server/modules/tailscale-clicks.nix

49 lines
1.3 KiB
Nix
Raw Permalink Normal View History

2024-09-24 20:36:31 +01:00
# SPDX-FileCopyrightText: 2024 Clicks Codes
#
# SPDX-License-Identifier: GPL-3.0-only
{
config,
lib,
pkgs,
...
}:
let
cfg = config.clicks.networking.tailscale;
in
{
options.clicks.networking.tailscale = {
enable = lib.mkEnableOption "Enable tailscale for this system";
runExitNode.enable = lib.mkOption {
description = "Enable this system as an exit node on the tailnet";
default = true;
type = lib.types.bool;
};
server = lib.mkOption {
description = "Set where your control plane server is";
default = "clicks.domains";
example = "controlplane.tailscale.com";
};
authKeyFile = lib.mkOption {
type = lib.types.str;
description = "Path to key file for tailscale";
};
};
config = lib.mkIf cfg.enable {
services.tailscale = {
enable = true;
useRoutingFeatures = if cfg.runExitNode.enable then "both" else "client";
extraUpFlags = [
"--login-server=https://${cfg.server}"
"--accept-routes"
] ++ (if cfg.runExitNode.enable then [ "--advertise-exit-node" ] else [ ]);
authKeyFile = cfg.authKeyFile;
};
systemd.services.tailscaled.environment.TS_NO_LOGS_NO_SUPPORT = lib.mkIf (
cfg.server != "controlplane.tailscale.com"
) "true";
};
}