albert/nix
albert/nix
1
0
Fork 0
Code Issues Pull requests Activity Actions

Test

Browse source
This commit is contained in:
iFargle 2023-09-18 20:32:52 +09:00
parent 60aa664d26
commit 782414f1ce
3 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
nixos/hosts/nixos-rpi4-01/default.nix
View file

@ -36,7 +36,7 @@
# Generic Tailscale configs are in /nixos/common/services/tailscale.nix # Generic Tailscale configs are in /nixos/common/services/tailscale.nix
# Set up the secrets file: # Set up the secrets file:
sops.secrets.nixos-rpi4-01_tailscale_key = { sops.secrets.tailscale.nixos-rpi4-01 = {
owner = "root"; owner = "root";
sopsFile = ../../../secrets/tailscale.yaml; sopsFile = ../../../secrets/tailscale.yaml;
restartUnits = [ restartUnits = [
@ -44,10 +44,10 @@
"tailscaled-autoconnect.service" "tailscaled-autoconnect.service"
]; ];
}; };
services.tailscale.authKeyFile = "/run/secrets/nixos-rpi4-01_tailscale_key"; services.tailscale.authKeyFile = "/run/secrets/tailscale/nixos-rpi4-01";
services.tailscale.extraUpFlags = [ "--advertise-exit-node" ]; services.tailscale.extraUpFlags = [ "--advertise-exit-node" ];
boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; }; boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; };
# Temporary # Temporary
# networking.firewall.allowedTCPPorts = [ 22 ]; networking.firewall.allowedTCPPorts = [ 22 ];
} }

4
nixos/hosts/nixos-rpi4-02/default.nix
View file

@ -36,7 +36,7 @@
# Generic Tailscale configs are in /nixos/common/services/tailscale.nix # Generic Tailscale configs are in /nixos/common/services/tailscale.nix
# Set up the secrets file: # Set up the secrets file:
sops.secrets.nixos-rpi4-01_tailscale_key = { sops.secrets.tailscale.nixos-rpi4-02 = {
owner = "root"; owner = "root";
sopsFile = ../../../secrets/tailscale.yaml; sopsFile = ../../../secrets/tailscale.yaml;
restartUnits = [ restartUnits = [
@ -44,7 +44,7 @@
"tailscaled-autoconnect.service" "tailscaled-autoconnect.service"
]; ];
}; };
services.tailscale.authKeyFile = "/run/secrets/nixos-rpi4-02_tailscale_key"; services.tailscale.authKeyFile = "/run/secrets/tailscale/nixos-rpi4-02";
services.tailscale.extraUpFlags = [ "--advertise-exit-node" ]; services.tailscale.extraUpFlags = [ "--advertise-exit-node" ];
boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; }; boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; };

4
nixos/hosts/nixos-rpi4-03/default.nix
View file

@ -36,7 +36,7 @@
# Generic Tailscale configs are in /nixos/common/services/tailscale.nix # Generic Tailscale configs are in /nixos/common/services/tailscale.nix
# Set up the secrets file: # Set up the secrets file:
sops.secrets.nixos-rpi4-01_tailscale_key = { sops.secrets.tailscale.nixos-rpi4-03 = {
owner = "root"; owner = "root";
sopsFile = ../../../secrets/tailscale.yaml; sopsFile = ../../../secrets/tailscale.yaml;
restartUnits = [ restartUnits = [
@ -44,7 +44,7 @@
"tailscaled-autoconnect.service" "tailscaled-autoconnect.service"
]; ];
}; };
services.tailscale.authKeyFile = "/run/secrets/nixos-rpi4-03_tailscale_key"; services.tailscale.authKeyFile = "/run/secrets/tailscale/nixos-rpi4-03";
services.tailscale.extraUpFlags = [ "--advertise-exit-node" ]; services.tailscale.extraUpFlags = [ "--advertise-exit-node" ];
boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; }; boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; };