diff --git a/modules/module-list.nix b/modules/module-list.nix index b56ba67..7e771b3 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -65,6 +65,7 @@ ./services/spotifyd.nix ./services/synapse-bt.nix ./services/synergy + ./services/tailscale.nix ./services/yabai ./services/nextdns ./programs/bash diff --git a/modules/services/tailscale.nix b/modules/services/tailscale.nix new file mode 100644 index 0000000..fb63af9 --- /dev/null +++ b/modules/services/tailscale.nix @@ -0,0 +1,55 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.tailscale; + +in +{ + options.services.tailscale = { + domain = mkOption { + type = types.str; + default = ""; + description = "The Tailscale domain. This is displayed at the top left of https://login.tailscale.com/admin, next to the Tailscale logo."; + }; + + enable = mkEnableOption "Tailscale client daemon"; + + package = mkOption { + type = types.package; + default = pkgs.tailscale; + defaultText = literalExpression "pkgs.tailscale"; + description = "The package to use for tailscale"; + }; + + magicDNS = { + enable = mkEnableOption "Whether to configure networking to work with Tailscale's MagicDNS."; + }; + }; + + config = mkIf cfg.enable { + warnings = [ + (mkIf (cfg.magicDNS.enable && cfg.domain == "") "${showOption cfg.domain} isn't empty, Tailscale MagicDNS search path won't be configured.") + ]; + + environment.systemPackages = [ cfg.package ]; + launchd.user.agents.tailscaled = { + # derived from + # https://github.com/tailscale/tailscale/blob/main/cmd/tailscaled/install_darwin.go#L30 + serviceConfig = { + Label = "com.tailscale.tailscaled"; + ProgramArguments = [ "${lib.getBin cfg.package}/bin/tailscaled" ]; + RunAtLoad = true; + }; + }; + networking = mkIf cfg.magicDNS.enable { + dns = [ "100.100.100.100" ]; + search = + if cfg.domain == "" then + [ ] + else + [ "${cfg.domain}.beta.tailscale.net" ]; + }; + }; +}