-
Notifications
You must be signed in to change notification settings - Fork 4
/
flake.nix
124 lines (115 loc) · 4.58 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
{
description = "tailscale-manager";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
flake-utils.url = "github:numtide/flake-utils";
nix-github-actions.url = "github:nix-community/nix-github-actions";
nix-github-actions.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = { self, nixpkgs, flake-utils, nix-github-actions }:
{
githubActions = nix-github-actions.lib.mkGithubMatrix {
checks = nixpkgs.lib.getAttrs [ "x86_64-linux" ] self.checks;
};
} // flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
haskellPackages = pkgs.haskellPackages;
jailbreakUnbreak = pkg:
pkgs.haskell.lib.doJailbreak (pkg.overrideAttrs (_: { meta = { }; }));
packageName = "tailscale-manager";
in {
packages.${packageName} = (
haskellPackages.callCabal2nix packageName self rec {
# Dependency overrides go here
}).overrideAttrs (x: {
outputs = x.outputs ++ ["testreport"];
preCheck = ''
checkFlagsArray+=("--test-options=--xml=$testreport/junit.xml")
'';
});
packages.default = self.packages.${system}.${packageName};
checks.tailscale-manager = self.packages.${system}.tailscale-manager;
devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [
haskellPackages.haskell-language-server # you must build it with your ghc to work
ghcid
cabal-install
];
inputsFrom = map (__getAttr "env") (__attrValues self.packages.${system});
};
nixosModules.default = self.nixosModules.${system}.tailscale-manager;
nixosModules.tailscale-manager = { config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.tailscale-manager;
configFile = pkgs.writeTextFile {
name = "tailscale-manager.json";
text = generators.toJSON {} {
routes = cfg.routes;
hostRoutes = cfg.hostRoutes;
extraArgs = cfg.extraArgs;
awsManagedPrefixLists = cfg.awsManagedPrefixLists;
};
};
in {
options.services.tailscale-manager = {
enable = mkEnableOption "tailscale-manager";
package = mkPackageOption self.packages.${system} "tailscale-manager" {};
interval = mkOption {
type = types.int;
default = 300;
description = "Interval between runs, in seconds";
};
routes = mkOption {
type = types.listOf types.str;
default = [];
description = "List of CIDR prefix routes to advertise";
};
hostRoutes = mkOption {
type = types.listOf types.str;
default = [];
description = "List of hostnames and IP addresses to add as /32 routes";
};
awsManagedPrefixLists = mkOption {
type = types.listOf types.str;
default = [];
description = "AWS prefix list IDs for route discovery";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
description = "Extra arguments for `tailscale set`";
};
dryRun = mkOption {
type = types.bool;
default = false;
description = "Enable dry-run mode, don't actually apply changes.";
};
maxShrinkRatio = mkOption {
type = types.float;
default = 0.5;
description = "How much route shrinkage is allowed between subsequent runs (between 0 and 1)";
};
};
config = mkIf cfg.enable {
systemd.services.tailscale-manager = {
after = ["tailscaled.service"];
wants = ["tailscaled.service"];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "exec";
Restart = "on-failure";
ExecStart = lib.escapeShellArgs (
[ "${cfg.package}/bin/tailscale-manager" configFile
"--tailscale=${config.services.tailscale.package}/bin/tailscale"
"--interval=${toString cfg.interval}"
"--max-shrink-ratio=${toString cfg.maxShrinkRatio}"
] ++ lib.optional cfg.dryRun "--dryrun"
);
};
};
};
};
});
}