diff options
Diffstat (limited to 'modules/nixos/profiles/server.nix')
| -rw-r--r-- | modules/nixos/profiles/server.nix | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/modules/nixos/profiles/server.nix b/modules/nixos/profiles/server.nix index 373dc5d..d1c54c1 100644 --- a/modules/nixos/profiles/server.nix +++ b/modules/nixos/profiles/server.nix @@ -1,6 +1,7 @@ { config, lib, + secretsDir, inputs', ... }: @@ -27,6 +28,10 @@ in # All servers are most likely on stable, so we want to pull in some newer packages from time to time _module.args.unstable = inputs'.nixpkgs.legacyPackages; + age.secrets = { + tailscaleAuthKey.file = "${secretsDir}/tailscaleAuthKey.age"; + }; + boot.tmp.cleanOnBoot = lib.mkDefault true; # We don't need it here @@ -43,16 +48,22 @@ in ]; }; - services.comin.enable = true; + services = { + comin.enable = true; - traits = { - secrets.enable = true; tailscale = { enable = true; - ssh.enable = true; + + authKeyFile = config.age.secrets.tailscaleAuthKey.path; + extraUpFlags = [ "--ssh" ]; }; - zram.enable = true; }; + + traits = { + secrets.enable = true; + }; + + zramSwap.enable = true; } (lib.mkIf cfg.hostUser { |