fix(nix/tailscale): Fix incorrect Tailscale ACL config type
This commit is contained in:
parent
675fed2dca
commit
b4c0292753
2 changed files with 24 additions and 11 deletions
|
@ -9,11 +9,22 @@ with pkgs.nix.yants;
|
||||||
let
|
let
|
||||||
inherit (builtins) toFile toJSON;
|
inherit (builtins) toFile toJSON;
|
||||||
|
|
||||||
entry = struct "aclEntry" {
|
acl = struct "acl" {
|
||||||
Action = enum [ "accept" "reject" ];
|
Action = enum [ "accept" "reject" ];
|
||||||
Users = list string;
|
Users = list string;
|
||||||
Ports = list string;
|
Ports = list string;
|
||||||
};
|
};
|
||||||
|
|
||||||
acl = list entry;
|
acls = list entry;
|
||||||
in entries: toFile "tailscale-acl.json" (toJSON (acl entries))
|
|
||||||
|
aclConfig = struct "aclConfig" {
|
||||||
|
# Static group mappings from group names to lists of users
|
||||||
|
Groups = option (attrs (list string));
|
||||||
|
|
||||||
|
# Hostname aliases to use in place of IPs
|
||||||
|
Hosts = option (attrs string);
|
||||||
|
|
||||||
|
# Actual ACL entries
|
||||||
|
ACLs = list acl;
|
||||||
|
};
|
||||||
|
in config: toFile "tailscale-acl.json" (toJSON (aclConfig config))
|
||||||
|
|
|
@ -109,7 +109,8 @@ in pkgs.lib.fix(self: {
|
||||||
enable = true;
|
enable = true;
|
||||||
relayConf = "/etc/tailscale.conf";
|
relayConf = "/etc/tailscale.conf";
|
||||||
package = pkgs.third_party.tailscale;
|
package = pkgs.third_party.tailscale;
|
||||||
aclFile = pkgs.nix.tailscale [
|
aclFile = pkgs.nix.tailscale {
|
||||||
|
ACLs = [
|
||||||
# Allow any traffic from myself
|
# Allow any traffic from myself
|
||||||
{
|
{
|
||||||
Action = "accept";
|
Action = "accept";
|
||||||
|
@ -118,6 +119,7 @@ in pkgs.lib.fix(self: {
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
} ;
|
} ;
|
||||||
|
};
|
||||||
|
|
||||||
# serve my website
|
# serve my website
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
|
|
Loading…
Reference in a new issue