949b5f8f21
- Updated `dns_config` to `dns` and adjusted nested fields accordingly. - Commented out default log level and base domain for clarity. - Changed `ip_prefixes` to `prefixes.v4` to match expected configuration format.
50 lines
1.1 KiB
Nix
50 lines
1.1 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
let
|
|
domain = "vipienne.giugl.io";
|
|
headscalePkg = pkgs.headscale;
|
|
in
|
|
{
|
|
environment.systemPackages = [ headscalePkg ];
|
|
|
|
architect = {
|
|
firewall = {
|
|
openUDP = [ config.services.tailscale.port ];
|
|
};
|
|
|
|
vhost.${domain} = {
|
|
dnsInterfaces = [ "lan" "tailscale" ];
|
|
locations."/" = {
|
|
port = config.services.headscale.port;
|
|
allowWAN = true;
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
services.headscale = {
|
|
enable = true;
|
|
package = headscalePkg;
|
|
port = 1194;
|
|
|
|
settings = {
|
|
server_url = "https://${domain}";
|
|
# log.level = "debug";
|
|
dns = {
|
|
magic_dns = false;
|
|
# base_domain = domain;
|
|
override_local_dns = true;
|
|
global = [
|
|
config.architect.networks.tailscale.devices.architect.address
|
|
];
|
|
nameservers.global = [
|
|
config.architect.networks.tailscale.devices.architect.address
|
|
];
|
|
};
|
|
logtail.enabled = false;
|
|
prefixes.v4 = config.architect.networks.tailscale.net;
|
|
noise.private_key_path = "/var/lib/headscale/noise_private.key";
|
|
};
|
|
};
|
|
}
|