fix(nix/tailscale): Fix incorrect Tailscale ACL config type

This commit is contained in:
Vincent Ambo 2020-02-11 21:00:50 +00:00
parent 675fed2dca
commit b4c0292753
2 changed files with 24 additions and 11 deletions

View file

@ -9,11 +9,22 @@ with pkgs.nix.yants;
let let
inherit (builtins) toFile toJSON; inherit (builtins) toFile toJSON;
entry = struct "aclEntry" { acl = struct "acl" {
Action = enum [ "accept" "reject" ]; Action = enum [ "accept" "reject" ];
Users = list string; Users = list string;
Ports = list string; Ports = list string;
}; };
acl = list entry; acls = list entry;
in entries: toFile "tailscale-acl.json" (toJSON (acl entries))
aclConfig = struct "aclConfig" {
# Static group mappings from group names to lists of users
Groups = option (attrs (list string));
# Hostname aliases to use in place of IPs
Hosts = option (attrs string);
# Actual ACL entries
ACLs = list acl;
};
in config: toFile "tailscale-acl.json" (toJSON (aclConfig config))

View file

@ -109,7 +109,8 @@ in pkgs.lib.fix(self: {
enable = true; enable = true;
relayConf = "/etc/tailscale.conf"; relayConf = "/etc/tailscale.conf";
package = pkgs.third_party.tailscale; package = pkgs.third_party.tailscale;
aclFile = pkgs.nix.tailscale [ aclFile = pkgs.nix.tailscale {
ACLs = [
# Allow any traffic from myself # Allow any traffic from myself
{ {
Action = "accept"; Action = "accept";
@ -118,6 +119,7 @@ in pkgs.lib.fix(self: {
} }
]; ];
} ; } ;
};
# serve my website # serve my website
services.nginx = { services.nginx = {