diff options
Diffstat (limited to 'nix/tailscale/default.nix')
| -rw-r--r-- | nix/tailscale/default.nix | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/nix/tailscale/default.nix b/nix/tailscale/default.nix index 4f533f6d61d2..d836850aa112 100644 --- a/nix/tailscale/default.nix +++ b/nix/tailscale/default.nix @@ -9,11 +9,22 @@ with pkgs.nix.yants; let inherit (builtins) toFile toJSON; - entry = struct "aclEntry" { + acl = struct "acl" { Action = enum [ "accept" "reject" ]; Users = list string; Ports = list string; }; - acl = list entry; -in entries: toFile "tailscale-acl.json" (toJSON (acl entries)) + acls = list entry; + + aclConfig = struct "aclConfig" { + # Static group mappings from group names to lists of users + Groups = option (attrs (list string)); + + # Hostname aliases to use in place of IPs + Hosts = option (attrs string); + + # Actual ACL entries + ACLs = list acl; + }; +in config: toFile "tailscale-acl.json" (toJSON (aclConfig config)) |