This commit is contained in:
albert 2024-03-25 12:41:07 +09:00
parent 91bda7ab1c
commit faa4f9a41e
No known key found for this signature in database
GPG key ID: 64F6C4EB46C4543A
3 changed files with 17 additions and 14 deletions

View file

@ -8,17 +8,18 @@
../common/services/promtail.nix
../common/services/telegraf.nix
../common/services/tailscale.nix
../common/services/openssh.nix
];
# Generic Tailscale configs are in /nixos/common/services/tailscale.nix
# Set up the secrets file:
# sops.secrets."tailscale_key" = {
# owner = "root";
# sopsFile = ../../secrets/containers/${hostname}.yaml;
# restartUnits = [
# "tailscaled.service"
# "tailscaled-autoconnect.service"
# ];
# };
# services.tailscale.authKeyFile = "/run/secrets/tailscale_key";
sops.secrets."tailscale_key" = {
owner = "root";
sopsFile = ../../secrets/containers/${hostname}.yaml;
restartUnits = [
"tailscaled.service"
"tailscaled-autoconnect.service"
];
};
services.tailscale.authKeyFile = "/run/secrets/tailscale_key";
networking.hostName = "${hostname}";
}

View file

@ -1,7 +1,7 @@
{
"/etc/ssh" = {
hostPath = "/etc/ssh";
mountPath = "/etc/ssh";
mountPoint = "/etc/ssh";
isReadOnly = true;
};
}

View file

@ -1,5 +1,7 @@
"/etc/nixos/git" = {
{
"/etc/nixos/git" = {
hostPath = "/etc/nixos/git";
mountPoint = "/etc/nixos/git";
isReadOnly = false;
};
}