moved headscale to lambda

2025-03-27 06:10:53 +01:00 · 2023-05-16 19:42:38 +02:00 · 2023-05-16 19:42:38 +02:00 · faccadff36
commit faccadff36
parent 7038055d60
1 changed files with 40 additions and 0 deletions
--- a/machines/lambda/default.nix
+++ b/machines/lambda/default.nix
@ -147,6 +147,46 @@ VfXtULncAiEA2gmqdr+ugFz5tvPdKwanroTiMTUMhhCRYVlQlyTApyQ=
  ];


+  services.headscale = {
+    logLevel = "debug";
+    enable = true;
+    address = "127.0.0.1";
+    settings = {
+      dns_config = {
+        override_local_dns = false;
+        magic_dns = false;
+        nameservers = [
+          "1.1.1.1"
+        ];
+        #domains = [ "kms" "julienmalka.me" "luj" ];
+        restricted_nameservers = {
+          "kms" = [ "100.100.45.5" ];
+          "julienmalka.me" = [ "100.100.45.5" ];
+          "luj" = [ "100.100.45.5" ];
+          "saumon" = [ "100.100.45.5" ];
+        };
+      };
+      server_url = "https://vpn.saumon.network";
+      ip_prefixes = [
+        "100.100.45.0/24"
+        "fd7a:115c:a1e0::/48"
+      ];
+    };
+  };
+
+  services.nginx.virtualHosts = {
+    "vpn.saumon.network" = {
+      forceSSL = true;
+      enableACME = true;
+      locations = {
+        "/" = {
+          proxyPass = "http://localhost:${toString config.services.headscale.port}";
+          proxyWebsockets = true;
+        };
+      };
+    };
+  };
+
  services.openssh = {
    enable = true;
    ports = [ 45 ];