From f43294cd90812b1daa4134cdc4778ab6383aaada Mon Sep 17 00:00:00 2001
From: Vincent Ambo <tazjin@google.com>
Date: Sat, 4 Apr 2020 13:17:18 +0100
Subject: chore(ops/nixos/camden): Use upstream tailscale module

---
 ops/nixos/camden/default.nix | 19 +------------------
 1 file changed, 1 insertion(+), 18 deletions(-)

(limited to 'ops/nixos')

diff --git a/ops/nixos/camden/default.nix b/ops/nixos/camden/default.nix
index a978f8873a..cb8f1c2188 100644
--- a/ops/nixos/camden/default.nix
+++ b/ops/nixos/camden/default.nix
@@ -6,8 +6,6 @@ config: let
     config.allowUnfree = true;
   };
 in lib.fix(self: {
-  imports = [ ../modules/tailscale.nix ];
-
   # camden is intended to boot unattended, despite having an encrypted
   # root partition.
   #
@@ -88,7 +86,6 @@ in lib.fix(self: {
     # programs from the depot
     (with depot; [
       third_party.git
-      third_party.tailscale
       third_party.pounce
     ]) ++
 
@@ -126,21 +123,7 @@ in lib.fix(self: {
   services.haveged.enable = true;
 
   # Join Tailscale into home network
-  services.tailscale = {
-    enable = true;
-    relayConf = "/etc/tailscale.conf";
-    package = depot.third_party.tailscale;
-    aclFile = depot.nix.tailscale {
-      ACLs = [
-        # Allow any traffic from myself
-        {
-          Action = "accept";
-          Users = [ "mail@tazj.in" ];
-          Ports = [ "*:*" ];
-        }
-      ];
-    } ;
-  };
+  services.tailscale.enable = true;
 
   # Run cgit for the depot. The onion here is nginx(thttpd(cgit)).
   systemd.services.cgit = {
-- 
cgit 1.4.1