imxyy1soope1/nixos-dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Activity

chore(server): drop headscale

Browse Source
This commit is contained in:
imxyy_soope_
2025-09-05 19:39:45 +08:00
parent 57cc21a1cd
commit a6006d362d
1 changed files with 0 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
config/hosts/imxyy-nix-server/net.nix
View File

@@ -208,20 +208,6 @@
localPort = 443;
customDomains = [ "oidc.imxyy.top" ];
}
{
name = "headscale-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "headscale.imxyy.top" ];
}
{
name = "headscale-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "headscale.imxyy.top" ];
}
{
name = "mail-http";
@@ -441,45 +427,6 @@
};
};
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
extraSetFlags = [ "--accept-dns=false" ];
};
services.headscale = {
enable = true;
address = "0.0.0.0";
port = 8080;
settings = {
logtail.enabled = false;
server_url = "https://headscale.imxyy.top";
dns.magic_dns = false;
dns.override_local_dns = false;
ip_prefixes = "100.64.0.0/10";
oidc = {
only_start_if_oidc_is_available = true;
issuer = "https://oidc.imxyy.top";
client_id = "https://headscale.imxyy.top";
allowed_domains = [
"imxyy.top"
"*.imxyy.top"
];
client_secret = "";
expiry = 0;
extra_params.domain_hint = "imxyy.top";
};
};
};
systemd.services."headscale" = {
after = [
"podman-obligator.service"
];
requires = [
"podman-obligator.service"
];
};
sops.secrets.et-imxyy-nix-server = {
sopsFile = secrets.et-imxyy-nix-server;
format = "binary";
@@ -518,13 +465,6 @@
"1616"
];
};
services.caddy.virtualHosts."headscale.imxyy.top" = {
extraConfig = ''
reverse_proxy :8080 {
header_up X-Real-IP {remote_host}
}
'';
};
services.caddy.virtualHosts."oidc.imxyy.top" = {
extraConfig = ''
reverse_proxy :8081 {
@@ -573,7 +513,6 @@
"git"
"vault"
"coder"
"headscale"
"grafana"
"matrix"
"note"