diff options
| author | seth <[email protected]> | 2024-10-18 03:10:35 -0400 |
|---|---|---|
| committer | GitHub <[email protected]> | 2024-10-18 07:10:35 +0000 |
| commit | e6f79b30e620cf7bd5b06e2579e979ff090e925a (patch) | |
| tree | 1dd2b20126602ef448f77fbb9cdd44ba7f02a58c /ext/terranix/tailscale/acl.nix | |
| parent | fdaf8680ef5bbcadb7cece43911beff18f90cdb2 (diff) | |
more refactors & outsource some things (#477)
* tree-wide: drop flake-parts
* drop nixinate
* justfile: cleanup
* drop treefmt-nix
* doc: update READMEs
* flake: cleanup
* seth: don't use `./.`
* modules/nixos,darwin: bundle all modules
They all depend on each other anyways so
* systems: manually import internal modules
* seth: use riff module from nix-exprs
* flake: back to flake-parts
* Revert "flake: back to flake-parts"
This reverts commit 35334882f7c0c23991a4efd65ea08b216006b2b0.
Saving the last commit so I can go back if I want
* flake: use lib.const
this looks better...right?
* flake: declare systems like a normal person
Diffstat (limited to 'ext/terranix/tailscale/acl.nix')
| -rw-r--r-- | ext/terranix/tailscale/acl.nix | 51 |
1 files changed, 0 insertions, 51 deletions
diff --git a/ext/terranix/tailscale/acl.nix b/ext/terranix/tailscale/acl.nix deleted file mode 100644 index 80e3537..0000000 --- a/ext/terranix/tailscale/acl.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ lib, ... }: -{ - resource.tailscale_acl.default = { - acl = toString ( - builtins.toJSON { - tagOwners = - let - me = [ "getchoo@github" ]; - tags = map (name: "tag:${name}") [ - "server" - "personal" - ]; - in - lib.genAttrs tags (_: me); - - acls = - let - mkAcl = action: src: dst: { inherit action src dst; }; - in - [ - (mkAcl "accept" [ "tag:personal" ] [ "*:*" ]) - (mkAcl "accept" [ "tag:server" ] [ "tag:server:*" ]) - ]; - - ssh = - let - mkSshAcl = action: src: dst: users: { - inherit - action - src - dst - users - ; - }; - in - [ - (mkSshAcl "accept" [ "tag:personal" ] - [ - "tag:server" - "tag:personal" - ] - [ - "autogroup:nonroot" - "root" - ] - ) - ]; - } - ); - }; -} |