Armael/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

minor refactoring

Browse source
This commit is contained in:
root 2024-06-14 23:50:52 +02:00
parent 0574a44093
commit 7f9ca9b1f0
1 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
pastila/headscale.nix
View file

@ -1,6 +1,9 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let localListenPort = 4443; let
localListenPort = 4443;
localGrpcPort = 50442;
externalGrpcPort = 50443;
in { in {
services.headscale = { services.headscale = {
enable = true; enable = true;
@ -54,7 +57,7 @@ in {
# remotely with the CLI # remotely with the CLI
# Note: Remote access _only_ works if you have # Note: Remote access _only_ works if you have
# valid certificates. # valid certificates.
grpc_listen_addr = "127.0.0.1:50442"; grpc_listen_addr = "127.0.0.1:" + builtins.toString localGrpcPort;
# Allow the gRPC admin interface to run in INSECURE # Allow the gRPC admin interface to run in INSECURE
# mode. This is not recommended as the traffic will # mode. This is not recommended as the traffic will
@ -95,18 +98,18 @@ in {
listen = [ listen = [
{ {
addr = "0.0.0.0"; addr = "0.0.0.0";
port = 50443; port = externalGrpcPort;
ssl = true; ssl = true;
} }
{ {
addr = "[::]"; addr = "[::]";
port = 50443; port = externalGrpcPort;
ssl = true; ssl = true;
} }
]; ];
locations."/" = { locations."/" = {
extraConfig = '' extraConfig = ''
grpc_pass grpc://127.0.0.1:50442; grpc_pass grpc://127.0.0.1:${builtins.toString localGrpcPort};
''; '';
}; };
}; };