Add dns utils, initial setup for headscale for beefcake

2024-03-13 09:31:07 -05:00 · 2024-03-13 09:31:07 -05:00 · 884bc9f277
commit 884bc9f277
parent 6c82be899e
2 changed files with 29 additions and 0 deletions
--- a/modules/nixos/troubleshooting-tools.nix
+++ b/modules/nixos/troubleshooting-tools.nix
@ -3,5 +3,7 @@
    pciutils
    usbutils
    nmap
+    dogdns
+    dnsutils
  ];
 }
--- a/nixos/beefcake.nix
+++ b/nixos/beefcake.nix
@ -381,6 +381,10 @@ in {
        reverse_proxy :${toString config.services.nix-serve.port}
      }

+      vpn.h.lyte.dev {
+        reverse_proxy ${toString config.services.headscale.settings.tls_letsencrypt_listen}
+      }
+
      # proxy everything else to chromebox
      :80 {
        reverse_proxy 10.0.0.5:80
@ -892,5 +896,28 @@ in {
    listen = ["irc+insecure://:6667"];
  };

+  services.headscale = {
+    enable = true;
+    address = "0.0.0.0";
+    port = 7777;
+    settings = {
+      db_type = "sqlite3";
+      db_path = "/var/lib/headscale/db.sqlite";
+      dns_config = {
+        base_domain = "vpn.h.lyte.dev";
+        domains = [
+          # "vpn.h.lyte.dev"
+        ];
+        nameservers = [
+          "1.1.1.1"
+          # "192.168.0.1"
+        ];
+        override_local_dns = false;
+      };
+      tls_letsencrypt_hostname = "vpn.h.lyte.dev";
+      tls_letsencrypt_listen = ":7778";
+    };
+  };
+
  system.stateVersion = "22.05";
 }