tailscale: fix tailscaled not running as root

Run `tailscaled` using a system daemon as it does not work as a non-root user without `userspace-networking`. Also, remove the broken warning relating to setting the search domain. Manually adding the search domain to `networking.search` isn't necessary to use only machine names to refer to other machines.
2025-03-13 20:30:02 +00:00 · 2022-09-20 16:09:02 +10:00 · 2022-09-20 16:09:02 +10:00 · 0ae311e1c7
commit 0ae311e1c7
parent 14a12e9ee7
1 changed files with 7 additions and 6 deletions
--- a/modules/services/tailscale.nix
+++ b/modules/services/tailscale.nix
@ -29,20 +29,21 @@ in
  };

  config = mkIf cfg.enable {
-    warnings = [
-      (mkIf (cfg.magicDNS.enable && cfg.domain == "") "${showOption cfg.domain} isn't empty, Tailscale MagicDNS search path won't be configured.")
-    ];
-
    environment.systemPackages = [ cfg.package ];
-    launchd.user.agents.tailscaled = {
+
+    launchd.daemons.tailscaled = {
      # derived from
      # https://github.com/tailscale/tailscale/blob/main/cmd/tailscaled/install_darwin.go#L30
      serviceConfig = {
        Label = "com.tailscale.tailscaled";
-        ProgramArguments = [ "${lib.getBin cfg.package}/bin/tailscaled" ];
+        ProgramArguments = [
+          "/bin/sh" "-c"
+          "/bin/wait4path ${cfg.package} &amp;&amp; ${cfg.package}/bin/tailscaled"
+        ];
        RunAtLoad = true;
      };
    };
+
    networking = mkIf cfg.magicDNS.enable {
      dns = [ "100.100.100.100" ];
      search =