mc-fucker/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

changed headscale to native nixos settings

Browse source
This commit is contained in:
mc-fucker 2023-09-12 15:10:27 +02:00
parent 7dd3f181fa
commit a5f1ea6039
1 changed files with 20 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
modules/headscale.nix
View file

@ -7,30 +7,6 @@ in
environment = { environment = {
systemPackages = with pkgs; [ headscale wireguard-tools ]; systemPackages = with pkgs; [ headscale wireguard-tools ];
etc = { etc = {
"headscale/config.yaml".text = ''
---
disable_check_updates: true
server_url: http://${headscaleDomain}:${headscalePort}
listen_addr: 0.0.0.0:${headscalePort}
ephemeral_node_inactivity_timeout: "30m"
private_key_path: /etc/nixos/keys/headscale-key
db_type: sqlite3
db_path: db.sqlite
ip_prefixes:
- 100.64.0.0/16
derp:
urls:
- https://controlplane.tailscale.com/derpmap/default
paths:
- /etc/headscale/derp-example.yaml
auto_update_enabled: true
update_frequency: 24h
dns_config:
magic_dns: true
base_domain: ${headscaleDomain}
nameservers:
- 9.9.9.9
'';
"headscale/derp-example.yaml".text = '' "headscale/derp-example.yaml".text = ''
regions: regions:
900: 900:
@ -50,15 +26,26 @@ in
}; };
}; };
systemd.services.headscale = { services.headscale = {
description = "Headscale VPN Server"; address = "0.0.0.0";
wantedBy = [ "multi-user.target" ]; enable = true;
after = [ "network-online.target" ]; port = (lib.strings.toInt headscalePort);
serviceConfig = { settings = {
ExecStart = "${pkgs.headscale}/bin/headscale serve"; server_url = "http://${headscaleDomain}:${headscalePort}";
ExecReload = "/bin/kill -HUP $MAINPID"; db_path = "/var/lib/headscale/db.sqlite";
Restart = "on-failure"; db_type = "sqlite3";
Type = "simple"; ip_prefixes = [ "100.64.0.0/16" ];
derp.paths = [ "/etc/headscale/derp-example.yaml" ];
derp.urls = [ "https://controlplane.tailscale.com/derpmap/default" ];
dns_config.base_domain = headscaleDomain;
dns_config.nameservers = [ "9.9.9.9" ];
#dns_config.extra_records = [
# {
# name = "mc-fucker.cool";
# type = "A";
# value = "100.64.0.2";
# }
#];
}; };
}; };