style: reformat with nixfmt-rfc-style

This commit is contained in:
Felix Schröter 2024-05-26 16:45:38 +02:00
parent 5ad8bc1d56
commit 1c5d83d81e
Signed by: felschr
GPG key ID: 671E39E6744C807D
99 changed files with 2247 additions and 1334 deletions
system

View file

@ -1,11 +1,17 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.services.tailscale;
tailscaleInterface = cfg.interfaceName;
inherit (config.networking) hostName;
tailnetHost = "${hostName}.tail05275.ts.net";
in {
in
{
networking.wireguard.enable = true;
networking.firewall.trustedInterfaces = [ tailscaleInterface ];
@ -22,8 +28,7 @@ in {
];
};
systemd.services.tailscaled.serviceConfig.Environment =
[ "TS_DEBUG_FIREWALL_MODE=auto" ];
systemd.services.tailscaled.serviceConfig.Environment = [ "TS_DEBUG_FIREWALL_MODE=auto" ];
# call taiscale up without --auth-key
systemd.services.tailscaled-autoconnect = lib.mkIf (cfg.authKeyFile == null) {
@ -31,19 +36,21 @@ in {
wants = [ "tailscaled.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "oneshot";
script = ''
status=$(${config.systemd.package}/bin/systemctl show -P StatusText tailscaled.service)
if [[ $status != Connected* ]]; then
${cfg.package}/bin/tailscale up
fi
script =
''
status=$(${config.systemd.package}/bin/systemctl show -P StatusText tailscaled.service)
if [[ $status != Connected* ]]; then
${cfg.package}/bin/tailscale up
fi
# some options cannot be set immediately
${cfg.package}/bin/tailscale up ${lib.escapeShellArgs cfg.extraUpFlags}
# some options cannot be set immediately
${cfg.package}/bin/tailscale up ${lib.escapeShellArgs cfg.extraUpFlags}
${cfg.package}/bin/tailscale cert ${tailnetHost}
'' + lib.optionalString config.services.nginx.enable ''
chown nginx:nginx /var/lib/tailscale/certs/${tailnetHost}.{key,crt}
'';
${cfg.package}/bin/tailscale cert ${tailnetHost}
''
+ lib.optionalString config.services.nginx.enable ''
chown nginx:nginx /var/lib/tailscale/certs/${tailnetHost}.{key,crt}
'';
};
services.nginx.virtualHosts.${tailnetHost} = {