2 files changed, 36 insertions(+), 0 deletions(-)

M roles/default.nix
A roles/tailscale.nix

@@ 14,6 14,7 @@
     ./nix.nix
     ./plasma.nix
     ./qutebrowser.nix
+    ./tailscale.nix
     ./zellij.nix
   ];
 }

@@ 0,0 1,35 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  cfg = config.roles.tailscale;
+in {
+  options.roles.tailscale = {
+    enable = lib.mkEnableOption "Tailscale";
+    authKeyFile = lib.mkOption {
+      type = lib.types.nullOr lib.types.path;
+      default = null;
+    };
+    interfaceName = lib.mkOption {
+      type = lib.types.str;
+      default = "tailscale0";
+    };
+    enableSSH = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.tailscale = {
+      enable = true;
+      authKeyFile = lib.mkIf (cfg.authKeyFile != null) cfg.authKeyFile;
+      extraUpFlags = lib.mkIf (cfg.enableSSH) ["--ssh"]; # TODO: Make modular for multiple possible flags
+      interfaceName = cfg.interfaceName;
+      openFirewall = false;
+      #port = 41641;
+      useRoutingFeatures = "none";
+    };
+  };
+}