nixfmt pastila/headscale.nix

This commit is contained in:
root 2024-06-14 22:48:21 +02:00
parent a3a85dec1d
commit 0574a44093

View file

@ -1,9 +1,7 @@
{ config, lib, pkgs, ... }:
let
localListenPort = 4443;
in
{
let localListenPort = 4443;
in {
services.headscale = {
enable = true;
address = "127.0.0.1";
@ -17,7 +15,7 @@ in
};
derp = {
urls = [];
urls = [ ];
server = {
# If enabled, runs the embedded DERP server and merges it into the rest of the DERP config
# The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place
@ -49,10 +47,7 @@ in
# IPv6: https://github.com/tailscale/tailscale/blob/22ebb25e833264f58d7c3f534a8b166894a89536/net/tsaddr/tsaddr.go#LL81C52-L81C71
# IPv4: https://github.com/tailscale/tailscale/blob/22ebb25e833264f58d7c3f534a8b166894a89536/net/tsaddr/tsaddr.go#L33
# Any other range is NOT supported, and it will cause unexpected issues.
ip_prefixes = [
"fd7a:115c:a1e0::/48"
"100.64.0.0/10"
];
ip_prefixes = [ "fd7a:115c:a1e0::/48" "100.64.0.0/10" ];
# Address to listen for gRPC.
# gRPC is used for controlling a headscale server
@ -67,9 +62,7 @@ in
# are doing.
grpc_allow_insecure = true; # we're behind a reverse proxy
logtail = {
enabled = false;
};
logtail = { enabled = false; };
};
};
@ -100,8 +93,16 @@ in
useACMEHost = "scale.isomorphis.me";
onlySSL = true;
listen = [
{ addr = "0.0.0.0"; port = 50443; ssl = true; }
{ addr = "[::]"; port = 50443; ssl = true; }
{
addr = "0.0.0.0";
port = 50443;
ssl = true;
}
{
addr = "[::]";
port = 50443;
ssl = true;
}
];
locations."/" = {
extraConfig = ''