blob: 827a3f0293d5354b6cc2a45cf507416dd1e8d32b [file] [log] [blame]
Skyler Grey8ef34812024-06-09 19:42:15 +00001# SPDX-FileCopyrightText: 2024 Clicks Codes
2#
3# SPDX-License-Identifier: GPL-3.0-only
4
5{
6 config,
7 lib,
8 pkgs,
9 ...
10}:
11let
12 cfg = config.clicks.networking.tailscale;
13in
14{
15 options.clicks.networking.tailscale = {
16 enable = lib.mkEnableOption "Enable tailscale for this system";
17 runExitNode.enable = lib.mkOption {
18 description = "Enable this system as an exit node on the tailnet";
19 default = true;
20 type = lib.types.bool;
21 };
22 server = lib.mkOption {
23 description = "Set where your control plane server is";
Skyler Grey37f90972024-06-22 14:30:56 +000024 default = "clicks.domains";
25 example = "controlplane.tailscale.com";
Skyler Grey8ef34812024-06-09 19:42:15 +000026 };
27 authKeyFile = lib.mkOption {
28 type = lib.types.str;
29 description = "Path to key file for tailscale";
30 };
31 };
32
33 config = lib.mkIf cfg.enable {
34 services.tailscale = {
35 enable = true;
36 useRoutingFeatures = if cfg.runExitNode.enable then "both" else "client";
37 extraUpFlags = [
Skyler Grey37f90972024-06-22 14:30:56 +000038 "--login-server=https://${cfg.server}"
Skyler Grey8ef34812024-06-09 19:42:15 +000039 "--accept-routes"
Skyler Grey8ef34812024-06-09 19:42:15 +000040 ] ++ (if cfg.runExitNode.enable then [ "--advertise-exit-node" ] else [ ]);
41 authKeyFile = cfg.authKeyFile;
42 };
43
44 clicks.storage.impermanence.persist.directories = [ "/var/lib/tailscale" ];
45
46 systemd.services.tailscaled.environment.TS_NO_LOGS_NO_SUPPORT = lib.mkIf (
Skyler Grey37f90972024-06-22 14:30:56 +000047 cfg.server != "controlplane.tailscale.com"
Skyler Grey8ef34812024-06-09 19:42:15 +000048 ) "true";
49 };
50}