blob: 80153e4381976590b099c6e678199db1ba6a30d4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
{ config, lib, pkgs, ... }:
{
# services.headscale = {
# enable = true;
# settings = {
# server_url = "https://headscale.noms.ing";
# listen_addr = "127.0.0.1:8323";
# # oidc = {
# # only_start_if_oidc_is_available = true;
# # issuer = "https://idm.cuties.network/oauth2/openid/headscale";
# # client_id = "headscale";
# # client_secret_path = "/run/secrets/headscale_oidc_secret";
# # strip_email_domain = true;
# # };
# # dns_config.magic_dns = true;
# # dns_config.domains = [ "nodes.headscale.noms.ing" ];
# # dns_config.base_domain = "ts.cuties.network";
# };
# };
# users.users.headscale.extraGroups = [ config.users.groups.keys.name ];
# sops.secrets.headscale_oidc_secret = {
# owner = config.users.users.headscale.name;
# sopsFile = ./headscale.sops.yaml;
# };
services.nginx.virtualHosts."headscale.noms.ing" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:8323";
proxyWebsockets = true;
};
};
# services.tailscale.enable = true;
}
|
