24 lines
582 B
Nix
24 lines
582 B
Nix
{
|
|
nixhelm,
|
|
system,
|
|
config,
|
|
lib,
|
|
...
|
|
}: {
|
|
options.tailscale.enable = lib.mkEnableOption "tailscale";
|
|
|
|
config = lib.mkIf config.tailscale.enable {
|
|
kubernetes = {
|
|
helm.releases.tailscale = {
|
|
chart = nixhelm.chartsDerivations.${system}.tailscale.tailscale-operator;
|
|
includeCRDs = true;
|
|
namespace = "tailscale";
|
|
};
|
|
|
|
resources.secrets.operator-oauth.stringData = {
|
|
client_id = "ref+sops://secrets.yml#/tailscale/clientID";
|
|
client_secret = "ref+sops://secrets.yml#/tailscale/clientSecret";
|
|
};
|
|
};
|
|
};
|
|
}
|