diff options
author | sinanmohd <sinan@sinanmohd.com> | 2025-10-18 11:43:46 +0530 |
---|---|---|
committer | sinanmohd <sinan@sinanmohd.com> | 2025-10-18 11:43:46 +0530 |
commit | cf09d18d537206bc8f7a0c24f9bbf036b5e057d9 (patch) | |
tree | b316ccc002a00f162277da8532b6bdbb38dccebb /os/kay/modules | |
parent | 37a1c825271d25d0d07e6572729de36abc6661ef (diff) |
chore(os/kay/headscale): clean up
Diffstat (limited to 'os/kay/modules')
-rw-r--r-- | os/kay/modules/network/headscale.nix | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/os/kay/modules/network/headscale.nix b/os/kay/modules/network/headscale.nix index 3e44108..b354f9b 100644 --- a/os/kay/modules/network/headscale.nix +++ b/os/kay/modules/network/headscale.nix @@ -2,6 +2,7 @@ config, pkgs, lib, + headplane, ... }: let @@ -64,6 +65,11 @@ let }; in { + imports = [ headplane.nixosModules.headplane ]; + + nixpkgs.overlays = [ headplane.overlays.default ]; + environment.systemPackages = [ config.services.headscale.package ]; + sops.secrets = { # server "headplane/cookie_secret".owner = config.services.headscale.user; @@ -78,6 +84,11 @@ in interfaces.ppp0.allowedUDPPorts = [ stunPort ]; trustedInterfaces = [ config.services.tailscale.interfaceName ]; }; + # for exit node only + boot.kernel.sysctl = { + "net.ipv4.ip_forward" = true; + "net.ipv6.conf.all.forwarding" = true; + }; services = { headscale = { @@ -142,11 +153,4 @@ in ]; }; }; - - boot.kernel.sysctl = { - "net.ipv4.ip_forward" = true; - "net.ipv6.conf.all.forwarding" = true; - }; - - environment.systemPackages = [ config.services.headscale.package ]; } |