From b64d34e9c40716e76aff87f6750151fcf12cd037 Mon Sep 17 00:00:00 2001
From: Katherina Walshe-Grey <git@qenya.tel>
Date: Thu, 22 May 2025 01:42:42 +0100
Subject: [PATCH] tailscale: Autoconect to headscale on boot

---
 common/tailscale.nix | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/common/tailscale.nix b/common/tailscale.nix
index a6337d6..16cffcd 100644
--- a/common/tailscale.nix
+++ b/common/tailscale.nix
@@ -1,8 +1,21 @@
+{ config, lib, pkgs, ... }:
+
 {
   services.tailscale = {
     enable = true;
     openFirewall = true;
-    extraUpFlags = [ "--login-server" "https://headscale.unspecified.systems" ]; # TODO: doesn't work (nixos bug); needs connecting/specifying manually
+    extraUpFlags = [ "--login-server" "https://headscale.unspecified.systems" ];
     extraDaemonFlags = [ "--no-logs-no-support" ]; # disable telemetry
   };
+
+  systemd.services.tailscaled-autoconnect = {
+    after = [ "tailscaled.service" "network-online.target" ];
+    wants = [ "tailscaled.service" "network-online.target" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig.Type = "oneshot";
+    script = ''
+      sleep 2 # wait for tailscaled to settle
+      ${lib.getExe config.services.tailscale.package} up --reset ${lib.escapeShellArgs config.services.tailscale.extraUpFlags}
+    '';
+  };
 }