puter/hosts/headless/abacus/headscale.nix

{config, ...}: let
  virtualHostName = "headscale.helveticanonstandard.net";
in {
  services.headscale = {
    enable = true;
    address = "127.0.0.1";
    port = 8010;
    settings = {
      server_url = "https://${virtualHostName}";
      dns.base_domain = "tailnet.helveticanonstandard.net";
      logtail.enabled = false;
    };
  };

  services.nginx.virtualHosts.${virtualHostName} = {
    forceSSL = true;
    enableACME = true;
    locations."/" = {
      proxyPass = let
        host = config.services.headscale.address;
        port = builtins.toString config.services.headscale.port;
      in "http://${host}:${port}";
      proxyWebsockets = true;
    };
  };
}
stuff 2025-03-30 15:03:46 +00:00			`{config, ...}: let`
			`virtualHostName = "headscale.helveticanonstandard.net";`
			`in {`
			`services.headscale = {`
			`enable = true;`
			`address = "127.0.0.1";`
			`port = 8010;`
			`settings = {`
stuff 2025-03-30 15:05:55 +00:00			`server_url = "https://${virtualHostName}";`
stuff 2025-03-30 15:10:19 +00:00			`dns.base_domain = "tailnet.helveticanonstandard.net";`
stuff 2025-03-30 15:03:46 +00:00			`logtail.enabled = false;`
			`};`
			`};`

			`services.nginx.virtualHosts.${virtualHostName} = {`
			`forceSSL = true;`
			`enableACME = true;`
			`locations."/" = {`
stuff 2025-03-30 15:05:55 +00:00			`proxyPass = let`
			`host = config.services.headscale.address;`
			`port = builtins.toString config.services.headscale.port;`
			`in "http://${host}:${port}";`
stuff 2025-03-30 15:03:46 +00:00			`proxyWebsockets = true;`
			`};`
			`};`
			`}`