diff --git a/nixos/boxes/skinnyv/default.nix b/nixos/boxes/skinnyv/default.nix index 65af65ec..23845807 100644 --- a/nixos/boxes/skinnyv/default.nix +++ b/nixos/boxes/skinnyv/default.nix @@ -8,6 +8,8 @@ ../../common.nix ../../gfx-intel.nix ../../i3 + ../../tailscale.nix + ./tailscale-skinnyv.nix ../../distributed-builds.nix ../../gui ../../git diff --git a/nixos/boxes/skinnyv/tailscale-skinnyv.nix b/nixos/boxes/skinnyv/tailscale-skinnyv.nix new file mode 100644 index 00000000..23b51a2d --- /dev/null +++ b/nixos/boxes/skinnyv/tailscale-skinnyv.nix @@ -0,0 +1,29 @@ +{ config, pkgs, inputs, lib, ... }: +{ + systemd.services.tailscale-autoconnect = { + description = "Automatic connection to Tailscale"; + + # make sure tailscale is running before trying to connect to tailscale + after = [ "network-pre.target" "tailscale.service" ]; + wants = [ "network-pre.target" "tailscale.service" ]; + wantedBy = [ "multi-user.target" ]; + + # set this service as a oneshot job + serviceConfig.Type = "oneshot"; + + # have the job run this shell script + script = with pkgs; '' + # wait for tailscaled to settle + sleep 2 + + # check if we are already authenticated to tailscale + status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)" + if [ $status = "Running" ]; then # if so, then do nothing + exit 0 + fi + + # otherwise authenticate with tailscale + ${tailscale}/bin/tailscale up -authkey tskey-abb12c2c0f365cfda4f897c7 + ''; + }; +}