new tailscale api

2026-05-02 19:17:07 +02:00 · 2026-05-02 19:17:07 +02:00 · 00f335023b
commit 00f335023b
parent 0b1cfdf457
6 changed files with 3191 additions and 81 deletions
--- a/modules/nixos/tailscale/default.nix
+++ b/modules/nixos/tailscale/default.nix
@ -1,11 +1,27 @@
-{ inputs, ... }:
+{ inputs, config, ... }:

 {
  imports = [ inputs.synix.nixosModules.tailscale ];

  services.tailscale = {
    enable = true;
-    enableSSH = true;
-    loginServer = "https://hs.sid.ovh";
+    tailnets = {
+      personal = {
+        default = true;
+        loginServer = "https://hs.sid.ovh";
+        authKeyFile = config.sops.secrets."tailscale/personal-key".path;
+        enableSSH = true;
+        acceptDNS = false; # use coredns
+      };
+      work = {
+        loginServer = "https://headscale.cryodev.xyz";
+        enableSSH = true;
+        acceptDNS = true;
+        authKeyFile = config.sops.secrets."tailscale/work-key".path;
+      };
+    };
  };
+
+  sops.secrets."tailscale/personal-key" = { };
+  sops.secrets."tailscale/work-key" = { };
 }