ryan.freumh.org / eilean-nix
Self-host your own digital island
fork atom

add headscale

Ryan Gibb 7383eb02 e62fe9ad

options
unified split
Changed files
+60
modules
default.nix
headscale.nix
+1
modules/default.nix 
···

       
12

       
12

       
 

       
    ./dns.nix


     

       
13

       
13

       
 

       
    ./matrix.nix


     

       
14

       
14

       
 

       
    ./turn.nix


     

       

       
15

       
+

       
    ./headscale.nix


     

       
15

       
16

       
 

       
    ./wireguard/server.nix


     

       
16

       
17

       
 

       
    ./wireguard/default.nix


     

       
17

       
18

       
 

       
  ];
+59
modules/headscale.nix 
···

       

       
1

       
+

       
{ pkgs, config, lib, ... }:


     

       

       
2

       
+

       



     

       

       
3

       
+

       
let


     

       

       
4

       
+

       
  cfg = config.eilean;


     

       

       
5

       
+

       
in {


     

       

       
6

       
+

       
  options.eilean.headscale = with lib; {


     

       

       
7

       
+

       
    enable = mkEnableOption "headscale";


     

       

       
8

       
+

       
    zone = mkOption {


     

       

       
9

       
+

       
      type = types.str;


     

       

       
10

       
+

       
      default = "${config.networking.domain}";


     

       

       
11

       
+

       
    };


     

       

       
12

       
+

       
    domain = mkOption {


     

       

       
13

       
+

       
      type = types.str;


     

       

       
14

       
+

       
      default = "headscale.${config.networking.domain}";


     

       

       
15

       
+

       
    };


     

       

       
16

       
+

       
  };


     

       

       
17

       
+

       



     

       

       
18

       
+

       
  config = lib.mkIf cfg.headscale.enable {


     

       

       
19

       
+

       
    # To set up:


     

       

       
20

       
+

       
    #   `headscale namespaces create <namespace_name>`


     

       

       
21

       
+

       
    # To add a node:


     

       

       
22

       
+

       
    #   `headscale --namespace <namespace_name> nodes register --key <machine_key>`


     

       

       
23

       
+

       
    services.headscale = {


     

       

       
24

       
+

       
      enable = true;


     

       

       
25

       
+

       
      # address = "127.0.0.1";


     

       

       
26

       
+

       
      port = 10000;


     

       

       
27

       
+

       
      serverUrl = "https://${cfg.headscale.domain}";


     

       

       
28

       
+

       
      dns = {


     

       

       
29

       
+

       
        # magicDns = true;


     

       

       
30

       
+

       
        nameservers = config.networking.nameservers;


     

       

       
31

       
+

       
        baseDomain = "${cfg.headscale.zone}";


     

       

       
32

       
+

       
      };


     

       

       
33

       
+

       
      settings = {


     

       

       
34

       
+

       
        logtail.enabled = false;


     

       

       
35

       
+

       
        ip_prefixes = [ "100.64.0.0/10" ];


     

       

       
36

       
+

       
      };


     

       

       
37

       
+

       
    };


     

       

       
38

       
+

       



     

       

       
39

       
+

       
    services.nginx.virtualHosts.${cfg.headscale.domain} = {


     

       

       
40

       
+

       
      forceSSL = true;


     

       

       
41

       
+

       
      enableACME = true;


     

       

       
42

       
+

       
      locations."/" = {


     

       

       
43

       
+

       
        proxyPass = with config.services.headscale;


     

       

       
44

       
+

       
          "http://${address}:${toString port}";


     

       

       
45

       
+

       
        proxyWebsockets = true;


     

       

       
46

       
+

       
      };


     

       

       
47

       
+

       
    };


     

       

       
48

       
+

       



     

       

       
49

       
+

       
    environment.systemPackages = [ config.services.headscale.package ];


     

       

       
50

       
+

       



     

       

       
51

       
+

       
    dns.zones.${cfg.headscale.zone}.records = [


     

       

       
52

       
+

       
      {


     

       

       
53

       
+

       
        name = "${cfg.headscale.domain}.";


     

       

       
54

       
+

       
        type = "CNAME";


     

       

       
55

       
+

       
        data = "vps";


     

       

       
56

       
+

       
      }


     

       

       
57

       
+

       
    ];


     

       

       
58

       
+

       
  };


     

       

       
59

       
+

       
}