      #  {
      #    name = "mc-fucker.cool";
      #    type = "A";
      #    value = "100.64.0.2";
      #  }
      #];
    };
  };

  networking.firewall.allowedTCPPorts = [ (lib.strings.toInt headscalePort) ];
}

# vim: set et ts=2 sw=2 ai:
added headscale to vpn server 2021-12-03 17:51:47 +01:00			`{ pkgs, lib, ... }:`
			`let`
			`headscalePort = "6969";`
			`headscaleDomain = "vpn.mc-fucker.cool";`
			`in`
			`{`
			`environment = {`
updated wireguard package name 2022-08-01 15:06:58 +02:00			`systemPackages = with pkgs; [ headscale wireguard-tools ];`
added headscale to vpn server 2021-12-03 17:51:47 +01:00			`etc = {`
			`"headscale/derp-example.yaml".text = ''`
			`regions:`
			`900:`
			`regionid: 900`
			`regioncode: custom`
			`regionname: My Region`
			`nodes:`
			`- name: 1a`
			`regionid: 1`
			`hostname: myderp.mydomain.no`
			`ipv4: 123.123.123.123`
			`ipv6: "2604:a880:400:d1::828:b001"`
			`stunport: 0`
			`stunonly: false`
			`derptestport: 0`
			`'';`
			`};`
			`};`

changed headscale to native nixos settings 2023-09-12 15:10:27 +02:00			`services.headscale = {`
			`address = "0.0.0.0";`
			`enable = true;`
			`port = (lib.strings.toInt headscalePort);`
			`settings = {`
			`server_url = "http://${headscaleDomain}:${headscalePort}";`
			`db_path = "/var/lib/headscale/db.sqlite";`
			`db_type = "sqlite3";`
			`ip_prefixes = [ "100.64.0.0/16" ];`
			`derp.paths = [ "/etc/headscale/derp-example.yaml" ];`
			`derp.urls = [ "https://controlplane.tailscale.com/derpmap/default" ];`
			`dns_config.base_domain = headscaleDomain;`
			`dns_config.nameservers = [ "9.9.9.9" ];`
			`#dns_config.extra_records = [`
			`# {`
			`# name = "mc-fucker.cool";`
			`# type = "A";`
			`# value = "100.64.0.2";`
			`# }`
			`#];`
added headscale to vpn server 2021-12-03 17:51:47 +01:00			`};`
			`};`

			`networking.firewall.allowedTCPPorts = [ (lib.strings.toInt headscalePort) ];`
			`}`

			`# vim: set et ts=2 sw=2 ai:`