fix(nix/tailscale): Fix incorrect Tailscale ACL config type

This commit is contained in:
Vincent Ambo 2020-02-11 21:00:50 +00:00
parent 675fed2dca
commit b4c0292753
2 changed files with 24 additions and 11 deletions

View file

@ -9,11 +9,22 @@ with pkgs.nix.yants;
let
inherit (builtins) toFile toJSON;
entry = struct "aclEntry" {
acl = struct "acl" {
Action = enum [ "accept" "reject" ];
Users = list string;
Ports = list string;
};
acl = list entry;
in entries: toFile "tailscale-acl.json" (toJSON (acl entries))
acls = list entry;
aclConfig = struct "aclConfig" {
# Static group mappings from group names to lists of users
Groups = option (attrs (list string));
# Hostname aliases to use in place of IPs
Hosts = option (attrs string);
# Actual ACL entries
ACLs = list acl;
};
in config: toFile "tailscale-acl.json" (toJSON (aclConfig config))

View file

@ -109,7 +109,8 @@ in pkgs.lib.fix(self: {
enable = true;
relayConf = "/etc/tailscale.conf";
package = pkgs.third_party.tailscale;
aclFile = pkgs.nix.tailscale [
aclFile = pkgs.nix.tailscale {
ACLs = [
# Allow any traffic from myself
{
Action = "accept";
@ -117,6 +118,7 @@ in pkgs.lib.fix(self: {
Ports = [ "*:*" ];
}
];
} ;
};
# serve my website