Gitiles
Code Review Sign In
git.clicks.codes / Chimera / NixFiles / 6b3ba704d2f9ab916dea65c1393c72d3284fdd29 / . / modules / nixos / tailscale / default.nix
blob: 04dcf2f89d91997b29fe530bba7d4bfd748dc41e [file] [log] [blame]
Skyler Grey8a24c202024-06-09 13:51:45 +0000[diff] [blame]1{
2 config,
3 lib,
4 pkgs,
5 ...
Skyler Grey101f47d2024-06-10 17:28:24 +0000[diff] [blame]6}:
7let
Skyler Grey8a24c202024-06-09 13:51:45 +0000[diff] [blame]8 cfg = config.chimera.networking.tailscale;
Skyler Grey101f47d2024-06-10 17:28:24 +0000[diff] [blame]9in
10{
Skyler Grey8a24c202024-06-09 13:51:45 +0000[diff] [blame]11 options.chimera.networking.tailscale = {
12 enable = lib.mkOption {
13 description = "Enable tailscale for this system";
14 default = true;
15 type = lib.types.bool;
16 };
17 runExitNode.enable = lib.mkEnableOption "Enable this system as an exit node on the tailnet";
18 server = lib.mkOption {
19 description = "Set where your control plane server is";
20 default = "https://clicks.domains";
21 example = "https://controlplane.tailscale.com";
22 };
23 authKeyFile = lib.mkOption {
24 type = lib.types.nullOr lib.types.str;
25 description = "Path to key file for tailscale";
26 default = null;
27 };
28 };
29
30 config = lib.mkIf cfg.enable {
31 services.tailscale = {
32 enable = true;
Skyler Grey101f47d2024-06-10 17:28:24 +0000[diff] [blame]33 useRoutingFeatures = if cfg.runExitNode.enable then "both" else "client";
34 extraUpFlags =
35 [
36 "--login-server=${cfg.server}"
37 "--accept-routes"
38 ]
39 ++ (
40 if cfg.runExitNode.enable then
41 [
42 "--advertise-exit-node"
43 "--exit-node-allow-lan-access"
44 ]
45 else
46 [ ]
47 );
Skyler Grey8a24c202024-06-09 13:51:45 +0000[diff] [blame]48 authKeyFile = lib.mkIf (cfg.authKeyFile != null) cfg.authKeyFile;
49 };
Skyler Grey6b3ba702024-06-10 17:29:36 +0000[diff] [blame^]50
51 systemd.services.tailscaled.environment.TS_NO_LOGS_NO_SUPPORT = lib.mkIf (
52 cfg.server != "https://controlplane.tailscale.com"
53 ) "true";
Skyler Grey8a24c202024-06-09 13:51:45 +0000[diff] [blame]54 };
55}