5ba78886d2
- Add automatic SD image builds for Raspberry Pi via Forgejo Actions - Enable binfmt emulation on cryodev-main for aarch64 cross-builds - Add sd-image.nix module to cryodev-pi configuration - Create comprehensive docs/ structure with installation guides - Split installation docs into: first-install (server), reinstall, new-client (Pi) - Add lib/utils.nix and apps/rebuild from synix - Fix headplane module for new upstream API (tale/headplane) - Fix various module issues (mailserver stateVersion, option conflicts) - Add placeholder secrets.yaml files for both hosts - Remove old INSTRUCTIONS.md (content moved to docs/)
32 lines
737 B
Nix
32 lines
737 B
Nix
{
|
|
outputs,
|
|
constants,
|
|
...
|
|
}:
|
|
|
|
{
|
|
imports = [
|
|
outputs.nixosModules.headscale
|
|
];
|
|
|
|
services.headscale = {
|
|
enable = true;
|
|
address = "127.0.0.1";
|
|
port = constants.services.headscale.port;
|
|
settings = {
|
|
server_url = "https://${constants.services.headscale.fqdn}";
|
|
# dns.base_domain must be different from the server domain
|
|
# Using "tail" for internal Tailscale DNS (e.g., host.tail)
|
|
dns.base_domain = "tail";
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."${constants.services.headscale.fqdn}" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString constants.services.headscale.port}";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
}
|