profiles/server: start using tailscale ssh

author: seth <[email protected]> 2023-07-15 03:19:10 -0400
committer: seth <[email protected]> 2023-07-15 04:15:21 -0400
commit: 72d7d82952b46e854d9aeb21d9aa63eea4464793 (patch)
tree: b15cf37c511b02a9ea2f92df223713d8ea0c20a8 /modules/nixos/features
parent: f0ed286c00c8369a9c99986c7574b60954120d94 (diff)
1 files changed, 3 insertions, 5 deletions
diff --git a/modules/nixos/features/tailscale.nix b/modules/nixos/features/tailscale.nix
index 042426b..1c307bb 100644
--- a/modules/nixos/features/tailscale.nix
+++ b/modules/nixos/features/tailscale.nix
@@ -26,26 +26,24 @@ in {
         allowedUDPPorts = [config.services.tailscale.port];
         trustedInterfaces = ["tailscale0"];
       }
-      // (mkIf cfg.ssh.enable {
+      // lib.optionalAttrs cfg.ssh.enable {
         allowedTCPPorts = [22];
-      });
+      };
 
     services = {
       tailscale.enable = mkDefault true;
     };
 
+    # https://tailscale.com/kb/1096/nixos-minecraft/
     systemd.services.tailscale-autoconnect = {
       description = "Automatic connection to Tailscale";
 
-      # make sure tailscale is running before trying to connect to tailscale
       after = ["network-pre.target" "tailscale.service"];
       wants = ["network-pre.target" "tailscale.service"];
       wantedBy = ["multi-user.target"];
 
-      # set this service as a oneshot job
       serviceConfig.Type = "oneshot";
 
-      # have the job run this shell script
       script = let
         inherit (pkgs) tailscale jq;
       in ''
author	seth <[email protected]>	2023-07-15 03:19:10 -0400
committer	seth <[email protected]>	2023-07-15 04:15:21 -0400
commit	72d7d82952b46e854d9aeb21d9aa63eea4464793 (patch)
tree	b15cf37c511b02a9ea2f92df223713d8ea0c20a8 /modules/nixos/features
parent	f0ed286c00c8369a9c99986c7574b60954120d94 (diff)