feat(teal): Add tailscale
We set up a headscale server, but we did not yet add a client so it
isn't possible to use it on the tailnet. Let's do that!
Change-Id: I686a6f6d8df2b4a8dd9d47389aacb0bff3abff82
Reviewed-on: https://git.clicks.codes/c/Infra/NixFiles/+/742
Reviewed-by: Samuel Shuert <coded@clicks.codes>
Tested-by: Skyler Grey <minion@clicks.codes>
diff --git a/systems/x86_64-linux/teal/default.nix b/systems/x86_64-linux/teal/default.nix
index 11e6f04..a0595cc 100644
--- a/systems/x86_64-linux/teal/default.nix
+++ b/systems/x86_64-linux/teal/default.nix
@@ -51,6 +51,12 @@
};
};
+ networking.tailscale = {
+ enable = true;
+ authKeyFile =
+ config.clicks.secrets."${lib.clicks.secrets.name ./tailscale.sops.json}".paths.authKey;
+ };
+
storage = {
raid.enable = true;
impermanence = {
@@ -108,4 +114,9 @@
];
neededForUsers = false;
};
+
+ clicks.secrets."${lib.clicks.secrets.name ./tailscale.sops.json}" = {
+ file = ./tailscale.sops.json;
+ keys = [ "authKey" ];
+ };
}
diff --git a/systems/x86_64-linux/teal/tailscale.sops.json b/systems/x86_64-linux/teal/tailscale.sops.json
new file mode 100644
index 0000000..ff1483e
--- /dev/null
+++ b/systems/x86_64-linux/teal/tailscale.sops.json
@@ -0,0 +1,36 @@
+{
+ "authKey": "ENC[AES256_GCM,data:Fpnxd58MoKDjpFWAUl9hK38p8yS6YPd0ZgdCZuIRKnEtmHXqpRcIUbcCrAuq+ja+,iv:ZOTBAJmdIdZ9WkhIoyg3Li/jSMZV8yxhrMy5TQnSCng=,tag:ZaFhr+MApSkCmPzGZWwBhw==,type:str]",
+ "sops": {
+ "kms": null,
+ "gcp_kms": null,
+ "azure_kv": null,
+ "hc_vault": null,
+ "age": null,
+ "lastmodified": "2024-06-09T22:48:26Z",
+ "mac": "ENC[AES256_GCM,data:/1hnKjEBozmYEAiISda91jsALJXo0bSC/YiMhj9GDCD8BAD74VEczSj9iTqk7pA39FLNg0+Sw8Um28azOrIe6TGFmemhnk1EkYH4k+aVGezRND/yhozvzml/UWE90sPx2xecHWUp33gfVgvbO4D8Kis0MmsSPnsopr4CAgydZkM=,iv:3OLsBKfcMJaTp4WisPczGqpVeGGxx1cr0zfFKW9XlMo=,tag:wUQDgFtJL6eCstx6dzO/mA==,type:str]",
+ "pgp": [
+ {
+ "created_at": "2024-06-09T19:37:39Z",
+ "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4D6MHlIv4I/7ASAQdA/2WUVwimMMk8s37AfsuMrhBHxdeWptDHzbEB4LQ6cGEw\nU2YTgbtQF6CeCaAAgxE7+OKPFfNPH4UgziBIvxhk1RXXLoV5rnKY9WPj95a56cxH\n0l4BDJ8dgh/ufGB2ai/3hu5z1F4vPbouKv347itkaHnhnU8ljR89cx5BgAPjVeQr\nwZi6H+H6KWS0VJtR7Ygbjzdo56Q+/F3X/xEC1GjbT7ZUBYlHAXIaQNepAE7SrnIi\n=y8Hs\n-----END PGP MESSAGE-----",
+ "fp": "BC82DF237610AE9113EB075900E944BFBE99ADB5"
+ },
+ {
+ "created_at": "2024-06-09T19:37:39Z",
+ "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DxpBiwsu2o5wSAQdAtpXcG/TCbQeoriZPp42t1YXOYE8usTsz3bifoGfwOUEw\nDIpm35PU+onEelcNndZ2UaJh2Z6M4OWuul68KxgZwF+WrXW/pIIX+3bHNBQ9mM2i\n0l4B6o2FwoUBn9P4+G7t+rKBnGadvDWNaA1Lf+qfkS6H9ohzikwE3UxDsnLdZ0RU\nJexicnSDCa/Uoao5593wiKl4rt2QE+vma7LdwoY/oqgzg6gqZWK6kMHF49u5bA6E\n=dpw2\n-----END PGP MESSAGE-----",
