35 lines
783 B
Nix
35 lines
783 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
outputs,
|
|
constants,
|
|
...
|
|
}:
|
|
|
|
{
|
|
imports = [
|
|
outputs.nixosModules.headplane
|
|
];
|
|
|
|
services.headplane = {
|
|
enable = true;
|
|
port = constants.services.headplane.port;
|
|
headscale = {
|
|
url = "http://127.0.0.1:${toString constants.services.headscale.port}";
|
|
public_url = "https://${constants.services.headscale.fqdn}";
|
|
};
|
|
# Secrets for headplane need to be configured via sops
|
|
sops.secrets = {
|
|
"headplane/cookie_secret" = { };
|
|
"headplane/agent_pre_authkey" = { };
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."${constants.services.headplane.fqdn}" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString constants.services.headplane.port}";
|
|
};
|
|
};
|
|
}
|