diff --git a/hosts/m3-atlas/services/default.nix b/hosts/m3-atlas/services/default.nix index ea05f0c..a5746cb 100644 --- a/hosts/m3-atlas/services/default.nix +++ b/hosts/m3-atlas/services/default.nix @@ -2,11 +2,13 @@ imports = [ ./containers ./gitea.nix + ./headscale.nix ./minio.nix ./mysql.nix ./n8n.nix ./postgres.nix ./searx.nix + ./tailscale.nix ./traefik.nix ./wastebin.nix ]; diff --git a/hosts/m3-atlas/services/headscale.nix b/hosts/m3-atlas/services/headscale.nix new file mode 100644 index 0000000..8dcb453 --- /dev/null +++ b/hosts/m3-atlas/services/headscale.nix @@ -0,0 +1,33 @@ +{ + services = { + headscale = { + enable = true; + port = 3009; + settings = { + server_url = "https://va.m3tam3re.com"; + dns = { + base_domain = "m3tam3re.loc"; + }; + logtail.enabled = false; + }; + }; + }; + + # Traefik configuration specific to + services.traefik.dynamicConfigOptions.http = { + services.headscale.loadBalancer.servers = [ + { + url = "http://localhost:3009/"; + } + ]; + + routers.headscale = { + rule = "Host(`va.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "headscale"; + entrypoints = "websecure"; + }; + }; +} diff --git a/hosts/m3-atlas/services/tailscale.nix b/hosts/m3-atlas/services/tailscale.nix new file mode 100644 index 0000000..7a14f28 --- /dev/null +++ b/hosts/m3-atlas/services/tailscale.nix @@ -0,0 +1,9 @@ +{ + services.tailscale = { + enable = true; + useRoutingFeatures = "both"; + }; + networking.firewall = { + trustedInterfaces = ["tailscale0"]; + }; +} diff --git a/hosts/m3-kratos/services/default.nix b/hosts/m3-kratos/services/default.nix index 3ca540f..2674a00 100644 --- a/hosts/m3-kratos/services/default.nix +++ b/hosts/m3-kratos/services/default.nix @@ -11,6 +11,7 @@ hypridle.enable = true; printing.enable = true; gvfs.enable = true; + tailscale.enable = true; trezord.enable = true; gnome.gnome-keyring.enable = true; qdrant.enable = true;