diff options
author | Kyungrok Chung <acadx0@gmail.com> | 2024-05-11 02:59:25 +0900 |
---|---|---|
committer | Kyungrok Chung <acadx0@gmail.com> | 2024-05-11 03:01:54 +0900 |
commit | 81a58be20b4634615d17df3466ba65714a24d626 (patch) | |
tree | 16204a58afee6659a449610d44b74f8dc07199aa /nixos/modules | |
parent | 10f8019470297b3a5d95d0bc81ecc32c8bb5e438 (diff) |
nixos/tailscale: add extraSetFlags to configure daemon
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/networking/tailscale.nix | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/tailscale.nix b/nixos/modules/services/networking/tailscale.nix index a79e47d8491b8..a690dc610e825 100644 --- a/nixos/modules/services/networking/tailscale.nix +++ b/nixos/modules/services/networking/tailscale.nix @@ -61,12 +61,21 @@ in { }; extraUpFlags = mkOption { - description = "Extra flags to pass to {command}`tailscale up`."; + description = '' + Extra flags to pass to {command}`tailscale up`. Only applied if `authKeyFile` is specified."; + ''; type = types.listOf types.str; default = []; example = ["--ssh"]; }; + extraSetFlags = mkOption { + description = "Extra flags to pass to {command}`tailscale set`."; + type = types.listOf types.str; + default = []; + example = ["--advertise-exit-node"]; + }; + extraDaemonFlags = mkOption { description = "Extra flags to pass to {command}`tailscaled`."; type = types.listOf types.str; @@ -120,6 +129,18 @@ in { ''; }; + systemd.services.tailscaled-set = mkIf (cfg.extraSetFlags != []) { + after = ["tailscaled.service"]; + wants = ["tailscaled.service"]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "oneshot"; + }; + script = '' + ${cfg.package}/bin/tailscale set ${escapeShellArgs cfg.extraSetFlags} + ''; + }; + boot.kernel.sysctl = mkIf (cfg.useRoutingFeatures == "server" || cfg.useRoutingFeatures == "both") { "net.ipv4.conf.all.forwarding" = mkOverride 97 true; "net.ipv6.conf.all.forwarding" = mkOverride 97 true; |