From 0a2dc94fdfb3276c743450fa404c972a3c77d0c1 Mon Sep 17 00:00:00 2001
From: matt1432 <matt@nelim.org>
Date: Wed, 20 Dec 2023 22:01:29 -0500
Subject: [PATCH] fix(headscale): set group perms on socket

---
 devices/oksys/modules/headscale.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/oksys/modules/headscale.nix b/devices/oksys/modules/headscale.nix
index eb9bddc..6bc310c 100644
--- a/devices/oksys/modules/headscale.nix
+++ b/devices/oksys/modules/headscale.nix
@@ -6,7 +6,6 @@
 }: let
   headscale-flake = headscale.packages.${pkgs.system}.headscale;
 in {
-  # FIXME: no permissions
   environment.systemPackages = [headscale-flake];
   users.users.${config.vars.user}.extraGroups = ["headscale"];
 
@@ -24,6 +23,7 @@ in {
       grpc_listen_addr = "0.0.0.0:50443";
       grpc_allow_insecure = false;
       disable_check_updates = true;
+      unix_socket_permission = "0770";
 
       db_type = "sqlite3";
       db_path = "/var/lib/headscale/db.sqlite";