Commit e0c75f3
Changed files (4)
modules
hosts
modules/hosts/kevin/default.nix
@@ -16,6 +16,8 @@ in {
usage = "laptop";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOO9CyAqGo/WbJkncrt1a9jxS1E+hd550SC4A08I/l0/ root@kevin";
hashedPasswordAged = ./hashed-password.age;
+ tailscaleIpv4 = "100.64.0.1";
+ tailscaleIpv6 = "fd7a:115c:a1e0::1";
users.hpcesia.classes = ["homeManager"];
instantiate = {modules}:
inputs.nixpkgs.lib.nixosSystem {
modules/hosts/pardofelis/networking/ssh.nix
@@ -16,9 +16,20 @@
};
homeManager = {osConfig, ...}: {
- programs.ssh.extraConfig = ''
+ programs.ssh.extraConfig = let
+ meta = den.hosts.x86_64-linux.pardofelis;
+ port = lib.elemAt meta.sshPorts 0;
+ in ''
+ ${
+ if (osConfig.services.tailscale.enable)
+ then ''
+ Match Host pardofelis exec "nc -z -w 1 ${meta.tailscaleIpv4} ${toString port} 2>/dev/null"
+ HostName ${meta.tailscaleIpv4}
+ ''
+ else ""
+ }
Host pardofelis
- Port ${toString (lib.elemAt den.hosts.x86_64-linux.pardofelis.sshPorts 0)}
+ Port ${toString port}
Include ${osConfig.vaultix.templates."ssh-host-pardofelis".path}
'';
};
modules/hosts/pardofelis/default.nix
@@ -3,7 +3,7 @@
config,
den,
...
-}: let
+}: let
inherit (den.lib) __findFile;
in {
#############################################################
@@ -18,6 +18,8 @@ in {
hashedPasswordAged = ./hashed-password.age;
sshPorts = [23930];
authorizedKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFMKaGC2I3an4AJDeWzVx5vhm63+kxi6zJNdh7yEp6CK hpcesia@kevin"];
+ tailscaleIpv4 = "100.64.0.4";
+ tailscaleIpv6 = "fd7a:115c:a1e0::4";
users.hpcesia = {};
instantiate = {modules}:
inputs.nixpkgs.lib.nixosSystem {
modules/hosts/schema.nix
@@ -31,5 +31,15 @@
description = "List of authorized keys for host root user.";
default = [];
};
+ options.tailscaleIpv4 = lib.mkOption {
+ type = lib.types.nullOr lib.types.str;
+ description = "Tailscale IPv4 address of this host";
+ default = null;
+ };
+ options.tailscaleIpv6 = lib.mkOption {
+ type = lib.types.nullOr lib.types.str;
+ description = "Tailscale IPv6 address of this host";
+ default = null;
+ };
};
}