From 246840e19b230f4cd22b5f40ecf94cc28255b887 Mon Sep 17 00:00:00 2001 From: sinanmohd Date: Sat, 18 Oct 2025 12:57:37 +0530 Subject: feat(os/kay/headscale): init namescale --- flake.lock | 21 +++++++++++++++++++++ flake.nix | 7 +++++++ os/kay/modules/network/headscale.nix | 28 ++++++++++++++++++++++++++-- 3 files changed, 54 insertions(+), 2 deletions(-) diff --git a/flake.lock b/flake.lock index 7e0e6bc..396345d 100644 --- a/flake.lock +++ b/flake.lock @@ -226,6 +226,26 @@ "type": "github" } }, + "namescale": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1760768972, + "narHash": "sha256-bNnfcWlRJ8HWxzyjMyFz0zb7RNyZ2NJdGPIu03Ds3lY=", + "owner": "sinanmohd", + "repo": "namescale", + "rev": "12e26359e79cd3c88508b0f770d0e5136e53b176", + "type": "github" + }, + "original": { + "owner": "sinanmohd", + "repo": "namescale", + "type": "github" + } + }, "nix": { "inputs": { "flake-parts": "flake-parts", @@ -345,6 +365,7 @@ "determinate": "determinate", "headplane": "headplane", "home-manager": "home-manager", + "namescale": "namescale", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", "sops-nix": "sops-nix" diff --git a/flake.nix b/flake.nix index 2be062f..fceb721 100644 --- a/flake.nix +++ b/flake.nix @@ -25,6 +25,11 @@ url = "github:sinanmohd/alina"; inputs.nixpkgs.follows = "nixpkgs"; }; + + namescale = { + url = "github:sinanmohd/namescale"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = @@ -37,6 +42,7 @@ alina, determinate, headplane, + namescale, }: let lib = nixpkgs.lib; @@ -48,6 +54,7 @@ specialArgs = { inherit alina; + inherit namescale; inherit headplane; inherit determinate; inherit nixos-hardware; diff --git a/os/kay/modules/network/headscale.nix b/os/kay/modules/network/headscale.nix index 2380c56..3fd9ff8 100644 --- a/os/kay/modules/network/headscale.nix +++ b/os/kay/modules/network/headscale.nix @@ -3,6 +3,7 @@ pkgs, lib, headplane, + namescale, ... }: let @@ -28,8 +29,9 @@ let ]; }; tagOwners = { - "tag:bud_clients" = [ "group:bud" ]; + "tag:namescale" = [ "group:owner" ]; "tag:internal" = [ "group:owner" ]; + "tag:bud_clients" = [ "group:bud" ]; "tag:cusat" = [ "group:owner" ]; "tag:gaijin" = [ "group:owner" ]; }; @@ -67,11 +69,20 @@ let src = [ "group:bud" ]; dst = [ "tag:bud_clients:*" ]; } + + { + action = "accept"; + src = [ "*" ]; + dst = [ "tag:namescale:${toString config.services.namescale.settings.port}" ]; + } ]; }; in { - imports = [ headplane.nixosModules.headplane ]; + imports = [ + headplane.nixosModules.headplane + namescale.nixosModules.namescale + ]; nixpkgs.overlays = [ headplane.overlays.default ]; environment.systemPackages = [ config.services.headscale.package ]; @@ -108,6 +119,9 @@ in dns = { base_domain = "tsnet.${config.global.userdata.domain}"; override_local_dns = false; + nameservers.split."${config.services.headscale.settings.dns.base_domain}" = [ + config.services.namescale.settings.host + ]; }; derp = { server = { @@ -156,7 +170,17 @@ in "--login-server=${url}" "--advertise-exit-node" "--advertise-routes=192.168.43.0/24,192.168.38.0/24" + "--advertise-tags=tag:internal,tag:namescale" ]; }; + + namescale = { + enable = true; + settings = { + host = "100.64.0.6"; + port = 53; + base_domain = config.services.headscale.settings.dns.base_domain; + }; + }; }; } -- cgit v1.2.3