penal-colony/nixos-vps
2
0
Fork 1
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
nixos-vps/modules/default.nix
Franz Kafka 1c28db5f8e feat(headscale): add self-hosted Tailscale control server 
New module: modules/headscale.nix
- Headscale service listening on localhost with Nginx reverse proxy
- SQLite database (appropriate for personal use)
- Tailscale public DERP relays for NAT traversal fallback
- MagicDNS enabled with Mullvad/Quad9 upstream resolvers
- Optional OIDC authentication (Google, GitHub, etc.)
- Default auth: pre-shared API keys (headscale apikeys create)
- Added to backup paths (SQLite DB)
- headscale CLI tool added to system packages

Configuration:
- Domain: vpn.ashisgreat.xyz
- OIDC disabled by default (documented how to enable in configuration.nix)

To register a device after deploying:
  sudo headscale apikeys create
  tailscale up --login-server=https://vpn.ashisgreat.xyz --authkey=<key>

DNS record needed: vpn.ashisgreat.xyz → VPS IP
2026-03-19 15:39:56 +00:00

16 lines
248 B
Nix
Raw Blame History

# Module exports
{
imports = [
./system.nix
./podman.nix
./nginx.nix
./searxng.nix
./openclaw-podman.nix
./vaultwarden.nix
./crowdsec.nix
./backup.nix
./adguard.nix
./forgejo.nix
./headscale.nix
];
}
Reference in a new issue View git blame Copy permalink