Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

added headscale service

Browse source
This commit is contained in:
Leyla Becker 2025-01-03 13:48:03 -06:00
parent 7dfb67f1f4
commit 0e5cf34809
4 changed files with 70 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

8
configurations/nixos/defiant/configuration.nix
View file

@ -92,6 +92,14 @@
networkInterface = "bond0"; networkInterface = "bond0";
}; };
}; };
nextcloud = {
enable = true;
subdomain = "drive";
};
headscale = {
enable = true;
subdomain = "vpn";
};
}; };
networking = { networking = {
hostId = "c51763d6"; hostId = "c51763d6";

94
configurations/nixos/defiant/services.nix
View file

@ -1,94 +0,0 @@
{
lib,
config,
...
}: {
imports = [];
options = {
apps = {
base_domain = lib.mkOption {
type = lib.types.str;
};
headscale = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that headscale will be hosted at";
default = "headscale";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hostname that headscale will be hosted at";
default = "${config.apps.headscale.subdomain}.${config.apps.base_domain}";
};
};
nextcloud = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that nextcloud will be hosted at";
default = "nextcloud";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hostname that nextcloud will be hosted at";
default = "${config.apps.nextcloud.subdomain}.${config.apps.base_domain}";
};
};
};
};
config = {
systemd = {
services = {
headscale = {
after = ["postgresql.service"];
requires = ["postgresql.service"];
};
};
};
services = {
# DNS stub needs to be disabled so pi hole can bind
# resolved.extraConfig = "DNSStubListener=no";
headscale = {
enable = true;
user = "headscale";
group = "headscale";
address = "0.0.0.0";
port = 8080;
settings = {
server_url = "https://${config.apps.headscale.hostname}";
dns.base_domain = "clients.${config.apps.headscale.hostname}";
logtail.enabled = true;
database = {
type = "postgres";
postgres = {
host = "/run/postgresql";
port = config.services.postgresql.settings.port;
user = "headscale";
name = "headscale";
};
};
};
};
nginx = {
enable = true;
virtualHosts = {
${config.apps.headscale.hostname} = {
# forceSSL = true;
# enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
};
};
};
};
environment.systemPackages = [
config.services.headscale.package
];
};
}

1
modules/nixos-modules/server/default.nix
View file

@ -10,5 +10,6 @@
./home-assistant.nix ./home-assistant.nix
./pihole.nix ./pihole.nix
./nextcloud.nix ./nextcloud.nix
./headscale.nix
]; ];
} }

61
modules/nixos-modules/server/headscale.nix Normal file
View file

@ -0,0 +1,61 @@
{
lib,
config,
...
}: let
hostname = "${config.host.headscale.subdomain}.${config.host.reverse_proxy.hostname}";
in {
options.host.headscale = {
enable = lib.mkEnableOption "should headscale be enabled on this computer";
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that headscale will be hosted at";
default = "headscale";
};
};
config = lib.mkIf config.host.headscale.enable {
host.reverse_proxy.subdomains.${config.host.jellyfin.subdomain} = {
target = "http://localhost:${toString config.services.headscale.port}";
};
systemd = {
services = {
headscale = {
after = ["postgresql.service"];
requires = ["postgresql.service"];
};
};
};
services = {
# DNS stub needs to be disabled so pi hole can bind
# resolved.extraConfig = "DNSStubListener=no";
headscale = {
enable = true;
user = "headscale";
group = "headscale";
address = "0.0.0.0";
port = 8080;
settings = {
server_url = "https://${hostname}";
dns.base_domain = "clients.${hostname}";
logtail.enabled = true;
database = {
type = "postgres";
postgres = {
host = "/run/postgresql";
port = config.services.postgresql.settings.port;
user = "headscale";
name = "headscale";
};
};
};
};
};
environment.systemPackages = [
config.services.headscale.package
];
};
}