blob: 363f717db6de9d4b26539024b06b5ea48cc23bf6 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# This file defines a Nix helper function to create Tailscale ACL files.
#
# https://tailscale.com/kb/1018/install-acls
{ depot, pkgs, ... }:
with depot.nix.yants;
let
inherit (builtins) toFile toJSON;
acl = struct "acl" {
Action = enum [ "accept" "reject" ];
Users = list string;
Ports = list string;
};
acls = list entry;
aclConfig = struct "aclConfig" {
# Static group mappings from group names to lists of users
Groups = option (attrs (list string));
# Hostname aliases to use in place of IPs
Hosts = option (attrs string);
# Actual ACL entries
ACLs = list acl;
};
in
config: pkgs.writeText "tailscale-acl.json" (toJSON (aclConfig config))
|
