diff options
| author | Alan Pearce | 2024-05-30 22:26:55 +0200 |
|---|---|---|
| committer | Alan Pearce | 2024-05-30 22:26:55 +0200 |
| commit | 0f0ecb667a367d3b650131c94a1a11712bda8104 (patch) | |
| tree | 249c79f1458c2339df5be279d1f1f469e5bd98ff /system | |
| parent | 384ebbbdf1da361e29785eed5af2afddaffe2f1e (diff) | |
| download | nixfiles-0f0ecb667a367d3b650131c94a1a11712bda8104.tar.lz nixfiles-0f0ecb667a367d3b650131c94a1a11712bda8104.tar.zst nixfiles-0f0ecb667a367d3b650131c94a1a11712bda8104.zip | |
linde: set up golink
Diffstat (limited to 'system')
| -rw-r--r-- | system/linde.nix | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/system/linde.nix b/system/linde.nix index a55abb06..00c71b49 100644 --- a/system/linde.nix +++ b/system/linde.nix @@ -38,6 +38,14 @@ in binarycache.file = ../secrets/binarycache.age; dex.file = ../secrets/dex.age; powerdns.file = ../secrets/powerdns.age; + golink = let golink = config.services.golink; in { + # hope this doesn't collide... + path = "${golink.dataDir}/.config/tsnet-golink/auth.key"; + owner = golink.user; + mode = "400"; + symlink = false; + file = ../secrets/golink.age; + }; }; # Use the systemd-boot EFI boot loader. @@ -269,6 +277,10 @@ in extraUpFlags = [ "--accept-routes" ]; useRoutingFeatures = "client"; }; + services.golink = { + enable = true; + tailscaleAuthKeyFile = config.age.secrets.golink.path; + }; services.journald.extraConfig = '' MaxRetentionSec=1 month |