added stuff

2024-04-09 23:11:33 +02:00 · 2024-04-09 23:11:33 +02:00 · 9d0ebdfbd0
commit 9d0ebdfbd0
parent e8d9044d2b
907 changed files with 70990 additions and 0 deletions
--- a/nyx/modules/options/system/networking/tailscale.nix
+++ b/nyx/modules/options/system/networking/tailscale.nix
@ -0,0 +1,76 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  inherit (lib) mkEnableOption mkOption types;
+
+  sys = config.modules.system;
+  cfg = sys.networking.tailscale;
+in {
+  options.modules.system.networking.tailscale = {
+    enable = mkEnableOption "Tailscale VPN";
+    autoLogin = mkEnableOption ''
+      systemd-service for bootstrapping a Tailscale connection automatically
+    '';
+
+    endpoint = mkOption {
+      type = types.str;
+      default = "https://hs.notashelf.dev";
+      description = ''
+        The URL of the Tailscale control server to use. In case you
+        would like to use a self-hosted Headscale server, such as
+        the default value, you may change this value accordingly.
+      '';
+    };
+
+    operator = mkOption {
+      type = types.str;
+      default = sys.mainUser;
+      description = ''
+        The name of the Tailscale operator to use. This is used to
+        avoid using sudo in command-line operations and if set, will
+        run the auto-authentication service as the specified user.
+      '';
+    };
+
+    flags = {
+      default = mkOption {
+        type = with types; listOf str;
+        default = ["--ssh"];
+        description = ''
+          A list of command-line flags that will be passed to the Tailscale
+          daemon automatically when it is started, using
+          {option}`config.services.tailscale.extraUpFlags`
+
+          If `isServer` is set to true, the server-specific values will be
+          appended to the list defined in this option.
+        '';
+      };
+    };
+
+    isClient = mkOption {
+      type = types.bool;
+      default = cfg.enable;
+      example = true;
+      description = ''
+        Whether the target host should utilize Tailscale client features";
+
+        This option is mutually exlusive with {option}`tailscale.isServer`
+        as they both configure Taiscale, but with different flags
+      '';
+    };
+
+    isServer = mkOption {
+      type = types.bool;
+      default = false;
+      example = true;
+      description = ''
+        Whether the target host should utilize Tailscale server features.
+
+        This option is mutually exlusive with {option}`tailscale.isClient`
+        as they both configure Taiscale, but with different flags
+      '';
+    };
+  };
+}