2024-12-06 07:16:50 +01:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
|
|
|
|
}: {
|
|
|
|
|
services.tailscale = {
|
|
|
|
|
enable = true;
|
|
|
|
|
useRoutingFeatures = "client";
|
|
|
|
|
};
|
|
|
|
|
|
2025-02-23 19:07:14 +01:00
|
|
|
# systemd.services.tailscale-autoconnect = {
|
|
|
|
|
# description = "Automatic connection to Tailscale";
|
2024-12-06 07:16:50 +01:00
|
|
|
|
2025-02-23 19:07:14 +01:00
|
|
|
# # make sure tailscale is running before trying to connect to tailscale
|
|
|
|
|
# after = ["network-pre.target" "tailscale.service"];
|
|
|
|
|
# wants = ["network-pre.target" "tailscale.service"];
|
|
|
|
|
# wantedBy = ["multi-user.target"];
|
2024-12-06 07:16:50 +01:00
|
|
|
|
2025-02-23 19:07:14 +01:00
|
|
|
# # set this service as a oneshot job
|
|
|
|
|
# serviceConfig = {
|
|
|
|
|
# Type = "oneshot";
|
|
|
|
|
# EnvironmentFile = "${config.age.secrets.tailscale-key.path}";
|
|
|
|
|
# };
|
2024-12-06 07:16:50 +01:00
|
|
|
|
2025-02-23 19:07:14 +01:00
|
|
|
# # have the job run this shell script
|
|
|
|
|
# script = with pkgs; ''
|
|
|
|
|
# # wait for tailscaled to settle
|
|
|
|
|
# sleep 2
|
2024-12-06 07:16:50 +01:00
|
|
|
|
2025-02-23 19:07:14 +01:00
|
|
|
# # check if we are already authenticated to tailscale
|
|
|
|
|
# status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)"
|
|
|
|
|
# if [ $status = "Running" ]; then # if so, then do nothing
|
|
|
|
|
# exit 0
|
|
|
|
|
# fi
|
2024-12-06 07:16:50 +01:00
|
|
|
|
2025-02-23 19:07:14 +01:00
|
|
|
# # otherwise authenticate with tailscale
|
|
|
|
|
# ${tailscale}/bin/tailscale up --exit-node 100.88.96.77 --authkey $TAILSCALE_KEY
|
|
|
|
|
# '';
|
|
|
|
|
# };
|
2024-12-06 07:16:50 +01:00
|
|
|
}
|
