fix(headscale): override db_type option to use latest headscale
All checks were successful
Discord / discord commits (push) Has been skipped
All checks were successful
Discord / discord commits (push) Has been skipped
This commit is contained in:
parent
be7d468efc
commit
c5898a9a64
3 changed files with 52 additions and 47 deletions
|
|
@ -6,60 +6,69 @@
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
inherit (builtins) readFile;
|
inherit (builtins) readFile;
|
||||||
|
inherit (lib) mkAfter mkOption;
|
||||||
|
|
||||||
inherit (config.vars) mainUser hostName;
|
inherit (config.vars) mainUser hostName;
|
||||||
headscale-flake = headscale.packages.${pkgs.system}.headscale;
|
headscale-flake = headscale.packages.${pkgs.system}.headscale;
|
||||||
|
|
||||||
clusterIP = config.services.pcsd.virtualIps.caddy-vip.ip;
|
clusterIP = config.services.pcsd.virtualIps.caddy-vip.ip;
|
||||||
in {
|
in {
|
||||||
environment.systemPackages = [headscale-flake];
|
# FIXME: wait for nixpkgs to reach this : https://github.com/juanfont/headscale/commit/94b30abf56ae09d82a1541bbc3d19557914f9b27
|
||||||
users.users.${mainUser}.extraGroups = ["headscale"];
|
options.services.headscale.settings.db_type = mkOption {
|
||||||
|
type = lib.types.enum ["sqlite" "postgres"];
|
||||||
|
};
|
||||||
|
|
||||||
home-manager.users.${mainUser}
|
config = {
|
||||||
.programs.bash.bashrcExtra = lib.mkAfter (readFile ./completion.bash);
|
environment.systemPackages = [headscale-flake];
|
||||||
|
users.users.${mainUser}.extraGroups = ["headscale"];
|
||||||
|
|
||||||
services.headscale = {
|
home-manager.users.${mainUser}
|
||||||
enable = true;
|
.programs.bash.bashrcExtra = mkAfter (readFile ./completion.bash);
|
||||||
package = headscale-flake;
|
|
||||||
|
|
||||||
address = clusterIP;
|
services.headscale = {
|
||||||
port = 8085;
|
enable = true;
|
||||||
|
package = headscale-flake;
|
||||||
|
|
||||||
settings = {
|
address = clusterIP;
|
||||||
server_url = "https://headscale.nelim.org";
|
port = 8085;
|
||||||
ip_prefixes = ["100.64.0.0/10"];
|
|
||||||
metrics_listen_addr = "127.0.0.1:9090";
|
|
||||||
grpc_listen_addr = "0.0.0.0:50443";
|
|
||||||
grpc_allow_insecure = false;
|
|
||||||
disable_check_updates = true;
|
|
||||||
unix_socket_permission = "0770";
|
|
||||||
|
|
||||||
db_type = "sqlite3";
|
settings = {
|
||||||
db_path = "/var/lib/headscale/db.sqlite";
|
server_url = "https://headscale.nelim.org";
|
||||||
private_key_path = "/var/lib/headscale/private.key";
|
ip_prefixes = ["100.64.0.0/10"];
|
||||||
noise.private_key_path = "/var/lib/headscale/noise_private.key";
|
metrics_listen_addr = "127.0.0.1:9090";
|
||||||
|
grpc_listen_addr = "0.0.0.0:50443";
|
||||||
|
grpc_allow_insecure = false;
|
||||||
|
disable_check_updates = true;
|
||||||
|
unix_socket_permission = "0770";
|
||||||
|
|
||||||
dns_config = let
|
db_type = "sqlite";
|
||||||
caddyIp =
|
db_path = "/var/lib/headscale/db.sqlite";
|
||||||
if hostName == "thingone"
|
private_key_path = "/var/lib/headscale/private.key";
|
||||||
then "100.64.0.8"
|
noise.private_key_path = "/var/lib/headscale/noise_private.key";
|
||||||
else "100.64.0.9";
|
|
||||||
in {
|
|
||||||
magic_dns = false;
|
|
||||||
override_local_dns = true;
|
|
||||||
nameservers = [caddyIp];
|
|
||||||
};
|
|
||||||
|
|
||||||
derp = {
|
dns_config = let
|
||||||
urls = [];
|
caddyIp =
|
||||||
|
if hostName == "thingone"
|
||||||
|
then "100.64.0.8"
|
||||||
|
else "100.64.0.9";
|
||||||
|
in {
|
||||||
|
magic_dns = false;
|
||||||
|
override_local_dns = true;
|
||||||
|
nameservers = [caddyIp];
|
||||||
|
};
|
||||||
|
|
||||||
server = {
|
derp = {
|
||||||
enabled = true;
|
urls = [];
|
||||||
stun_listen_addr = "${clusterIP}:3479";
|
|
||||||
private_key_path = "/var/lib/headscale/derp_server_private.key";
|
|
||||||
|
|
||||||
region_id = 995;
|
server = {
|
||||||
region_code = "mon";
|
enabled = true;
|
||||||
region_name = "montreal";
|
stun_listen_addr = "${clusterIP}:3479";
|
||||||
|
private_key_path = "/var/lib/headscale/derp_server_private.key";
|
||||||
|
|
||||||
|
region_id = 995;
|
||||||
|
region_code = "mon";
|
||||||
|
region_name = "montreal";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -392,17 +392,16 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1707460001,
|
"lastModified": 1711135921,
|
||||||
"narHash": "sha256-K9ULZEAr4mdB6ds/uoAcwLecj+ss2OQvJHKk+P91REA=",
|
"narHash": "sha256-vv8+DnV4inQn+MfXCB0WMVLXAW4NbP2Em3VASbjeIjA=",
|
||||||
"owner": "juanfont",
|
"owner": "juanfont",
|
||||||
"repo": "headscale",
|
"repo": "headscale",
|
||||||
"rev": "00e7550e760b2d3d759471ff55d2b6e2dc81ad2b",
|
"rev": "8a8e25a8d1e6bc5fa27b7f72f99bbf24b290e0a6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "juanfont",
|
"owner": "juanfont",
|
||||||
"repo": "headscale",
|
"repo": "headscale",
|
||||||
"rev": "00e7550e760b2d3d759471ff55d2b6e2dc81ad2b",
|
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -171,9 +171,6 @@
|
||||||
owner = "juanfont";
|
owner = "juanfont";
|
||||||
repo = "headscale";
|
repo = "headscale";
|
||||||
|
|
||||||
# FIXME: wait for nixpkgs to reach this : https://github.com/juanfont/headscale/commit/94b30abf56ae09d82a1541bbc3d19557914f9b27
|
|
||||||
rev = "00e7550e760b2d3d759471ff55d2b6e2dc81ad2b";
|
|
||||||
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue