From 1709e1ed5671752dc4223677cf2a71939db98c6b Mon Sep 17 00:00:00 2001
From: Mohammad Rafiq <mohammadrafiq567@gmail.com>
Date: Thu, 27 Mar 2025 05:07:23 +0800
Subject: [PATCH] feat(tailscale): set ts auth key to auto connect

---
 configs/networking.nix | 12 ++++++++++--
 configs/security.nix   |  1 +
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/configs/networking.nix b/configs/networking.nix
index 0c40795..22adb83 100644
--- a/configs/networking.nix
+++ b/configs/networking.nix
@@ -1,4 +1,9 @@
-{ hostname, lib, ... }:
+{
+  hostname,
+  lib,
+  config,
+  ...
+}:
 {
   networking = {
     hostName = hostname;
@@ -28,5 +33,8 @@
     interfaces.enp12s0.wakeOnLan.enable = true;
   };
   services.openssh.enable = true;
-  services.tailscale.enable = true;
+  services.tailscale = {
+    enable = true;
+    authKeyFile = config.sops.secrets.ts_auth_key.path;
+  };
 }
diff --git a/configs/security.nix b/configs/security.nix
index 298f595..19c4c14 100644
--- a/configs/security.nix
+++ b/configs/security.nix
@@ -8,6 +8,7 @@
     defaultSopsFile = ./secrets/secrets.yaml;
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
     secrets.password.neededForUsers = true;
+    secrets.ts_auth_key = { };
   };
 
   security.sudo.wheelNeedsPassword = false;