feat: Enable tailscale on physical servers
fix: Fix Nix flake checks
This commit is contained in:
parent
c22d356191
commit
15e0dce041
5 changed files with 21 additions and 4 deletions
|
@ -184,6 +184,5 @@
|
|||
};
|
||||
in
|
||||
{
|
||||
apps = builtins.mapAttrs mkDeployApp deployers;
|
||||
packages = builtins.mapAttrs mkManifest deployers;
|
||||
apps = pkgs.lib.mergeAttrs (builtins.mapAttrs mkDeployApp deployers) (builtins.mapAttrs mkManifest deployers);
|
||||
})
|
||||
|
|
|
@ -6,5 +6,6 @@
|
|||
./data-sharing.nix
|
||||
./monitoring
|
||||
./k3s
|
||||
./tailscale.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -61,6 +61,7 @@ in
|
|||
nfs-utils # Required for Longhorn
|
||||
];
|
||||
|
||||
# TODO!!!!!
|
||||
networking = {
|
||||
nftables.enable = lib.mkForce false;
|
||||
firewall.enable = lib.mkForce false;
|
||||
|
|
14
nixos-modules/tailscale.nix
Normal file
14
nixos-modules/tailscale.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
{ config, ... }: {
|
||||
config = {
|
||||
services.tailscale = {
|
||||
enable = true;
|
||||
authKeyFile = config.sops.secrets."tailscale/authKey".path;
|
||||
|
||||
extraUpFlags = [
|
||||
"--hostname=${config.networking.hostName}"
|
||||
];
|
||||
};
|
||||
|
||||
sops.secrets."tailscale/authKey" = { };
|
||||
};
|
||||
}
|
|
@ -11,6 +11,8 @@ k3s:
|
|||
etcd:
|
||||
peerCAKey: ENC[AES256_GCM,data:hr/Q9UqzA5IKK4o+mxyYQyXjTl1/guRLcjeBBaErxlvtQ0QarNWBMV0SuekCTiv0aGEUiXrY4u/39n6/VdVsxCdCDFDSuEJE5iEklpReKkW0gIvW3wIk98PC8xhNKjwRNnPwgE6TmOi8RSR9jdL9A3VKUXXo4XDkKPWrK6yHOJHKWgGOKX8+TP8HHwGGG6JvcMgOfbLJIvstsB9C17bOHt0KNaPKIpGN3gRkY7rJE/ORIJaOFxQB9WrcmweB2B7K3tlnVyLsY/wZsturZDJtK4CtVPEba7jXlpI4xnr0EANhRxs=,iv:gy8/RAxOxMrzFbPynQw1iDbXYEM4iYXJ+OfvQE9MAfU=,tag:vlnfHLzOm9ztsnaSIbL14w==,type:str]
|
||||
serverCAKey: ENC[AES256_GCM,data:bn4BLlUSOHBOzjxO7oCmnWY3+yc/+J149QFfHOxrrFFblCkY3MEtXg9ogFsU+CYhZg6HZtOiecbo3V1fTe6dbSdWlUW7mHVoFP75aRuLjeEwX9Crgu/BVce7tcL0nFXvaBfaPngz3irzE2t2Dt+p1rVFWsMa2Ms2Wfzx9ZfVUbD0mOBgKmR+fGCHQBuUk4F9kzXA//J6iuk2VNh0+6YXBfTWCEsBllg8CvLgD9aU3DE7nS/xcbZcbpR3nWp8nQvezA5/cAEVTyuQfUO2u/tnYAoEE7t1Qo4RJrWlY30xTvXdq44=,iv:kXjH9JPjix64b+nWWIF/TBlZH9DsOYGTq5okQB3HKYs=,tag:MYM0xdi8AjaR0I/ZcpELAQ==,type:str]
|
||||
tailscale:
|
||||
authKey: ENC[AES256_GCM,data:nOxCntC28235lk47BRpIPuNRwmp87DbEY8c3QHIZLXfLvS+U1neoNNlAZ8ThQd4addLoPrJRH0LgDiWAUQ==,iv:7ymbpb78mdXm1/MaGe/ZrsJv8zYQNGm3//Hud7lCgPY=,tag:Wuwf2EKz2RBsaEbrxyNQ0w==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -71,8 +73,8 @@ sops:
|
|||
Q0VudEFzRUFGWlNJcHc0VzZJUVRwbHMKjTMUFFbHhDeP7QLmR64yqDEh4naazL9f
|
||||
etbOvYUkgj4IaB9UgDerG4MjyyHiVVY9Md8Jqe3dOQN0rqXRxNOW1g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-06-15T19:11:54Z"
|
||||
mac: ENC[AES256_GCM,data:OR2ibRtOtUwIuQ27c5PHRzdvKoTGMl4Ll7/hmuIB40amBqs54Cku/SEOqw2kHG31ii3cK5XbyaR6tC8Lvu07tn1iutbU8WjN8Ww+txr0FgdbeTYRIWr9aClAKmR3Ek1Ky2NsA2OaTm02Um6W0xX78Ran04Gjuf8vpaXSRYVsPbA=,iv:w9M3O5DHlm7Jq9vjfxaq34petJtgMeEUHZ0fZKycOjs=,tag:ShLvjfZJV3FARa4An+YfQA==,type:str]
|
||||
lastmodified: "2024-07-22T20:27:25Z"
|
||||
mac: ENC[AES256_GCM,data:zIY2DotoqnJmz/aBRHq+4ZLi/Smi1Bn4phmFsngMY1w0LVauKX95jwKwOhE0PfvIyd8E54N+BoCQ3QmRMv3uvBddScPNSGJgdgDRn8LDWol4/8avDoPFISpNvdS32Ac00UDnMeBEkW4S/oo9CwYHCpEsiwjL6FgjCX/KOK++kzA=,iv:sGCFNJ6gsEOskMlLWUnR9Gnsp8Emc0vdBAl4WN2A1f8=,tag:fHi4CR+exp1roW7UOzhMmQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in a new issue