elgit — nixfiles (0f0ecb667a367d3b650131c94a1a11712bda8104): system/linde.nix

linde: set up golink

Alan Pearce 1 year ago

commit

0f0ecb667a367d3b650131c94a1a11712bda8104

parent

384ebbbdf1da361e29785eed5af2afddaffe2f1e

1 file changed, 12 insertions(+), 0 deletions(-)

changed files

system/linde.nix

M system/linde.nix → system/linde.nix

@@ -38,6 +38,14 @@ acme.file = ../secrets/acme.age;
     binarycache.file = ../secrets/binarycache.age;
     dex.file = ../secrets/dex.age;
     powerdns.file = ../secrets/powerdns.age;
+    golink = let golink = config.services.golink; in {
+      # hope this doesn't collide...
+      path = "${golink.dataDir}/.config/tsnet-golink/auth.key";
+      owner = golink.user;
+      mode = "400";
+      symlink = false;
+      file = ../secrets/golink.age;
+    };
   };
 
   # Use the systemd-boot EFI boot loader.
@@ -268,6 +276,10 @@ services.tailscale = {
     enable = true;
     extraUpFlags = [ "--accept-routes" ];
     useRoutingFeatures = "client";
+  };
+  services.golink = {
+    enable = true;
+    tailscaleAuthKeyFile = config.age.secrets.golink.path;
   };
 
   services.journald.extraConfig = ''

all repos — nixfiles @ 0f0ecb667a367d3b650131c94a1a11712bda8104

System and user configuration, managed by nix and home-manager

linde: set up golink