b37bbca521
These were broken since 2016:f0367da7d1
since StartLimitIntervalSec got moved into [Unit] from [Service]. StartLimitBurst has also been moved accordingly, so let's fix that one too. NixOS systems have been producing logs such as: /nix/store/wf98r55aszi1bkmln1lvdbp7znsfr70i-unit-caddy.service/caddy.service:31: Unknown key name 'StartLimitIntervalSec' in section 'Service', ignoring. I have also removed some unnecessary duplication in units disabling rate limiting since setting either interval or burst to zero disables it (ad16158c10/src/basic/ratelimit.c (L16)
)
48 lines
1.1 KiB
Nix
48 lines
1.1 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let cfg = config.services.tailscale;
|
|
in {
|
|
meta.maintainers = with maintainers; [ danderson mbaillie ];
|
|
|
|
options.services.tailscale = {
|
|
enable = mkEnableOption "Tailscale client daemon";
|
|
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 41641;
|
|
description = "The port to listen on for tunnel traffic (0=autoselect).";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
environment.systemPackages = [ pkgs.tailscale ]; # for the CLI
|
|
systemd.services.tailscale = {
|
|
description = "Tailscale client daemon";
|
|
|
|
after = [ "network-pre.target" ];
|
|
wants = [ "network-pre.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
startLimitIntervalSec = 0;
|
|
|
|
serviceConfig = {
|
|
ExecStart =
|
|
"${pkgs.tailscale}/bin/tailscaled --port ${toString cfg.port}";
|
|
|
|
RuntimeDirectory = "tailscale";
|
|
RuntimeDirectoryMode = 755;
|
|
|
|
StateDirectory = "tailscale";
|
|
StateDirectoryMode = 750;
|
|
|
|
CacheDirectory = "tailscale";
|
|
CacheDirectoryMode = 750;
|
|
|
|
Restart = "on-failure";
|
|
};
|
|
};
|
|
};
|
|
}
|