pyrox.dev / nixpkgs
lol
fork atom

nixos/headscale: remove much-loosened-up server_url check (#374374)

misuzu.tngl.sh ece71c6f 31680c6f

options
unified split
Changed files
-10
nixos
modules
services
networking
headscale.nix
-10
nixos/modules/services/networking/headscale.nix 
···

       
560

       
 

       
  config = lib.mkIf cfg.enable {


     

       
561

       
 

       
    assertions = [


     

       
562

       
 

       
      {


     

       
563

       
-

       
        # This is stricter than it needs to be but is exactly what upstream does:


     

       
564

       
-

       
        # https://github.com/kradalby/headscale/blob/adc084f20f843d7963c999764fa83939668d2d2c/hscontrol/types/config.go#L799


     

       
565

       
-

       
        assertion =


     

       
566

       
-

       
          with cfg.settings;


     

       
567

       
-

       
          dns.use_username_in_magic_dns or false


     

       
568

       
-

       
          || dns.base_domain == ""


     

       
569

       
-

       
          || !lib.hasInfix dns.base_domain server_url;


     

       
570

       
-

       
        message = "server_url cannot contain the base_domain, this will cause the headscale server and embedded DERP to become unreachable from the Tailscale node.";


     

       
571

       
-

       
      }


     

       
572

       
-

       
      {


     

       
573

       
 

       
        assertion = with cfg.settings; dns.magic_dns -> dns.base_domain != "";


     

       
574

       
 

       
        message = "dns.base_domain must be set when using MagicDNS";


     

       
575

       
 

       
      }


     
···

       
560

       
 

       
  config = lib.mkIf cfg.enable {


     

       
561

       
 

       
    assertions = [


     

       
562

       
 

       
      {


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
563

       
 

       
        assertion = with cfg.settings; dns.magic_dns -> dns.base_domain != "";


     

       
564

       
 

       
        message = "dns.base_domain must be set when using MagicDNS";


     

       
565

       
 

       
      }