| Skyler Grey | 8ef3481 | 2024-06-09 19:42:15 +0000 | [diff] [blame^] | 1 | # SPDX-FileCopyrightText: 2024 Clicks Codes |
| 2 | # |
| 3 | # SPDX-License-Identifier: GPL-3.0-only |
| 4 | |
| 5 | { |
| 6 | config, |
| 7 | lib, |
| 8 | pkgs, |
| 9 | ... |
| 10 | }: |
| 11 | let |
| 12 | cfg = config.clicks.networking.tailscale; |
| 13 | in |
| 14 | { |
| 15 | options.clicks.networking.tailscale = { |
| 16 | enable = lib.mkEnableOption "Enable tailscale for this system"; |
| 17 | runExitNode.enable = lib.mkOption { |
| 18 | description = "Enable this system as an exit node on the tailnet"; |
| 19 | default = true; |
| 20 | type = lib.types.bool; |
| 21 | }; |
| 22 | server = lib.mkOption { |
| 23 | description = "Set where your control plane server is"; |
| 24 | default = "https://clicks.domains"; |
| 25 | example = "https://controlplane.tailscale.com"; |
| 26 | }; |
| 27 | authKeyFile = lib.mkOption { |
| 28 | type = lib.types.str; |
| 29 | description = "Path to key file for tailscale"; |
| 30 | }; |
| 31 | }; |
| 32 | |
| 33 | config = lib.mkIf cfg.enable { |
| 34 | services.tailscale = { |
| 35 | enable = true; |
| 36 | useRoutingFeatures = if cfg.runExitNode.enable then "both" else "client"; |
| 37 | extraUpFlags = [ |
| 38 | "--login-server=${cfg.server}" |
| 39 | "--accept-routes" |
| 40 | "--ssh" |
| 41 | ] ++ (if cfg.runExitNode.enable then [ "--advertise-exit-node" ] else [ ]); |
| 42 | authKeyFile = cfg.authKeyFile; |
| 43 | }; |
| 44 | |
| 45 | clicks.storage.impermanence.persist.directories = [ "/var/lib/tailscale" ]; |
| 46 | |
| 47 | systemd.services.tailscaled.environment.TS_NO_LOGS_NO_SUPPORT = lib.mkIf ( |
| 48 | cfg.server != "https://controlplane.tailscale.com" |
| 49 | ) "true"; |
| 50 | }; |
| 51 | } |