summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--flake.lock21
-rw-r--r--flake.nix7
-rw-r--r--os/kay/modules/network/headscale.nix28
3 files changed, 54 insertions, 2 deletions
diff --git a/flake.lock b/flake.lock
index 7e0e6bc..396345d 100644
--- a/flake.lock
+++ b/flake.lock
@@ -226,6 +226,26 @@
"type": "github"
}
},
+ "namescale": {
+ "inputs": {
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1760768972,
+ "narHash": "sha256-bNnfcWlRJ8HWxzyjMyFz0zb7RNyZ2NJdGPIu03Ds3lY=",
+ "owner": "sinanmohd",
+ "repo": "namescale",
+ "rev": "12e26359e79cd3c88508b0f770d0e5136e53b176",
+ "type": "github"
+ },
+ "original": {
+ "owner": "sinanmohd",
+ "repo": "namescale",
+ "type": "github"
+ }
+ },
"nix": {
"inputs": {
"flake-parts": "flake-parts",
@@ -345,6 +365,7 @@
"determinate": "determinate",
"headplane": "headplane",
"home-manager": "home-manager",
+ "namescale": "namescale",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
"sops-nix": "sops-nix"
diff --git a/flake.nix b/flake.nix
index 2be062f..fceb721 100644
--- a/flake.nix
+++ b/flake.nix
@@ -25,6 +25,11 @@
url = "github:sinanmohd/alina";
inputs.nixpkgs.follows = "nixpkgs";
};
+
+ namescale = {
+ url = "github:sinanmohd/namescale";
+ inputs.nixpkgs.follows = "nixpkgs";
+ };
};
outputs =
@@ -37,6 +42,7 @@
alina,
determinate,
headplane,
+ namescale,
}:
let
lib = nixpkgs.lib;
@@ -48,6 +54,7 @@
specialArgs = {
inherit alina;
+ inherit namescale;
inherit headplane;
inherit determinate;
inherit nixos-hardware;
diff --git a/os/kay/modules/network/headscale.nix b/os/kay/modules/network/headscale.nix
index 2380c56..3fd9ff8 100644
--- a/os/kay/modules/network/headscale.nix
+++ b/os/kay/modules/network/headscale.nix
@@ -3,6 +3,7 @@
pkgs,
lib,
headplane,
+ namescale,
...
}:
let
@@ -28,8 +29,9 @@ let
];
};
tagOwners = {
- "tag:bud_clients" = [ "group:bud" ];
+ "tag:namescale" = [ "group:owner" ];
"tag:internal" = [ "group:owner" ];
+ "tag:bud_clients" = [ "group:bud" ];
"tag:cusat" = [ "group:owner" ];
"tag:gaijin" = [ "group:owner" ];
};
@@ -67,11 +69,20 @@ let
src = [ "group:bud" ];
dst = [ "tag:bud_clients:*" ];
}
+
+ {
+ action = "accept";
+ src = [ "*" ];
+ dst = [ "tag:namescale:${toString config.services.namescale.settings.port}" ];
+ }
];
};
in
{
- imports = [ headplane.nixosModules.headplane ];
+ imports = [
+ headplane.nixosModules.headplane
+ namescale.nixosModules.namescale
+ ];
nixpkgs.overlays = [ headplane.overlays.default ];
environment.systemPackages = [ config.services.headscale.package ];
@@ -108,6 +119,9 @@ in
dns = {
base_domain = "tsnet.${config.global.userdata.domain}";
override_local_dns = false;
+ nameservers.split."${config.services.headscale.settings.dns.base_domain}" = [
+ config.services.namescale.settings.host
+ ];
};
derp = {
server = {
@@ -156,7 +170,17 @@ in
"--login-server=${url}"
"--advertise-exit-node"
"--advertise-routes=192.168.43.0/24,192.168.38.0/24"
+ "--advertise-tags=tag:internal,tag:namescale"
];
};
+
+ namescale = {
+ enable = true;
+ settings = {
+ host = "100.64.0.6";
+ port = 53;
+ base_domain = config.services.headscale.settings.dns.base_domain;
+ };
+ };
};
}