Motiejus Jakštys
b73f671bc0
Result: $ cat result/etc/systemd/system/tailscaled.service [Unit] Description=Tailscale node agent Documentation=https://tailscale.com/kb/ Wants=network-pre.target After=network-pre.target NetworkManager.service systemd-resolved.service [Service] ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port= ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup Restart=on-failure RuntimeDirectory=tailscale RuntimeDirectoryMode=0755 StateDirectory=tailscale StateDirectoryMode=0700 CacheDirectory=tailscale CacheDirectoryMode=0750 Type=notify [Install] WantedBy=multi-user.target
31 lines
724 B
Nix
31 lines
724 B
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
myData,
|
|
...
|
|
}: let
|
|
cfg = config.mj.services.tailscale;
|
|
inherit (lib) mkMerge types mkEnableOption mkOption mkIf;
|
|
in {
|
|
options.mj.services.tailscale = with types; {
|
|
enable = mkEnableOption "Enable tailscale";
|
|
# https://github.com/tailscale/tailscale/issues/1548
|
|
silenceLogs = mkOption {
|
|
type = bool;
|
|
default = false;
|
|
};
|
|
};
|
|
|
|
config = mkIf (cfg.enable) (mkMerge [
|
|
{
|
|
services.tailscale.enable = true;
|
|
networking.firewall.checkReversePath = "loose";
|
|
networking.firewall.allowedUDPPorts = [myData.ports.tailscale];
|
|
}
|
|
(mkIf cfg.silenceLogs {
|
|
systemd.services.tailscaled.serviceConfig."StandardOutput" = "null";
|
|
})
|
|
]);
|
|
}
|