# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
  config,
  lib,
  pkgs,
  ...
}: {
  services.headscale = {
    enable = true;
    settings = {
      server_url = "https://headscale.stranger.systems:443";
      allowed_users = [
        "thatonelutenist@stranger.systems"
      ];
      dns = {
        base_domain = "tailnet.stranger.systems";
        magic_dns = true;
        extra_records = [
          {
            name = "hub.tailnet.stranger.systems";
            type = "A";
            value = "100.64.0.3";
          }
        ];
      };
    };
  };

  environment.systemPackages = with pkgs; [headscale];

  services.nginx.virtualHosts."headscale.stranger.systems" = {
    forceSSL = true;
    enableACME = true;
    locations."/" = {
      proxyPass = "http://127.0.0.1:8080";
      proxyWebsockets = true;
    };
  };
}