tailscale: silence logs on some machines

This commit is contained in:
Motiejus Jakštys 2023-09-14 14:37:55 +03:00
parent aad4502030
commit 9eb8147660
7 changed files with 42 additions and 14 deletions

View File

@ -45,6 +45,10 @@
services = { services = {
node_exporter.enable = true; node_exporter.enable = true;
sshguard.enable = true; sshguard.enable = true;
tailscale = {
enable = true;
silenceLogs = true;
};
postfix = { postfix = {
enable = true; enable = true;
@ -74,8 +78,6 @@
}; };
}; };
services.tailscale.enable = true;
services.nsd = { services.nsd = {
enable = true; enable = true;
interfaces = ["0.0.0.0" "::"]; interfaces = ["0.0.0.0" "::"];

View File

@ -74,7 +74,11 @@
services = { services = {
node_exporter.enable = true; node_exporter.enable = true;
sshguard.enable = true; sshguard.enable = false;
tailscale = {
enable = true;
silenceLogs = true;
};
deployerbot = { deployerbot = {
follower = { follower = {
@ -99,7 +103,6 @@
}; };
services = { services = {
tailscale.enable = true;
xserver = { xserver = {
enable = true; enable = true;

View File

@ -155,11 +155,9 @@
]; ];
} }
]; ];
tailscale.enable = true;
node_exporter.enable = true; node_exporter.enable = true;
gitea.enable = true; gitea.enable = true;
snmp_exporter.enable = true; snmp_exporter.enable = true;
sshguard.enable = true; sshguard.enable = true;
@ -232,8 +230,6 @@
}; };
services = { services = {
tailscale.enable = true;
caddy = { caddy = {
enable = true; enable = true;
email = "motiejus+acme@jakstys.lt"; email = "motiejus+acme@jakstys.lt";

View File

@ -62,6 +62,10 @@
services = { services = {
node_exporter.enable = true; node_exporter.enable = true;
sshguard.enable = true; sshguard.enable = true;
tailscale = {
enable = true;
silenceLogs = true;
};
borgstor = { borgstor = {
enable = true; enable = true;
@ -92,8 +96,6 @@
}; };
}; };
services.tailscale.enable = true;
services.journald.extraConfig = "Storage=volatile"; services.journald.extraConfig = "Storage=volatile";
environment.etc = { environment.etc = {

View File

@ -154,7 +154,6 @@
}; };
networking.firewall.logRefusedConnections = false; networking.firewall.logRefusedConnections = false;
networking.firewall.checkReversePath = "loose"; # for tailscale
services = { services = {
chrony = { chrony = {

View File

@ -1,7 +1,7 @@
{ {
config, config,
lib, lib,
pkgs, pkgs,
... ...
}: { }: {
imports = [ imports = [
@ -18,6 +18,7 @@
./snmp_exporter ./snmp_exporter
./sshguard ./sshguard
./syncthing ./syncthing
./tailscale
./zfsunlock ./zfsunlock
]; ];
} }

View File

@ -0,0 +1,25 @@
{
config,
lib,
pkgs,
myData,
...
}: {
options.mj.services.tailscale = with lib.types; {
enable = lib.mkEnableOption "Enable tailscale";
# https://github.com/tailscale/tailscale/issues/1548
silenceLogs = lib.mkOption {
type = bool;
default = false;
};
};
config = with config.mj.services.tailscale;
lib.mkIf enable {
services.tailscale.enable = true;
networking.firewall.checkReversePath = "loose"; # for tailscale
}
// lib.mkIf silenceLogs {
systemd.services.tailscale.serviceConfig."StandardOutput" = "null";
};
}