config/modules/services/tailscale/default.nix

{
  config,
  lib,
  myData,
  ...
}:
let
  cfg = config.mj.services.tailscale;
  inherit (lib)
    mkMerge
    types
    mkEnableOption
    mkOption
    mkIf
    ;
in
{
  options.mj.services.tailscale = with types; {
    enable = mkEnableOption "Enable tailscale";
    acceptDNS = mkOption {
      type = bool;
      default = false;
    };
    # https://github.com/tailscale/tailscale/issues/1548
    verboseLogs = mkOption {
      type = bool;
      default = false;
    };
  };

  config = mkIf cfg.enable (mkMerge [
    {
      services.tailscale = {
        enable = true;
        extraUpFlags = [
          "--operator=${config.mj.username}"
        ];
        extraSetFlags = [
          "--accept-dns=${if cfg.acceptDNS then "true" else "false"}"
          "--accept-routes=true"
        ];
      };
      networking.firewall.checkReversePath = "loose";
      networking.firewall.allowedUDPPorts = [ myData.ports.tailscale ];
    }
    (mkIf (!cfg.verboseLogs) { systemd.services.tailscaled.serviceConfig.StandardOutput = "null"; })
  ]);
}
tailscale: silence logs on some machines 2023-09-14 11:37:55 +00:00			`{`
			`config,`
			`lib,`
			`myData,`
			`...`
nix fmt 2024-07-29 12:39:54 +00:00			`}:`
			`let`
silenceLogs is not picked up Result: $ cat result/etc/systemd/system/tailscaled.service [Unit] Description=Tailscale node agent Documentation=https://tailscale.com/kb/ Wants=network-pre.target After=network-pre.target NetworkManager.service systemd-resolved.service [Service] ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port= ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup Restart=on-failure RuntimeDirectory=tailscale RuntimeDirectoryMode=0755 StateDirectory=tailscale StateDirectoryMode=0700 CacheDirectory=tailscale CacheDirectoryMode=0750 Type=notify [Install] WantedBy=multi-user.target 2023-09-14 12:03:00 +00:00			`cfg = config.mj.services.tailscale;`
nix fmt 2024-07-29 12:39:54 +00:00			`inherit (lib)`
			`mkMerge`
			`types`
			`mkEnableOption`
			`mkOption`
			`mkIf`
			`;`
			`in`
			`{`
silenceLogs is not picked up Result: $ cat result/etc/systemd/system/tailscaled.service [Unit] Description=Tailscale node agent Documentation=https://tailscale.com/kb/ Wants=network-pre.target After=network-pre.target NetworkManager.service systemd-resolved.service [Service] ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port= ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup Restart=on-failure RuntimeDirectory=tailscale RuntimeDirectoryMode=0755 StateDirectory=tailscale StateDirectoryMode=0700 CacheDirectory=tailscale CacheDirectoryMode=0750 Type=notify [Install] WantedBy=multi-user.target 2023-09-14 12:03:00 +00:00			`options.mj.services.tailscale = with types; {`
			`enable = mkEnableOption "Enable tailscale";`
tailscale: --accept-dns=false 2024-11-21 04:50:25 +00:00			`acceptDNS = mkOption {`
			`type = bool;`
			`default = false;`
			`};`
tailscale: silence logs on some machines 2023-09-14 11:37:55 +00:00			`# https://github.com/tailscale/tailscale/issues/1548`
silenceLogs => !verboseLogs 2023-10-22 20:06:06 +00:00			`verboseLogs = mkOption {`
tailscale: silence logs on some machines 2023-09-14 11:37:55 +00:00			`type = bool;`
silenceLogs => !verboseLogs 2023-10-22 20:06:06 +00:00			`default = false;`
tailscale: silence logs on some machines 2023-09-14 11:37:55 +00:00			`};`
			`};`

enable statx 2023-10-01 20:14:05 +00:00			`config = mkIf cfg.enable (mkMerge [`
silenceLogs is not picked up Result: $ cat result/etc/systemd/system/tailscaled.service [Unit] Description=Tailscale node agent Documentation=https://tailscale.com/kb/ Wants=network-pre.target After=network-pre.target NetworkManager.service systemd-resolved.service [Service] ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port= ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup Restart=on-failure RuntimeDirectory=tailscale RuntimeDirectoryMode=0755 StateDirectory=tailscale StateDirectoryMode=0700 CacheDirectory=tailscale CacheDirectoryMode=0750 Type=notify [Install] WantedBy=multi-user.target 2023-09-14 12:03:00 +00:00			`{`
tailscale: --operator=motiejus 2024-03-05 09:39:10 +00:00			`services.tailscale = {`
			`enable = true;`
tailscale: --accept-dns=false 2024-11-21 04:50:25 +00:00			`extraUpFlags = [`
			`"--operator=${config.mj.username}"`
fix tailscaled dns 2024-11-21 04:54:12 +00:00			`];`
			`extraSetFlags = [`
			`"--accept-dns=${if cfg.acceptDNS then "true" else "false"}"`
accept-routes=true is a set flag 2025-01-17 13:39:52 +00:00			`"--accept-routes=true"`
tailscale: --accept-dns=false 2024-11-21 04:50:25 +00:00			`];`
tailscale: --operator=motiejus 2024-03-05 09:39:10 +00:00			`};`
re-enable tailscale, oops 2023-09-14 11:48:54 +00:00			`networking.firewall.checkReversePath = "loose";`
nix fmt 2024-07-29 12:39:54 +00:00			`networking.firewall.allowedUDPPorts = [ myData.ports.tailscale ];`
silenceLogs is not picked up Result: $ cat result/etc/systemd/system/tailscaled.service [Unit] Description=Tailscale node agent Documentation=https://tailscale.com/kb/ Wants=network-pre.target After=network-pre.target NetworkManager.service systemd-resolved.service [Service] ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port= ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup Restart=on-failure RuntimeDirectory=tailscale RuntimeDirectoryMode=0755 StateDirectory=tailscale StateDirectoryMode=0700 CacheDirectory=tailscale CacheDirectoryMode=0750 Type=notify [Install] WantedBy=multi-user.target 2023-09-14 12:03:00 +00:00			`}`
nix fmt 2024-07-29 12:39:54 +00:00			`(mkIf (!cfg.verboseLogs) { systemd.services.tailscaled.serviceConfig.StandardOutput = "null"; })`
silenceLogs is not picked up Result: $ cat result/etc/systemd/system/tailscaled.service [Unit] Description=Tailscale node agent Documentation=https://tailscale.com/kb/ Wants=network-pre.target After=network-pre.target NetworkManager.service systemd-resolved.service [Service] ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port= ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup Restart=on-failure RuntimeDirectory=tailscale RuntimeDirectoryMode=0755 StateDirectory=tailscale StateDirectoryMode=0700 CacheDirectory=tailscale CacheDirectoryMode=0750 Type=notify [Install] WantedBy=multi-user.target 2023-09-14 12:03:00 +00:00			`]);`
tailscale: silence logs on some machines 2023-09-14 11:37:55 +00:00			`}`
No results found.