diff --git a/devices/oksys/default.nix b/devices/oksys/default.nix index a3878f2..558d184 100644 --- a/devices/oksys/default.nix +++ b/devices/oksys/default.nix @@ -1,5 +1,10 @@ {...}: { imports = [ + #./hardware-configuration.nix + + ../../modules/tailscale.nix + + ./modules/headscale.nix ]; services.device-vars = { @@ -12,6 +17,7 @@ "wheel" "adm" "mlocate" + "headscale" ]; }; home-manager.users = { diff --git a/devices/oksys/modules/headscale.nix b/devices/oksys/modules/headscale.nix new file mode 100644 index 0000000..fc654bf --- /dev/null +++ b/devices/oksys/modules/headscale.nix @@ -0,0 +1,51 @@ +{ + headscale, + pkgs, + ... +}: { + environment.systemPackages = [ + headscale.packages.${pkgs.system}.headscale + ]; + + services.headscale = { + enable = true; + package = headscale.packages.${pkgs.system}.headscale; + + address = "127.0.0.1"; + port = 8085; + + settings = { + server_url = "https://headscale.nelim.org"; + ip_prefixes = ["100.64.0.0/10"]; + metrics_listen_addr = "127.0.0.1:9090"; + grpc_listen_addr = "0.0.0.0:50443"; + grpc_allow_insecure = false; + disable_check_updates = true; + + db_type = "sqlite3"; + db_path = "/var/lib/headscale/db.sqlite"; + private_key_path = "/var/lib/headscale/private.key"; + noise.private_key_path = "/var/lib/headscale/noise_private.key"; + + dns_config = { + magic_dns = false; + override_local_dns = true; + nameservers = ["100.64.0.1"]; + }; + + derp = { + urls = []; + + server = { + enabled = true; + stun_listen_addr = "0.0.0.0:3479"; + private_key_path = "/var/lib/headscale/derp_server_private.key"; + + region_id = 995; + region_code = "mon"; + region_name = "montreal"; + }; + }; + }; + }; +} diff --git a/flake.lock b/flake.lock index 11dfb2c..7feca98 100644 --- a/flake.lock +++ b/flake.lock @@ -192,14 +192,14 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_3" + "systems": "systems_2" }, "locked": { - "lastModified": 1685518550, - "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -213,11 +213,11 @@ "systems": "systems_4" }, "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "owner": "numtide", "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", "type": "github" }, "original": { @@ -244,6 +244,45 @@ "type": "github" } }, + "flake-utils_5": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "headscale": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1701106372, + "narHash": "sha256-G/vY0sIjs4JQoBSDDV+4OrNJlNtesxwSIFlBtPp5DJM=", + "owner": "juanfont", + "repo": "headscale", + "rev": "85e92db505b3217d45f248c339972cf7ad169d51", + "type": "github" + }, + "original": { + "owner": "juanfont", + "repo": "headscale", + "type": "github" + } + }, "hercules-ci-effects": { "inputs": { "flake-parts": "flake-parts_2", @@ -312,7 +351,7 @@ "nixpkgs": [ "nixpkgs" ], - "systems": "systems_2", + "systems": "systems_3", "wlroots": "wlroots", "xdph": "xdph" }, @@ -357,7 +396,7 @@ }, "lib-aggregate": { "inputs": { - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nixpkgs-lib": "nixpkgs-lib_3" }, "locked": { @@ -400,7 +439,7 @@ }, "neovim-flake_2": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "nixpkgs": [ "neovim-flake", "nixpkgs" @@ -544,11 +583,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1701200459, - "narHash": "sha256-Kgz1V2REFAeiEmNVQ5m7XubQoxst2e+L4g11MM/2xK4=", + "lastModified": 1701216885, + "narHash": "sha256-O3eB154BtGwYv2uQPCrekK0zEyx8KI6vvMLsQyzWct4=", "owner": "nix-community", "repo": "nix-melt", - "rev": "5c626e9880b1a14ae07690aea33877c31c4e4d1f", + "rev": "4ca0f9248bed9f9f85a89adf684ae487e8494967", "type": "github" }, "original": { @@ -679,11 +718,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1700794826, - "narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=", + "lastModified": 1701068326, + "narHash": "sha256-vmMceA+q6hG1yrjb+MP8T0YFDQIrW3bl45e7z24IEts=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8", + "rev": "8cfef6986adfb599ba379ae53c9f5631ecd2fd9c", "type": "github" }, "original": { @@ -743,11 +782,11 @@ }, "nur": { "locked": { - "lastModified": 1701203997, - "narHash": "sha256-p7u4S+JyqeSY69RoMxYH4G2z8VWBTw2AHt0M/DMa8o8=", + "lastModified": 1701223432, + "narHash": "sha256-mp7k/+KLC7VlxMLMgzoJoxZxO42txGJlL2gnx87xypw=", "owner": "nix-community", "repo": "NUR", - "rev": "c713d19b37b4ee88925a6fcf653a9f2af73e82e0", + "rev": "affe0f69f2dda1ffb7f00a5db5cfdf1173299b3d", "type": "github" }, "original": { @@ -761,11 +800,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1701199500, - "narHash": "sha256-hUaQG6hKL1L0AmOKhDfEn/ig//TfTpDqkqM1WQVGAIg=", + "lastModified": 1701222402, + "narHash": "sha256-7yvQ5iNdn3rqShmMGf0PS53smaW8kM38TMkhFgEsnFA=", "owner": "nix-community", "repo": "nurl", - "rev": "67a5e75e08d8abeadf86444722971915050946eb", + "rev": "66b80c8efaaa39c45ee67b9c3a3671498bf0f03d", "type": "github" }, "original": { @@ -778,6 +817,7 @@ "inputs": { "ags": "ags", "coc-stylelintplus-flake": "coc-stylelintplus-flake", + "headscale": "headscale", "home-manager": "home-manager", "hyprgrass": "hyprgrass", "hyprland": "hyprland", @@ -809,21 +849,6 @@ } }, "systems_2": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_3": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -838,6 +863,21 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + }, "systems_4": { "locked": { "lastModified": 1681028828, @@ -868,9 +908,24 @@ "type": "github" } }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "tree-sitter-hypr-flake": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "nixpkgs": [ "nixpkgs" ] diff --git a/flake.nix b/flake.nix index b2909f3..d4c8544 100644 --- a/flake.nix +++ b/flake.nix @@ -12,6 +12,11 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + headscale = { + url = "github:juanfont/headscale"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + hyprland = { url = "github:hyprwm/Hyprland"; inputs.nixpkgs.follows = "nixpkgs";