new tailscale api

2026-05-02 19:05:53 +02:00 · 2026-05-02 19:05:53 +02:00 · 8e3a2a703f
commit 8e3a2a703f
parent bc6ba27415
2 changed files with 38 additions and 23 deletions
--- a/modules/nixos/tailscale/default.nix
+++ b/modules/nixos/tailscale/default.nix
@ -1,12 +1,27 @@
-{ inputs, ... }:
+{ inputs, config, ... }:

 {
  imports = [ inputs.synix.nixosModules.tailscale ];

  services.tailscale = {
    enable = true;
-    enableSSH = true;
-    acceptDNS = false; # use coredns
-    loginServer = "https://hs.sid.ovh";
+    tailnets = {
+      personal = {
+        default = true;
+        loginServer = "https://hs.sid.ovh";
+        authKeyFile = config.sops.secrets."tailscale/personal-key".path;
+        enableSSH = true;
+        acceptDNS = false; # use coredns
+      };
+      work = {
+        loginServer = "https://headscale.cryodev.xyz";
+        enableSSH = true;
+        acceptDNS = true;
+        authKeyFile = config.sops.secrets."tailscale/work-key".path;
+      };
+    };
  };
+
+  sops.secrets."tailscale/personal-key" = { };
+  sops.secrets."tailscale/work-key" = { };
 }