Skyler Grey | 8a24c20 | 2024-06-09 13:51:45 +0000 | [diff] [blame] | 1 | { |
| 2 | config, |
| 3 | lib, |
| 4 | pkgs, |
| 5 | ... |
| 6 | }: let |
| 7 | cfg = config.chimera.networking.tailscale; |
| 8 | in { |
| 9 | options.chimera.networking.tailscale = { |
| 10 | enable = lib.mkOption { |
| 11 | description = "Enable tailscale for this system"; |
| 12 | default = true; |
| 13 | type = lib.types.bool; |
| 14 | }; |
| 15 | runExitNode.enable = lib.mkEnableOption "Enable this system as an exit node on the tailnet"; |
| 16 | server = lib.mkOption { |
| 17 | description = "Set where your control plane server is"; |
| 18 | default = "https://clicks.domains"; |
| 19 | example = "https://controlplane.tailscale.com"; |
| 20 | }; |
| 21 | authKeyFile = lib.mkOption { |
| 22 | type = lib.types.nullOr lib.types.str; |
| 23 | description = "Path to key file for tailscale"; |
| 24 | default = null; |
| 25 | }; |
| 26 | }; |
| 27 | |
| 28 | config = lib.mkIf cfg.enable { |
| 29 | services.tailscale = { |
| 30 | enable = true; |
| 31 | useRoutingFeatures = if cfg.runExitNode.enable then "server" else "client"; |
| 32 | extraUpFlags = [ |
| 33 | "--login-server=${cfg.server}" |
| 34 | "--accept-routes" |
| 35 | "--ssh" |
| 36 | ] ++ (if cfg.runExitNode.enable then [ |
| 37 | "--advertise-exit-node" |
| 38 | "--exit-node-allow-lan-access" |
| 39 | ] else []); |
| 40 | authKeyFile = lib.mkIf (cfg.authKeyFile != null) cfg.authKeyFile; |
| 41 | }; |
| 42 | }; |
| 43 | } |