nixos-config/services/tailscale.nix

38 lines
678 B
Nix

{
config,
lib,
pkgs,
...
}: let
inherit
(lib)
mkEnableOption
mkIf
mkOption
types
;
cfg = config.my.services.tailscale;
in {
options.my.services.tailscale = {
enable = mkEnableOption "Tailscale";
useRoutingFeatures = mkOption {
type = types.enum [ "none" "client" "server" "both" ];
default = "none";
};
};
config = mkIf cfg.enable {
services.tailscale = {
enable = true;
package = pkgs.tailscale;
openFirewall = true;
useRoutingFeatures = cfg.useRoutingFeatures;
};
networking.firewall = {
trustedInterfaces = [config.services.tailscale.interfaceName];
};
};
}