From 2f8ac4cbbd9e39b3556317bdfd435efe50413839 Mon Sep 17 00:00:00 2001
From: Alex Stan <alex.stan.2010@proton.me>
Date: Sun, 10 Dec 2023 00:24:56 +0200
Subject: [PATCH] tailscale 3

Signed-off-by: Alex Stan <alex.stan.2010@proton.me>
---
 hosts/titan/configuration.nix | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/hosts/titan/configuration.nix b/hosts/titan/configuration.nix
index e8c2874..5933712 100644
--- a/hosts/titan/configuration.nix
+++ b/hosts/titan/configuration.nix
@@ -328,6 +328,33 @@ in {
         };
     };
 
+    # create a oneshot job to authenticate to Tailscale
+    systemd.services.tailscale-autoconnect = {
+      description = "Automatic connection to Tailscale";
+
+      # make sure tailscale is running before trying to connect to tailscale
+      after = [ "network-pre.target" "tailscale.service" ];
+      wants = [ "network-pre.target" "tailscale.service" ];
+      wantedBy = [ "multi-user.target" ];
+
+      # set this service as a oneshot job
+      serviceConfig.Type = "oneshot";
+
+      # have the job run this shell script
+      script = with pkgs; ''
+        # wait for tailscaled to settle
+        sleep 2
+
+        # check if we are already authenticated to tailscale
+        status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)"
+        if [ $status = "Running" ]; then # if so, then do nothing
+          exit 0
+        fi
+
+        # otherwise authenticate with tailscale
+        ${tailscale}/bin/tailscale up -authkey tskey-examplekeyhere
+      '';
+    };
 
 
 hardware = {