From cb3ec0cb573e67d4eece46f9e23fd94ab4febba5 Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Sat, 26 Aug 2023 13:05:54 +0200
Subject: [PATCH 1/3] Common: set up tailscale

---
 roles/common/default.nix            | 2 +-
 roles/common/services/default.nix   | 8 ++++++++
 roles/common/services/tailscale.nix | 8 ++++++++
 3 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 roles/common/services/default.nix
 create mode 100644 roles/common/services/tailscale.nix

diff --git a/roles/common/default.nix b/roles/common/default.nix
index 91e9eb3..1e090a3 100755
--- a/roles/common/default.nix
+++ b/roles/common/default.nix
@@ -3,7 +3,7 @@
 {
 	imports = [
 		./programs
-		./services/avahi.nix
+		./services
 		./configuration.nix
 	];
 }
diff --git a/roles/common/services/default.nix b/roles/common/services/default.nix
new file mode 100644
index 0000000..38fca78
--- /dev/null
+++ b/roles/common/services/default.nix
@@ -0,0 +1,8 @@
+{ ... }:
+
+{
+	imports = [
+		./avahi.nix
+		./tailscale.nix
+	];
+}
diff --git a/roles/common/services/tailscale.nix b/roles/common/services/tailscale.nix
new file mode 100644
index 0000000..aef79f6
--- /dev/null
+++ b/roles/common/services/tailscale.nix
@@ -0,0 +1,8 @@
+{ config, lib, ... }:
+
+{
+	services.tailscale = {
+		enable = true;
+		useRoutingFeatures = lib.mkDefault "client";
+	};
+}

From 200ff430962e6c5325d4fef27b002a2fc3be3e71 Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Sat, 26 Aug 2023 13:12:15 +0200
Subject: [PATCH 2/3] Server: enable routing features for tailscale

---
 roles/server/default.nix   | 1 +
 roles/server/tailscale.nix | 8 ++++++++
 2 files changed, 9 insertions(+)
 create mode 100644 roles/server/tailscale.nix

diff --git a/roles/server/default.nix b/roles/server/default.nix
index 9b262ae..d5a0970 100755
--- a/roles/server/default.nix
+++ b/roles/server/default.nix
@@ -13,5 +13,6 @@
 		./ddclient.nix
 		./beep.nix
 		./wireguard.nix
+		./tailscale.nix
 	];
 }
diff --git a/roles/server/tailscale.nix b/roles/server/tailscale.nix
new file mode 100644
index 0000000..36ba593
--- /dev/null
+++ b/roles/server/tailscale.nix
@@ -0,0 +1,8 @@
+{ config, ... }:
+
+{
+	services.tailscale = {
+		# This is needed for being an exit node
+		useRoutingFeatures = "server";
+	};
+}

From 0dbd1faaa637643939703fd566432cef0b52c17a Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Sat, 26 Aug 2023 21:19:28 +0200
Subject: [PATCH 3/3] Nix: write system nixpkgs into registry

---
 flake.nix                     | 6 +++++-
 roles/common/programs/nix.nix | 5 ++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/flake.nix b/flake.nix
index 652055f..747da57 100755
--- a/flake.nix
+++ b/flake.nix
@@ -28,7 +28,8 @@ inputs = {
 	nix-impermanence.url = "github:nix-community/impermanence";
 	};
 
-outputs = {nixpkgs, nixpkgs-unstable, agenix, home-manager, home-manager-unstable, nixos-hardware, nix-impermanence, ... }: {
+outputs = {nixpkgs, nixpkgs-unstable, agenix, home-manager, home-manager-unstable, nixos-hardware, nix-impermanence, ... } @inputs: {
+
 	devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell {
 		name = "Environment for toast's nixos configurations";
 		# The agenix cli is not needed to activate a configuration, so instead of installing it
@@ -46,6 +47,7 @@ outputs = {nixpkgs, nixpkgs-unstable, agenix, home-manager, home-manager-unstabl
 	nixosConfigurations = {
 		Archie = nixpkgs-unstable.lib.nixosSystem {
 			system = "x86_64-linux";
+			specialArgs = { systemPkgs = inputs.nixpkgs-unstable; };
 			/*
 			I used to set up nixpkgs in the flake, but doing that made
 			defining overlays in modules impossible (or at least I could
@@ -67,6 +69,7 @@ outputs = {nixpkgs, nixpkgs-unstable, agenix, home-manager, home-manager-unstabl
 
 		SurfaceGo = nixpkgs.lib.nixosSystem {
 			system = "x86_64-linux";
+			specialArgs = { systemPkgs = inputs.nixpkgs; };
 			modules = [
 				# Needed for nix-index
 				{ nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; }
@@ -82,6 +85,7 @@ outputs = {nixpkgs, nixpkgs-unstable, agenix, home-manager, home-manager-unstabl
 
 		Everest = nixpkgs.lib.nixosSystem {
 			system = "x86_64-linux";
+			specialArgs = { systemPkgs = inputs.nixpkgs; };
 			modules = [
 				# Needed for nix-index
 				{ nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; }
diff --git a/roles/common/programs/nix.nix b/roles/common/programs/nix.nix
index ea40ccd..baa1cc9 100755
--- a/roles/common/programs/nix.nix
+++ b/roles/common/programs/nix.nix
@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, systemPkgs, ... }:
 
 {
 	nix = {
@@ -10,6 +10,9 @@ experimental-features = nix-command flakes
 				from = { id = "agenix"; type = "indirect"; };
 				to = { owner = "ryantm"; repo = "agenix"; type = "github"; };
 			};
+			# Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions
+			# https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html
+			system.flake = systemPkgs;
 		};
 	};
 }