refactor!: deploy headscale

nix/homelab/kustomize/networking/headscale/config.yaml

@@ -0,0 +1,50 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: headscale-config
+  namespace: networking
+data:
+  acl.json: |
+    {
+      "tagOwners": {
+        "tag:personal": ["lucalise@"],
+      },
+      "acls": [
+        {"action": "accept", "src": ["tag:personal"], "dst": ["tag:personal:*"]},
+        {"action": "accept", "src": ["tag:personal"], "dst": ["autogroup:internet:*"]},
+        {"action": "accept", "src": ["tag:personal"], "dst": ["192.168.15.0/27:*", "192.168.27.0/24:*", "192.168.20.0/26:*"]}
+      ]
+    }
+  config.yaml: |
+    server_url: https://mesh.lucalise.ca
+    listen_addr: 0.0.0.0:8080
+    metrics_listen_addr: 0.0.0.0:9090
+    
+    noise:
+      private_key_path: /var/lib/headscale/noise_private.key
+    
+    prefixes:
+      v4: 10.100.0.0/24
+      v6: fd7a:115c:a1e0::/48
+    
+    database:
+      type: sqlite3
+      sqlite:
+        path: /var/lib/headscale/db.sqlite
+    policy:
+      path: /etc/headscale/acl.json
+    
+    dns:
+      override_local_dns: false
+      base_domain: m.net
+
+    derp:
+      server:
+        enabled: false
+      urls:
+        - https://controlplane.tailscale.com/derpmap/default
+      auto_update_enabled: true
+      update_frequency: 24h
+    
+    log:
+      level: info