anotherhadi/nixy
1
Fork 0
mirror of https://github.com/anotherhadi/nixy.git synced 2026-04-02 11:12:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

init headscale

Browse Source 
Former-commit-id: 05891cdd1d
This commit is contained in:
Hadi
2025-04-22 09:51:46 +02:00
parent a056244dd8
commit 21f9ed2d54
2 changed files with 60 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/server/configuration.nix
View File

@@ -20,6 +20,7 @@
../../server-modules/mealie.nix ../../server-modules/mealie.nix
../../server-modules/meilisearch.nix ../../server-modules/meilisearch.nix
../../server-modules/search-nixos-api.nix ../../server-modules/search-nixos-api.nix
../../server-modules/headscale.nix
# You should let those lines as is # You should let those lines as is
./hardware-configuration.nix ./hardware-configuration.nix

59
server-modules/headscale.nix Normal file
View File

@@ -0,0 +1,59 @@
{ config, ... }:
let
derpPort = 3478;
domain = "hadi.diy";
in {
services = {
headscale = {
enable = true;
port = 8085;
address = "127.0.0.1";
settings = {
dns = {
override_local_dns = true;
base_domain = "ts.${domain}";
magic_dns = true;
nameservers.global = [ "9.9.9.9" ];
# extra_records = [{
# name = "merope.${domain}";
# type = "A";
# value = "100.77.0.5";
# }];
};
server_url = "https://tailscale.${domain}";
metrics_listen_addr = "127.0.0.1:8095";
logtail = { enabled = false; };
log = { level = "warn"; };
ip_prefixes = [ "100.77.0.0/24" "fd7a:115c:a1e0:77::/64" ];
derp.server = {
enable = true;
region_id = 999;
stun_listen_addr = "0.0.0.0:${toString derpPort}";
};
};
};
nginx.virtualHosts = {
"tailscale.${domain}" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations = {
"/" = {
proxyPass =
"http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
"/metrics" = {
proxyPass =
"http://${config.services.headscale.settings.metrics_listen_addr}/metrics";
};
};
};
};
};
# Derp server
networking.firewall.allowedUDPPorts = [ derpPort ];
environment.systemPackages = [ config.services.headscale.package ];
}