diff options
Diffstat (limited to 'nixos/modules/services/networking/tailscale.nix')
-rw-r--r-- | nixos/modules/services/networking/tailscale.nix | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/tailscale.nix b/nixos/modules/services/networking/tailscale.nix new file mode 100644 index 00000000000..3f41646bf01 --- /dev/null +++ b/nixos/modules/services/networking/tailscale.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.services.tailscale; +in { + meta.maintainers = with maintainers; [ danderson mbaillie ]; + + options.services.tailscale = { + enable = mkEnableOption "Tailscale client daemon"; + + port = mkOption { + type = types.port; + default = 41641; + description = "The port to listen on for tunnel traffic (0=autoselect)."; + }; + + interfaceName = mkOption { + type = types.str; + default = "tailscale0"; + description = ''The interface name for tunnel traffic. Use "userspace-networking" (beta) to not use TUN.''; + }; + + package = mkOption { + type = types.package; + default = pkgs.tailscale; + defaultText = literalExpression "pkgs.tailscale"; + description = "The package to use for tailscale"; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = [ cfg.package ]; # for the CLI + systemd.packages = [ cfg.package ]; + systemd.services.tailscaled = { + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.openresolv pkgs.procps ]; + serviceConfig.Environment = [ + "PORT=${toString cfg.port}" + ''"FLAGS=--tun ${lib.escapeShellArg cfg.interfaceName}"'' + ]; + }; + }; +} |