diff options
Diffstat (limited to 'Biz/Dev/Vpn.nix')
| -rw-r--r-- | Biz/Dev/Vpn.nix | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/Biz/Dev/Vpn.nix b/Biz/Dev/Vpn.nix new file mode 100644 index 0000000..5a3c3e6 --- /dev/null +++ b/Biz/Dev/Vpn.nix @@ -0,0 +1,33 @@ +{ config, ... }: + +let + ports = import ../Cloud/Ports.nix; + domain = "headscale.simatime.com"; +in { + services.headscale = { + enable = true; + address = "0.0.0.0"; + port = ports.headscale; + settings = {}; + }; + + services.nginx.virtualHosts.${domain} = { + forceSSL = true; + enableAcme = true; + locations."/" = { + proxyPass = "http://localhost:${toString ports.headscale}"; + proxyWebsockets = true; + }; + }; + + environment.systemPackages = [ config.services.headscale.package ]; + + services.tailscale.enable = true; + + networking.firewall = { + checkReversePath = "loose"; + trustedInterfaces = [ "tailscale0" ]; + allowedUDPPorts = [ config.services.tailscale.port ]; + }; + +} |