40 lines
734 B
Nix
40 lines
734 B
Nix
{
|
|
hostType,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
{
|
|
config = lib.mkMerge [
|
|
# Common configuration
|
|
{
|
|
networking = {
|
|
networkmanager.enable = true;
|
|
firewall.enable = true;
|
|
};
|
|
|
|
services = {
|
|
tailscale = {
|
|
enable = true;
|
|
extraUpFlags = [ "--operator=user" ];
|
|
};
|
|
openssh = {
|
|
enable = true;
|
|
settings.PermitRootLogin = "no";
|
|
};
|
|
};
|
|
}
|
|
|
|
# Server specific configuration
|
|
(lib.mkIf hostType.isServer {
|
|
services.tailscale = {
|
|
extraSetFlags = [ "--advertise-exit-node" ];
|
|
useRoutingFeatures = "server";
|
|
};
|
|
})
|
|
|
|
# Workstation specific configuration
|
|
(lib.mkIf hostType.isWorkstation {
|
|
})
|
|
];
|
|
}
|