{ lib, config, ... }: { options = with lib.types; { lab.tailscaleIngresses = lib.mkOption { type = attrsOf (submodule { options = { host = lib.mkOption { type = str; }; service = { name = lib.mkOption { type = str; }; portName = lib.mkOption { type = str; default = "web"; }; }; }; }); }; }; config = let cfg = config.lab.tailscaleIngresses; mkTailscaleIngress = name: { host, service }: { spec = { ingressClassName = "tailscale"; rules = [{ http.paths = [{ path = "/"; pathType = "Prefix"; backend.service = { name = service.name; port.name = service.portName; }; }]; }]; tls = [{ hosts = [ host ]; }]; }; }; in { kubernetes.resources.ingresses = builtins.mapAttrs mkTailscaleIngress cfg; }; }