From a3b1363256f50f7790450111d724e55d2996f7fa Mon Sep 17 00:00:00 2001
From: ocfox <i@ocfox.me>
Date: Mon, 30 Sep 2024 21:06:43 +0800
Subject: [PATCH] civet: as tailscale derp

---
 hosts/civet/default.nix                    |  3 +++
 hosts/civet/nixpkgs.nix                    |  3 +++
 hosts/civet/services.nix                   | 11 ++++++++++-
 hosts/default.nix                          |  2 +-
 modules/default.nix                        |  1 +
 modules/{derper.nix => tailscale-derp.nix} |  0
 6 files changed, 18 insertions(+), 2 deletions(-)
 rename modules/{derper.nix => tailscale-derp.nix} (100%)

diff --git a/hosts/civet/default.nix b/hosts/civet/default.nix
index 99f4cb2..eece0e8 100644
--- a/hosts/civet/default.nix
+++ b/hosts/civet/default.nix
@@ -7,6 +7,9 @@
 
   facter.reportPath = ./facter.json;
 
+  security.acme.defaults.email = "civet@ocfox.me";
+  security.acme.acceptTerms = true;
+
   boot.loader.grub = {
     efiSupport = true;
     efiInstallAsRemovable = true;
diff --git a/hosts/civet/nixpkgs.nix b/hosts/civet/nixpkgs.nix
index 4e6f048..f1acfa8 100644
--- a/hosts/civet/nixpkgs.nix
+++ b/hosts/civet/nixpkgs.nix
@@ -1,6 +1,9 @@
+{ inputs }:
 {
   config = {
     allowUnfree = true;
     allowBroken = true;
   };
+
+  overlays = [ inputs.self.overlays.default ];
 }
diff --git a/hosts/civet/services.nix b/hosts/civet/services.nix
index 00740b5..72b0ec1 100644
--- a/hosts/civet/services.nix
+++ b/hosts/civet/services.nix
@@ -1,5 +1,14 @@
 { pkgs }:
 {
   openssh.enable = true;
-  tailscale.enable = true;
+  tailscale = {
+    enable = true;
+
+    derper = {
+      enable = true;
+      package = pkgs.tailscale-derp.derper;
+      domain = "cyans.dev";
+      verifyClients = true;
+    };
+  };
 }
diff --git a/hosts/default.nix b/hosts/default.nix
index 30e54e5..8d4233d 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -23,6 +23,7 @@ let
       inherit system;
       modules = [
         (genConf "${host}")
+        inputs.self.nixosModules.default
       ] ++ modules;
       specialArgs = {
         inherit inputs username home;
@@ -38,7 +39,6 @@ mkMerge [
     inputs.minegrub.nixosModules.default
     inputs.agenix.nixosModules.default
     inputs.niri.nixosModules.niri
-    inputs.self.nixosModules.default
     { nix.registry.self.flake = self; }
   ])
 
diff --git a/modules/default.nix b/modules/default.nix
index f6e7dac..7b1cf12 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -4,6 +4,7 @@
     {
       imports = [
         (import ./shadowsocks.nix)
+        (import ./tailscale-derp.nix)
       ];
     };
 }
diff --git a/modules/derper.nix b/modules/tailscale-derp.nix
similarity index 100%
rename from modules/derper.nix
rename to modules/tailscale-derp.nix