fix(headscale): override db_type option to use latest headscale

2024-03-31 23:42:49 -04:00 · 2024-03-31 23:42:49 -04:00 · c5898a9a64
parent be7d468efc
commit c5898a9a64
3 changed files with 52 additions and 47 deletions
--- a/devices/cluster/modules/headscale/default.nix
+++ b/devices/cluster/modules/headscale/default.nix
@ -6,60 +6,69 @@
  ...
 }: let
  inherit (builtins) readFile;
+  inherit (lib) mkAfter mkOption;
+
  inherit (config.vars) mainUser hostName;
  headscale-flake = headscale.packages.${pkgs.system}.headscale;

  clusterIP = config.services.pcsd.virtualIps.caddy-vip.ip;
 in {
-  environment.systemPackages = [headscale-flake];
-  users.users.${mainUser}.extraGroups = ["headscale"];
+  # FIXME: wait for nixpkgs to reach this : https://github.com/juanfont/headscale/commit/94b30abf56ae09d82a1541bbc3d19557914f9b27
+  options.services.headscale.settings.db_type = mkOption {
+    type = lib.types.enum ["sqlite" "postgres"];
+  };

-  home-manager.users.${mainUser}
-    .programs.bash.bashrcExtra = lib.mkAfter (readFile ./completion.bash);
+  config = {
+    environment.systemPackages = [headscale-flake];
+    users.users.${mainUser}.extraGroups = ["headscale"];

-  services.headscale = {
-    enable = true;
-    package = headscale-flake;
+    home-manager.users.${mainUser}
+    .programs.bash.bashrcExtra = mkAfter (readFile ./completion.bash);

-    address = clusterIP;
-    port = 8085;
+    services.headscale = {
+      enable = true;
+      package = headscale-flake;

-    settings = {
-      server_url = "https://headscale.nelim.org";
-      ip_prefixes = ["100.64.0.0/10"];
-      metrics_listen_addr = "127.0.0.1:9090";
-      grpc_listen_addr = "0.0.0.0:50443";
-      grpc_allow_insecure = false;
-      disable_check_updates = true;
-      unix_socket_permission = "0770";
+      address = clusterIP;
+      port = 8085;

-      db_type = "sqlite3";
-      db_path = "/var/lib/headscale/db.sqlite";
-      private_key_path = "/var/lib/headscale/private.key";
-      noise.private_key_path = "/var/lib/headscale/noise_private.key";
+      settings = {
+        server_url = "https://headscale.nelim.org";
+        ip_prefixes = ["100.64.0.0/10"];
+        metrics_listen_addr = "127.0.0.1:9090";
+        grpc_listen_addr = "0.0.0.0:50443";
+        grpc_allow_insecure = false;
+        disable_check_updates = true;
+        unix_socket_permission = "0770";

-      dns_config = let
-        caddyIp =
-          if hostName == "thingone"
-          then "100.64.0.8"
-          else "100.64.0.9";
-      in {
-        magic_dns = false;
-        override_local_dns = true;
-        nameservers = [caddyIp];
-      };
+        db_type = "sqlite";
+        db_path = "/var/lib/headscale/db.sqlite";
+        private_key_path = "/var/lib/headscale/private.key";
+        noise.private_key_path = "/var/lib/headscale/noise_private.key";

-      derp = {
-        urls = [];
+        dns_config = let
+          caddyIp =
+            if hostName == "thingone"
+            then "100.64.0.8"
+            else "100.64.0.9";
+        in {
+          magic_dns = false;
+          override_local_dns = true;
+          nameservers = [caddyIp];
+        };

-        server = {
-          enabled = true;
-          stun_listen_addr = "${clusterIP}:3479";
-          private_key_path = "/var/lib/headscale/derp_server_private.key";
+        derp = {
+          urls = [];

-          region_id = 995;
-          region_code = "mon";
-          region_name = "montreal";
+          server = {
+            enabled = true;
+            stun_listen_addr = "${clusterIP}:3479";
+            private_key_path = "/var/lib/headscale/derp_server_private.key";
+
+            region_id = 995;
+            region_code = "mon";
+            region_name = "montreal";
+          };
        };
      };
    };
--- a/flake.lock
+++ b/flake.lock
@ -392,17 +392,16 @@
        ]
      },
      "locked": {
-        "lastModified": 1707460001,
-        "narHash": "sha256-K9ULZEAr4mdB6ds/uoAcwLecj+ss2OQvJHKk+P91REA=",
+        "lastModified": 1711135921,
+        "narHash": "sha256-vv8+DnV4inQn+MfXCB0WMVLXAW4NbP2Em3VASbjeIjA=",
        "owner": "juanfont",
        "repo": "headscale",
-        "rev": "00e7550e760b2d3d759471ff55d2b6e2dc81ad2b",
+        "rev": "8a8e25a8d1e6bc5fa27b7f72f99bbf24b290e0a6",
        "type": "github"
      },
      "original": {
        "owner": "juanfont",
        "repo": "headscale",
-        "rev": "00e7550e760b2d3d759471ff55d2b6e2dc81ad2b",
        "type": "github"
      }
    },
--- a/flake.nix
+++ b/flake.nix
@ -171,9 +171,6 @@
      owner = "juanfont";
      repo = "headscale";

-      # FIXME: wait for nixpkgs to reach this : https://github.com/juanfont/headscale/commit/94b30abf56ae09d82a1541bbc3d19557914f9b27
-      rev = "00e7550e760b2d3d759471ff55d2b6e2dc81ad2b";
-
      inputs.nixpkgs.follows = "nixpkgs";
    };