diff options
| author | Vincent Ambo <tazjin@google.com> | 2020-02-11T16·36+0000 |
|---|---|---|
| committer | Vincent Ambo <tazjin@google.com> | 2020-02-11T16·36+0000 |
| commit | df1a4fef2bcf20a3b54f2fc1b4c8220d663d04cd (patch) | |
| tree | 074059df9bd206850d622a4b5957c6693458edb8 /nix/tailscale | |
| parent | 44b57d095ba424df49e7a64f0dd9eba877d62386 (diff) | |
feat(nix/tailscale): Add function for generating tailscale ACLs r/537
... and use it on Camden!
Diffstat (limited to 'nix/tailscale')
| -rw-r--r-- | nix/tailscale/default.nix | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/nix/tailscale/default.nix b/nix/tailscale/default.nix new file mode 100644 index 0000000000..4f533f6d61 --- /dev/null +++ b/nix/tailscale/default.nix @@ -0,0 +1,19 @@ +# This file defines a Nix helper function to create Tailscale ACL files. +# +# https://tailscale.com/kb/1018/install-acls + +{ pkgs, ... }: + +with pkgs.nix.yants; + +let + inherit (builtins) toFile toJSON; + + entry = struct "aclEntry" { + Action = enum [ "accept" "reject" ]; + Users = list string; + Ports = list string; + }; + + acl = list entry; +in entries: toFile "tailscale-acl.json" (toJSON (acl entries)) |