m3tam3re/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Headscale and Tailscale config modules

Browse Source
This commit is contained in:
Sascha Koenig 2025-05-05 09:11:47 +02:00
parent 53ce9740bd
commit eb0a31cce6
7 changed files with 23 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
home/features/cli/default.nix
View File

@ -67,7 +67,6 @@
comma comma
coreutils coreutils
devenv devenv
fabric-ai
fd fd
gcc gcc
go go
@ -79,7 +78,7 @@
llm llm
lf lf
nix-index nix-index
procs nushellPlugins.skim
progress progress
ripgrep ripgrep
rocmPackages.rocm-smi rocmPackages.rocm-smi

4
home/m3tam3re/m3-atlas.nix
View File

@ -7,8 +7,8 @@
features = { features = {
cli = { cli = {
fish.enable = true; nushell.enable = true;
fzf.enable = true; skim.enable = true;
nitch.enable = true; nitch.enable = true;
secrets.enable = false; secrets.enable = false;
starship.enable = true; starship.enable = true;

4
home/m3tam3re/m3-kratos.nix
View File

@ -48,8 +48,8 @@ in {
}; };
features = { features = {
cli = { cli = {
fish.enable = true; nushell.enable = true;
fzf.enable = true; skim.enable = true;
nitch.enable = true; nitch.enable = true;
secrets.enable = true; secrets.enable = true;
starship.enable = true; starship.enable = true;

4
hosts/common/extraServices/ollama.nix
View File

@ -12,10 +12,6 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.ollama = { services.ollama = {
enable = true; enable = true;
package =
if config.services.xserver.videoDrivers == ["amdgpu"] # rocblas-6.0.2 broken
then pkgs.pinned.ollama
else pkgs.ollama;
acceleration = acceleration =
if config.services.xserver.videoDrivers == ["amdgpu"] if config.services.xserver.videoDrivers == ["amdgpu"]
then "rocm" then "rocm"

3
hosts/m3-atlas/secrets.nix
View File

@ -22,6 +22,9 @@
searx = { searx = {
file = ../../secrets/searx.age; file = ../../secrets/searx.age;
}; };
tailscale-key = {
file = ../../secrets/tailscale-key.age;
};
traefik = { traefik = {
file = ../../secrets/traefik.age; file = ../../secrets/traefik.age;
owner = "traefik"; owner = "traefik";

26
hosts/m3-atlas/services/tailscale.nix
View File

@ -1,23 +1,26 @@
{pkgs, ...}: { {
config,
pkgs,
...
}: {
services.tailscale = { services.tailscale = {
enable = true; enable = true;
useRoutingFeatures = "both"; useRoutingFeatures = "both";
authKeyFile = config.age.secrets.tailscale-key.path;
extraUpFlags = [ extraUpFlags = [
"--login-server https://va.m3tam3re.com" "--login-server=${config.services.headscale.settings.server_url}"
"--advertise-exit-node" "--advertise-exit-node"
"--accept-routes" "--accept-routes"
]; ];
}; };
# Persistent systemd service for network settings services.networkd-dispatcher = {
systemd.services.configure-network-offload = { enable = true;
description = "Configure network offload settings"; rules."50-tailscale" = {
after = ["network.target"]; onState = ["routable"];
wantedBy = ["multi-user.target"]; script = ''
serviceConfig = { "${pkgs.ethtool} NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ") | -K $NETDEV rx-udp-gro-forwarding on rx-gro-list off
Type = "oneshot"; '';
RemainAfterExit = true;
ExecStart = "${pkgs.ethtool}/bin/ethtool -K ens3 rx-udp-gro-forwarding on rx-gro-list off";
}; };
}; };
@ -37,5 +40,6 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
ethtool ethtool
tailscale tailscale
networkd-dispatcher
]; ];
} }

BIN
secrets/tailscale-key.age
View File

Binary file not shown.