From 1765b800444405027b9db06c854c488a6d6dd297 Mon Sep 17 00:00:00 2001
From: iFargle <albert@sysctl.io>
Date: Fri, 1 Dec 2023 17:56:08 +0900
Subject: [PATCH] Add tailscale to nixos-server

---
 nixos/hosts/framework-server/default.nix | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/nixos/hosts/framework-server/default.nix b/nixos/hosts/framework-server/default.nix
index d288a148..0acb1bd0 100644
--- a/nixos/hosts/framework-server/default.nix
+++ b/nixos/hosts/framework-server/default.nix
@@ -4,7 +4,6 @@
     inputs.nixos-hardware.nixosModules.framework-13th-gen-intel
     (modulesPath + "/installer/scan/not-detected.nix")
     ./disks.nix
-    # ../../common/modules/boot.nix
     ../../common/modules/secureboot.nix
     ../../common/services/fwupd.nix
     ./builder.nix
@@ -31,4 +30,16 @@
   # Set the networking hostname:
   networking.hostName = "framework-server";
   networking.firewall.allowedTCPPorts = [ 22 ];
+
+  # Generic Tailscale configs are in /nixos/common/services/tailscale.nix
+  # Set up the secrets file:
+  sops.secrets."tailscale_keys/framework-server" = {
+    owner = "root";
+    sopsFile = ../../../secrets/tailscale.yaml;
+    restartUnits = [
+      "tailscaled.service"
+      "tailscaled-autoconnect.service"
+    ];
+  };
+  services.tailscale.authKeyFile = "/run/secrets/tailscale_keys/framework-server";
 }
\ No newline at end of file