32 lines
526 B
Nix
32 lines
526 B
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
inherit (lib)
|
|
mkEnableOption
|
|
mkOption
|
|
types
|
|
mkIf
|
|
;
|
|
cfg = config.foehammer.tailscale;
|
|
in
|
|
{
|
|
options.foehammer.tailscale = {
|
|
enable = mkEnableOption "Enable tailscale";
|
|
authKeyFile = mkOption {
|
|
type = types.nullOr types.path;
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.tailscale = {
|
|
enable = true;
|
|
authKeyFile = cfg.authKeyFile;
|
|
openFirewall = true;
|
|
};
|
|
|
|
networking.firewall.trustedInterfaces = [ "tailscale0" ];
|
|
};
|
|
}
|