servers/common/tailscale.nix

{
  config,
  lib,
  ...
}: let
  inherit (lib) mkEnableOption mkOption types mkIf;
  cfg = config.foehammer.tailscale;
in {
  options.foehammer.tailscale = {
    enable = mkEnableOption "Enable tailscale";
    authKeyFile = mkOption {
      type = types.nullOr types.path;
    };
  };

  config = mkIf cfg.enable {
    services.tailscale = {
      enable = true;
      authKeyFile = cfg.authKeyFile;
      openFirewall = true;
    };

    networking.firewall.trustedInterfaces = ["tailscale0"];
  };
}
Refactor Tailscale and Restic Into Common Nixos Modules. 2025-02-07 17:14:52 -06:00			`{`
			`config,`
			`lib,`
			`...`
			`}: let`
			`inherit (lib) mkEnableOption mkOption types mkIf;`
			`cfg = config.foehammer.tailscale;`
			`in {`
			`options.foehammer.tailscale = {`
			`enable = mkEnableOption "Enable tailscale";`
			`authKeyFile = mkOption {`
			`type = types.nullOr types.path;`
			`};`
			`};`

			`config = mkIf cfg.enable {`
			`services.tailscale = {`
			`enable = true;`
			`authKeyFile = cfg.authKeyFile;`
			`openFirewall = true;`
			`};`

			`networking.firewall.trustedInterfaces = ["tailscale0"];`
			`};`
			`}`