nix-config/hosts/vps/modules/services/tailscale.nix at fec6c214983f245bed2d21f807899cd110f313a8 - lightly-toasted/nix-config - Forgejo: Beyond coding. We Forge.

lightly-toasted/nix-config

mirror of https://github.com/lightly-toasted/nix-config.git synced 2025-12-10 07:59:43 +00:00

lightly-toasted 89d86413dd feat(vps): enable Tailscale SSH

- Remove port 22 from firewall
- Add --ssh to tailscale up flags

2025-11-18 16:12:17 +09:00

13 lines

278 B

Nix

Raw Blame History

 { config, pkgs, ... }:
 {
   sops.secrets."tailscale/authkey" = { };
   services.tailscale = {
     enable = true;
     authKeyFile = config.sops.secrets."tailscale/authkey".path;
     useRoutingFeatures = "both";
     permitCertUid = "caddy";
     extraUpFlags = [ "--ssh" ];
   };
 }