diff options
| author | Alan Pearce | 2024-05-23 06:46:45 +0200 |
|---|---|---|
| committer | Alan Pearce | 2024-05-23 06:46:45 +0200 |
| commit | fb5b86f8a067f69b7db2298ab0fd4848750540e1 (patch) | |
| tree | 1c992289017b2755cdd87406f186999a0c7942ba | |
| parent | 417a1ce6481adfc713d8d0d6ad03e211a3d0eb22 (diff) | |
| download | nixfiles-fb5b86f8a067f69b7db2298ab0fd4848750540e1.tar.lz nixfiles-fb5b86f8a067f69b7db2298ab0fd4848750540e1.tar.zst nixfiles-fb5b86f8a067f69b7db2298ab0fd4848750540e1.zip | |
servers: set up tailscale
| -rw-r--r-- | flake.lock | 60 | ||||
| -rw-r--r-- | flake.nix | 1 | ||||
| -rw-r--r-- | system/linde.nix | 9 | ||||
| -rwxr-xr-x | system/nanopi.nix | 14 |
4 files changed, 24 insertions, 60 deletions
diff --git a/flake.lock b/flake.lock index a5a2d2b1..d9518c8e 100644 --- a/flake.lock +++ b/flake.lock @@ -45,27 +45,6 @@ "type": "github" } }, - "darwin_2": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1713946171, - "narHash": "sha256-lc75rgRQLdp4Dzogv5cfqOg6qYc5Rp83oedF2t0kDp8=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "230a197063de9287128e2c68a7a4b0cd7d0b50a7", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, "deploy-rs": { "inputs": { "flake-compat": "flake-compat", @@ -264,26 +243,6 @@ "type": "github" } }, - "nix-index-database": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1714878592, - "narHash": "sha256-E68C03sYRsYFsK7wiGHUIJm8IsyPRALOrFoTL0glXnI=", - "owner": "Mic92", - "repo": "nix-index-database", - "rev": "a362555e9dbd4ecff3bb98969bbdb8f79fe87f10", - "type": "github" - }, - "original": { - "owner": "Mic92", - "repo": "nix-index-database", - "type": "github" - } - }, "nixos-hardware": { "locked": { "lastModified": 1715148395, @@ -317,11 +276,11 @@ }, "nixpkgs-small": { "locked": { - "lastModified": 1715910673, - "narHash": "sha256-D7gtcOKMK0PFLrQHCndErNi2m5n6ddgtJdbQukL1QZE=", + "lastModified": 1716395399, + "narHash": "sha256-X+99WjSwbxQ7X+CTyqZQZqeqGe8nbfAFz+tgK2r3O/g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "22b25d36f84f5449e2799af1def209278ef75147", + "rev": "bc5dc89513caa16788f6379962e50383cf3f70b0", "type": "github" }, "original": { @@ -439,11 +398,9 @@ "root": { "inputs": { "agenix": "agenix", - "darwin": "darwin_2", "deploy-rs": "deploy-rs", "emacs-overlay": "emacs-overlay", "home-manager": "home-manager_2", - "nix-index-database": "nix-index-database", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", "nixpkgs-small": "nixpkgs-small", @@ -461,12 +418,13 @@ "simple-css": "simple-css" }, "locked": { - "dirtyRev": "bc1a7356d0afb63cd67f7c14c7e766354c7d7866-dirty", - "dirtyShortRev": "bc1a735-dirty", - "lastModified": 1716291713, - "narHash": "sha256-9v54VlDdaYDb4iPv+Zd4FW1mMN67f896ZMSt55glFWI=", + "lastModified": 1716222325, + "narHash": "sha256-JrQ6B5mfCvoLWvMIRpDHr140Hov+yYdhzyLxTqMrqUE=", + "ref": "refs/heads/main", + "rev": "202317df1dba891654bf749c3720fbd602df04ff", + "revCount": 182, "type": "git", - "url": "file:///Users/alan/projects/alanpearce.eu/searchix" + "url": "https://git.alanpearce.eu/searchix" }, "original": { "type": "git", diff --git a/flake.nix b/flake.nix index f0194dcc..7ff3da77 100644 --- a/flake.nix +++ b/flake.nix @@ -62,6 +62,7 @@ specialArgs = { inherit inputs; }; modules = [ agenix.nixosModules.default + nixos-hardware.nixosModules.friendlyarm-nanopi-r5s ./system/nanopi.nix ]; }; diff --git a/system/linde.nix b/system/linde.nix index 67859334..371211ce 100644 --- a/system/linde.nix +++ b/system/linde.nix @@ -223,6 +223,9 @@ in services.resolved.enable = false; systemd.network = { enable = true; + wait-online = { + extraArgs = [ "--interface" netif ]; + }; networks.${netif} = { name = netif; @@ -245,7 +248,11 @@ in }]; }; }; - services.tailscale.enable = true; + + services.tailscale = { + enable = true; + extraUpFlags = [ "--accept-routes" ]; + }; services.journald.extraConfig = '' MaxRetentionSec=1 month diff --git a/system/nanopi.nix b/system/nanopi.nix index 7e88effa..4da31b20 100755 --- a/system/nanopi.nix +++ b/system/nanopi.nix @@ -10,8 +10,6 @@ in { imports = [ ./nanopi-hardware.nix - <nixos-hardware/friendlyarm/nanopi-r5s> - <agenix/modules/age.nix> ]; age.secrets = { @@ -188,7 +186,11 @@ in }; services.resolved.enable = false; - services.tailscale.enable = true; + services.tailscale = { + enable = true; + extraUpFlags = [ "--advertise-routes=10.0.0.0/20,fd12:d04f:65d:42::/56" ]; + }; + programs.command-not-found.enable = false; @@ -206,7 +208,7 @@ in systemd.network = { enable = true; wait-online = { - ignoredInterfaces = [ "wan0" "wlan0" "wwan0" ]; + extraArgs = [ "--interface" "bridge0" ]; }; links = { "10-name-lan1" = { @@ -257,7 +259,6 @@ in bridge = [ "bridge0" ]; linkConfig = { MACAddress = "82:E0:06:9C:8E:7C"; - RequiredForOnline = "no"; }; networkConfig.LinkLocalAddressing = "no"; }; @@ -290,7 +291,6 @@ in }; "50-wwan0" = { matchConfig.Name = "wwan0"; - linkConfig.RequiredForOnline = false; networkConfig = { DHCP = "yes"; IPv6AcceptRA = true; @@ -323,7 +323,6 @@ in }; "50-wan" = { matchConfig.Name = "wan0"; - linkConfig.RequiredForOnline = "no"; networkConfig = { DHCP = "yes"; IPv6AcceptRA = true; @@ -368,7 +367,6 @@ in }; "60-wlan" = { matchConfig.MACAddress = "9c:53:22:33:bf:e9"; - linkConfig.RequiredForOnline = "no"; networkConfig = { DHCP = "yes"; IPForward = "yes"; |