From 5c7bc8bc8d669f815ac8373bc42ec5e550ec4bfb Mon Sep 17 00:00:00 2001
From: Lander Van den Bulcke <landervandenbulcke@gmail.com>
Date: Wed, 2 Jul 2025 00:25:44 +0200
Subject: [PATCH] feat: add headscale

Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
---
 hosts/hosting-01/default.nix | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/hosts/hosting-01/default.nix b/hosts/hosting-01/default.nix
index 8fc26e3..048d3c1 100644
--- a/hosts/hosting-01/default.nix
+++ b/hosts/hosting-01/default.nix
@@ -1,4 +1,4 @@
-{ ... }:
+{ config, ... }:
 {
   imports = [
     ./disk-config.nix
@@ -14,6 +14,29 @@
   networking.hostName = "hosting-01";
   networking.nameservers = [ "8.8.8.8" ];
 
+  services = {
+    headscale = {
+      enable = true;
+      address = "0.0.0.0";
+      port = 8080;
+      settings = {
+        server_url = "https://headscale.escapeangle.com";
+        dns = {
+          base_domain = "tailnet.escapeangle.com";
+        };
+      };
+    };
+
+    nginx.virtualHosts."headscale.escapeangle.com" = {
+      forceSSL = true;
+      enableACME = true;
+      locations."/" = {
+        proxyPass = "http://localhost:${toString config.services.headscale.port}";
+        proxyWebsockets = true;
+      };
+    };
+  };
+
   security.acme.defaults.email = "landervandenbulcke@gmail.com";
   security.acme.acceptTerms = true;