+ "fp": "76E0B09A741C4089522111E5F27E3E5922772E7A"
+ },
+ {
+ "created_at": "2024-06-09T19:37:39Z",
+ "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA9bzf+GUl7kkARAAxci3NfjtURRnLV7bw6xJLGxfmGzynoETHRCsEk6Wqhyo\nFRGEVJzpaadqTzvLHODI7LF6gpL3jsU50LfLqUnHHoOtBSi8qLEebow/ah2dvPaX\nX7adcwx3B05YinYZXKfIP+VZXgnKxW6r0OODhKTeWQSwxzc3aLXJBpEZPBG6ndTi\ns8TyPesMZMKi60mGr8goQZqzsEjzKfUeAZgzl55Y3+/gu252ayfYD2DHNSHMD6cs\ny6lNfQ8ECLF9+p/tauBRFiYckgqRWFZakjMlqcKX8s5zucJIPPuvwjqRTOcj3R18\nupKNCuC05yAN3GormNvwGENZ7n8p+aBBbjfc5Qqq3mgPU8+oo6Uw8inTUiL1Z1CN\nPGgSL3t4I4CIL7Znh5Ib0wA/UhOYS6G0ExiLg2LAWjBhF/oRgGafUb+O9jbibfrk\nD0PVedWY6HMV29Td45+7CgMCo7DkpHgsL4T55BjUO1bX9hmyJ3ryTRJMSmovM9db\nIGiLb57f8t2VzZcvXvn9OMCcBC1BF3BHD5y70H4ROLYqE+hl5qOqvyTF2M0XOaZ7\n8PXZgZFBrIsq6dMNHQrI0DXXzROFqBw4on2nlj3iV2j/6HTrpaUY8IZ9iXQfIwfm\n83cAtbwAnpWDrty/cchX5ZJ5mvJ4FzbHaJdxkfyriK3UQHcymveGQR1D6YgXH1/S\nXgFbNKSqFuIDPJG66U9nDbOF9zhnwvF1Ztc2pH+FmIFyk9lP7SlYflx/civfWI15\n3JD9E7iDhOFKuhlJ8mFFreRaVRBELII6qE/cFm5VTic+RXsZ8CdOLABH7oOCfm4=\n=D+Ck\n-----END PGP MESSAGE-----",
+ "fp": "8F50789F12AC6E6206EA870CE5E1C2D43B0E4AB3"
+ },
+ {
+ "created_at": "2024-06-09T19:37:39Z",
+ "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAw8Caq2TdS1qAQ//fFgBgGmOXPYWdw7U1o8Alof3ZLtErIJDCgIc4WmY6git\nTdHcnHvDsIrI8kWEOrmr+Zz+ev0Px27BlFnsCj+p/8IUqTxxpqCdOu8rh4YPeHoD\n1ktfBxpxP1kBJKvsdmP6dwttYfm2bEEKCiIOnsJI2u+cNVszSz3UbTyuoI9CKfCL\nTgqVD3tF6P/5euFzbUHEBz+rSMDmV0OJBZ2nDupeiCwveYdGYS6qKRONcG9CZ2E6\nSayfZqvYq5ec3ETzLTTzio+fpN7aJsBMfy1DHo903Wk3MlPYyGlxrYaUdSfpjXDf\ngoEcVXN2abqjipnfJHWRhU3BDzH1f4TNHvOHuRemTqo6eickjuCp20KqBoWOYqY8\nULRH/5vfGjrEj8U2jKRbDV+FSwTDktY1lsU9u8MUPwiAANhdB691lK/pjpVfVg6C\nB800DFx7z5P84IQhsDJN4PrUmktnpMqbZ4hMhQJTzTrFpVtXDwFz15TckWK+JuyY\naqHgyvpfYFylc1Orn1uSUwqOXRl8zO335aP79Ss2hgNjfZZiFEOnRvjYipT4NvC6\n/mAWGRRrzOUzLjxT3/xcPSKFLiJ9Qx7R7VmxcoEU4Vs25DkZcpLt0y38WEH25qZZ\nO9LcarohWOb5SmSQ221TlvDFy7lm0yuoQu6mGjBMedw0y+mPQ4crASOx/C/KksLS\nWAGgSGR2jGpR1vhpmYUgX2IdPKrbk6bOAQFy1Hg2I1NzXYJBncIjKqklRrXUXDZI\n272hkAs02o7NFlS0u6qWcjiMMuhfgJn1jAqLbGnaS//CKK1fUGnjhXY=\n=c6ad\n-----END PGP MESSAGE-----",
+ "fp": "67c66d58ac73fd744c2b49720f026aad93752d6a"
+ }
+ ],
+ "unencrypted_suffix": "_unencrypted",
+ "version": "3.8.1"
+ }
+}
\ No newline at end of file
diff --git a/systems/x86_64-linux/teal/tailscale.sops.json.license b/systems/x86_64-linux/teal/tailscale.sops.json.license
new file mode 100644
index 0000000..bda0f14
--- /dev/null
+++ b/systems/x86_64-linux/teal/tailscale.sops.json.license
@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2024 Clicks Codes
+
+SPDX-License-Identifier: GPL-3.0-only