From c0c435c2da78e4e1559e4aaefb78fc2a214e04a1 Mon Sep 17 00:00:00 2001 From: Jordan Holt Date: Mon, 10 Mar 2025 16:02:05 +0000 Subject: [PATCH] headscale: move out of module --- hosts/vps1/default.nix | 2 +- hosts/vps1/headscale.nix | 61 +++++++++++++++++++++++ modules/nixos/services/headscale.nix | 72 ---------------------------- 3 files changed, 62 insertions(+), 73 deletions(-) create mode 100644 hosts/vps1/headscale.nix delete mode 100644 modules/nixos/services/headscale.nix diff --git a/hosts/vps1/default.nix b/hosts/vps1/default.nix index ac378dc..238cc3d 100644 --- a/hosts/vps1/default.nix +++ b/hosts/vps1/default.nix @@ -7,6 +7,7 @@ imports = [ ./hardware-configuration.nix ./gitea.nix + ./headscale.nix ./kanidm.nix ./matrix.nix ./outline.nix @@ -67,7 +68,6 @@ realm = "turn.vimium.com"; matrixIntegration = true; }; - headscale.enable = true; nginx.enable = true; postgresql.enable = true; }; diff --git a/hosts/vps1/headscale.nix b/hosts/vps1/headscale.nix new file mode 100644 index 0000000..dfad72d --- /dev/null +++ b/hosts/vps1/headscale.nix @@ -0,0 +1,61 @@ +{ + config, + pkgs, + ... +}: + +let + domain = "headscale.vimium.net"; +in +{ + environment.systemPackages = [ pkgs.headscale ]; + + services.headscale = { + enable = true; + + port = 8080; + + settings = { + policy.path = null; + ip_prefixes = [ + "100.64.0.0/10" + ]; + server_url = "https://${domain}"; + derp = { + auto_update_enable = false; + update_frequency = "24h"; + }; + dns = { + base_domain = "mesh.vimium.net"; + extra_records = [ + { + name = "grafana.mesh.vimium.net"; + type = "A"; + value = "100.64.0.6"; + } + { + name = "home.mesh.vimium.net"; + type = "A"; + value = "100.64.0.7"; + } + ]; + magic_dns = true; + nameservers.global = [ + "9.9.9.9" + ]; + }; + logtail.enabled = false; + }; + }; + + services.nginx.virtualHosts = { + "${domain}" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://localhost:${toString config.services.headscale.port}"; + proxyWebsockets = true; + }; + }; + }; +} diff --git a/modules/nixos/services/headscale.nix b/modules/nixos/services/headscale.nix deleted file mode 100644 index bc4c856..0000000 --- a/modules/nixos/services/headscale.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -let - cfg = config.modules.services.headscale; - fqdn = "headscale.vimium.net"; -in -{ - options.modules.services.headscale = { - enable = lib.mkOption { - default = false; - example = true; - }; - }; - - config = lib.mkIf cfg.enable { - environment.systemPackages = [ pkgs.headscale ]; - - services.headscale = { - enable = true; - - port = 8080; - - settings = { - policy.path = null; - ip_prefixes = [ - "100.64.0.0/10" - ]; - server_url = "https://${fqdn}"; - derp = { - auto_update_enable = false; - update_frequency = "24h"; - }; - dns = { - base_domain = "mesh.vimium.net"; - extra_records = [ - { - name = "grafana.mesh.vimium.net"; - type = "A"; - value = "100.64.0.6"; - } - { - name = "home.mesh.vimium.net"; - type = "A"; - value = "100.64.0.7"; - } - ]; - magic_dns = true; - nameservers.global = [ - "9.9.9.9" - ]; - }; - logtail.enabled = false; - }; - }; - - services.nginx.virtualHosts = { - "${fqdn}" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://localhost:${toString config.services.headscale.port}"; - proxyWebsockets = true; - }; - }; - }; - }; -}