about summary refs log tree commit diff
path: root/ops/machines
diff options
context:
space:
mode:
Diffstat (limited to 'ops/machines')
-rw-r--r--ops/machines/sanduny/default.nix8
-rw-r--r--ops/machines/whitby/default.nix6
2 files changed, 14 insertions, 0 deletions
diff --git a/ops/machines/sanduny/default.nix b/ops/machines/sanduny/default.nix
index 14f40d1fa09e..ba14fbd32a60 100644
--- a/ops/machines/sanduny/default.nix
+++ b/ops/machines/sanduny/default.nix
@@ -20,6 +20,7 @@ in
     (mod "journaldriver.nix")
     (mod "known-hosts.nix")
     (mod "tvl-cache.nix")
+    (mod "tvl-headscale.nix")
     (mod "tvl-users.nix")
     (mod "www/inbox.tvl.su.nix")
     (mod "www/self-redirect.nix")
@@ -71,6 +72,13 @@ in
   services.openssh.enable = true;
   services.fail2ban.enable = true;
 
+  # Run tailscale for the TVL net.tvl.fyi network.
+  # tailscale up --login-server https://net.tvl.fyi --accept-dns=false --advertise-exit-node
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "server"; # for exit-node usage
+  };
+
   # Automatically collect garbage from the Nix store.
   services.depot.automatic-gc = {
     enable = true;
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix
index f2a459047163..c7874cd2352d 100644
--- a/ops/machines/whitby/default.nix
+++ b/ops/machines/whitby/default.nix
@@ -624,6 +624,12 @@ in
     };
   };
 
+  # Join TVL Tailscale network at net.tvl.fyi
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "server"; # for exit-node usage
+  };
+
   # Allow Keycloak access to the LDAP module by forcing in the JVM
   # configuration
   systemd.services.keycloak.environment.PREPEND_JAVA_OPTS =
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-01T08ยท53+0000