default.nix (760B) - Raw
1 { 2 config, 3 lib, 4 pkgs, 5 myData, 6 ... 7 }: 8 let 9 cfg = config.mj.services.tailscale-ssh; 10 11 vpnDomain = ".jakst.vpn"; 12 13 vpnHosts = lib.filterAttrs (name: _: lib.hasSuffix vpnDomain name) myData.hosts; 14 15 hostConfigs = lib.concatStringsSep "\n" ( 16 lib.mapAttrsToList ( 17 fqdn: _: 18 let 19 shortName = lib.removeSuffix vpnDomain fqdn; 20 in 21 '' 22 Host ${shortName} 23 User motiejus 24 ProxyCommand bash -c 'exec nc $(${pkgs.tailscale}/bin/tailscale ip -4 ${shortName}) %p' 25 '' 26 ) vpnHosts 27 ); 28 in 29 { 30 options.mj.services.tailscale-ssh = { 31 enable = lib.mkEnableOption "SSH via Tailscale IP lookup for VPN hosts"; 32 }; 33 34 config = lib.mkIf cfg.enable { 35 programs.ssh.extraConfig = hostConfigs; 36 }; 37 }