nix-darwin/modules/services/tailscale.nix

{ config, lib, pkgs, ... }:

with lib;

let
  cfg = config.services.tailscale;

in
{
  options.services.tailscale = {
    domain = mkOption {
      type = types.str;
      default = "";
      description = "The Tailscale domain. This is displayed at the top left of https://login.tailscale.com/admin, next to the Tailscale logo.";
    };

    enable = mkEnableOption "Tailscale client daemon";

    package = mkOption {
      type = types.package;
      default = pkgs.tailscale;
      defaultText = literalExpression "pkgs.tailscale";
      description = "The package to use for tailscale";
    };

    magicDNS = {
      enable = mkEnableOption "Whether to configure networking to work with Tailscale's MagicDNS.";
    };
  };

  config = mkIf cfg.enable {
    environment.systemPackages = [ cfg.package ];

    launchd.daemons.tailscaled = {
      # derived from
      # https://github.com/tailscale/tailscale/blob/main/cmd/tailscaled/install_darwin.go#L30
      serviceConfig = {
        Label = "com.tailscale.tailscaled";
        ProgramArguments = [
          "/bin/sh" "-c"
          "/bin/wait4path ${cfg.package} &amp;&amp; ${cfg.package}/bin/tailscaled"
        ];
        RunAtLoad = true;
      };
    };

    networking = mkIf cfg.magicDNS.enable {
      dns = [ "100.100.100.100" ];
      search =
        if cfg.domain == "" then
          [ ]
        else
          [ "${cfg.domain}.beta.tailscale.net" ];
    };
  };
}
Add tailscale service module 2022-09-09 17:26:49 +00:00			`{ config, lib, pkgs, ... }:`

			`with lib;`

			`let`
			`cfg = config.services.tailscale;`

			`in`
			`{`
			`options.services.tailscale = {`
			`domain = mkOption {`
			`type = types.str;`
			`default = "";`
Remove lib.mdDoc usage 2022-09-09 17:40:42 +00:00			`description = "The Tailscale domain. This is displayed at the top left of https://login.tailscale.com/admin, next to the Tailscale logo.";`
Add tailscale service module 2022-09-09 17:26:49 +00:00			`};`

Remove lib.mdDoc usage 2022-09-09 17:40:42 +00:00			`enable = mkEnableOption "Tailscale client daemon";`
Add tailscale service module 2022-09-09 17:26:49 +00:00
			`package = mkOption {`
			`type = types.package;`
			`default = pkgs.tailscale;`
			`defaultText = literalExpression "pkgs.tailscale";`
Remove lib.mdDoc usage 2022-09-09 17:40:42 +00:00			`description = "The package to use for tailscale";`
Add tailscale service module 2022-09-09 17:26:49 +00:00			`};`

			`magicDNS = {`
Remove lib.mdDoc usage 2022-09-09 17:40:42 +00:00			`enable = mkEnableOption "Whether to configure networking to work with Tailscale's MagicDNS.";`
Add tailscale service module 2022-09-09 17:26:49 +00:00			`};`
			`};`

			`config = mkIf cfg.enable {`
			`environment.systemPackages = [ cfg.package ];`
tailscale: fix `tailscaled` not running as root Run `tailscaled` using a system daemon as it does not work as a non-root user without `userspace-networking`. Also, remove the broken warning relating to setting the search domain. Manually adding the search domain to `networking.search` isn't necessary to use only machine names to refer to other machines. 2022-09-20 06:09:02 +00:00
			`launchd.daemons.tailscaled = {`
Add tailscale service module 2022-09-09 17:26:49 +00:00			`# derived from`
			`# https://github.com/tailscale/tailscale/blob/main/cmd/tailscaled/install_darwin.go#L30`
			`serviceConfig = {`
			`Label = "com.tailscale.tailscaled";`
tailscale: fix `tailscaled` not running as root Run `tailscaled` using a system daemon as it does not work as a non-root user without `userspace-networking`. Also, remove the broken warning relating to setting the search domain. Manually adding the search domain to `networking.search` isn't necessary to use only machine names to refer to other machines. 2022-09-20 06:09:02 +00:00			`ProgramArguments = [`
			`"/bin/sh" "-c"`
			`"/bin/wait4path ${cfg.package} && ${cfg.package}/bin/tailscaled"`
			`];`
Add tailscale service module 2022-09-09 17:26:49 +00:00			`RunAtLoad = true;`
			`};`
			`};`
tailscale: fix `tailscaled` not running as root Run `tailscaled` using a system daemon as it does not work as a non-root user without `userspace-networking`. Also, remove the broken warning relating to setting the search domain. Manually adding the search domain to `networking.search` isn't necessary to use only machine names to refer to other machines. 2022-09-20 06:09:02 +00:00
Add tailscale service module 2022-09-09 17:26:49 +00:00			`networking = mkIf cfg.magicDNS.enable {`
			`dns = [ "100.100.100.100" ];`
			`search =`
			`if cfg.domain == "" then`
			`[ ]`
			`else`
			`[ "${cfg.domain}.beta.tailscale.net" ];`
			`};`
			`};`
			`}`