nixpkgs/nixos/modules/services/networking/twingate.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

{ config, lib, pkgs, ... }:

let
  cfg = config.services.twingate;
in
{
  options.services.twingate = {
    enable = lib.mkEnableOption (lib.mdDoc "Twingate Client daemon");
    package = lib.mkPackageOption pkgs "twingate" { };
  };

  config = lib.mkIf cfg.enable {
    systemd.packages = [ cfg.package ];
    systemd.services.twingate = {
      preStart = "cp -r --update=none ${cfg.package}/etc/twingate/. /etc/twingate/";
      wantedBy = [ "multi-user.target" ];
    };

    networking.firewall.checkReversePath = lib.mkDefault "loose";
    services.resolved.enable = lib.mkIf (!config.networking.networkmanager.enable) true;

    environment.systemPackages = [ cfg.package ]; # For the CLI.
  };
}