diff --git a/hosts/nixos/bolle/configuration.nix b/hosts/nixos/bolle/configuration.nix index db03bca..46cf434 100644 --- a/hosts/nixos/bolle/configuration.nix +++ b/hosts/nixos/bolle/configuration.nix @@ -28,10 +28,10 @@ ../../../profiles/shell.nix - ../../../profiles/domeneshop-dyndns.nix + # ../../../profiles/domeneshop-dyndns.nix ../../../profiles/known-hosts ]; - services.domeneshop-updater.targets = [ config.networking.fqdn ]; + # services.domeneshop-updater.targets = [ config.networking.fqdn ]; # Networking networking.networkmanager.enable = true; diff --git a/hosts/nixos/eple/configuration.nix b/hosts/nixos/eple/configuration.nix index c0b6ef5..52e5bbc 100644 --- a/hosts/nixos/eple/configuration.nix +++ b/hosts/nixos/eple/configuration.nix @@ -32,10 +32,10 @@ ../../../profiles/shell.nix - ../../../profiles/domeneshop-dyndns.nix + # ../../../profiles/domeneshop-dyndns.nix ../../../profiles/known-hosts ]; - services.domeneshop-updater.targets = [ config.networking.fqdn ]; + # services.domeneshop-updater.targets = [ config.networking.fqdn ]; networking.hostId = "43c43ded"; # needed for zfs: head -c 8 /etc/machine-id diff --git a/profiles/vpn-pbsds/tailscale.nix b/profiles/vpn-pbsds/tailscale.nix index 213c20d..22bbce4 100644 --- a/profiles/vpn-pbsds/tailscale.nix +++ b/profiles/vpn-pbsds/tailscale.nix @@ -1,10 +1,14 @@ -{ config, pkgs, lib, ...}: +{ config, lib, ...}: # THIS IS NOT USED # see tailscale-{inner,outer}.nix instead let cfg = config.services.tailscale; + ifPbsds = lib.mkIf ( + config.services.desktopManager.gnome.enable + && (config.users.users ? "pbsds" && config.users.users."pbsds".enable) + ); in lib.mkIf (!config.virtualisation.isVmVariant) @@ -15,25 +19,8 @@ lib.mkIf (!config.virtualisation.isVmVariant) networking.firewall.trustedInterfaces = [ cfg.interfaceName ]; networking.firewall.allowedUDPPorts = [ cfg.port ]; - /** / - systemd.services."tailscale-autoconnect" = lib.mkIf cfg.enable { - serviceConfig.Type = "oneshot"; - after = [ "network-pre.target" "tailscale.service" ]; - wants = [ "network-pre.target" "tailscale.service" ]; - wantedBy = [ "tailscale.service" ]; - script = '' - sleep 60 # Wait for tailscaled to settle - - status="$(${lib.getExe cfg.package} status -json | ${lib.getExe pkgs.jq} -r .BackendState)" - if [ $status = "Running" ]; then - exit 0 # already authenticated - fi - - #${lib.getExe cfg.package} up -authkey tskey-examplekeyhere - ''; - }; - /**/ - + services.tailscale.extraSetFlags = ifPbsds [ "--operator=pbsds" ]; + services.tailscale.extraUpFlags = ifPbsds [ "--operator=pbsds" ]; # remote sudo nixos-rebuild switch --flake . -L # remote-quick sudo tailscale up --login-server 'https://head.pbsds.net'