server-configuration/README.md

# VPN server configuration

This is an experimental configuration for my Hetzner VPS and Cloudflare to run a VPN using OpenTofu and Nix, based on [NixOS/nixos-wiki-infra on Github](https://github.com/NixOS/nixos-wiki-infra).

## How to use

Copy `.env.example` to `.env` and fill in the values.

To generate a token with Hetzner, go to the project and click `Security -> API Tokens`.

For cross-compiling, you will need to add a builder by visiting the following resources:
- https://nix.dev/tutorials/nixos/distributed-builds-setup.html
- https://nix.dev/manual/nix/2.25/advanced-topics/distributed-builds

Run `nix develop` at the root of the project directory to access a shell where OpenTofu is accessible.

In the `targets` directory, run `./apply.sh` to update the configurations.

## VPN

To set up the VPN, on the VPS run:

```bash
headscale users create default
headscale preauthkeys create --user default --reusable
```

On the client run:

```bash
tailscale up --login-server <HEADSCALE_URL> --auth-key <KEY>
```
Add headscale 2025-02-22 12:01:14 +00:00			`# VPN server configuration`
Create initial tf file 2025-02-21 07:49:45 +00:00
Add headscale 2025-02-22 12:01:14 +00:00			`This is an experimental configuration for my Hetzner VPS and Cloudflare to run a VPN using OpenTofu and Nix, based on [NixOS/nixos-wiki-infra on Github](https://github.com/NixOS/nixos-wiki-infra).`
Create initial tf file 2025-02-21 07:49:45 +00:00
			`## How to use`

Create files from nixos-wiki-infra 2025-02-21 11:41:47 +00:00			Copy `.env.example` to `.env` and fill in the values.
Create initial tf file 2025-02-21 07:49:45 +00:00
			To generate a token with Hetzner, go to the project and click `Security -> API Tokens`.

Create working Hetzner NixOS install 2025-02-22 05:16:37 +00:00			`For cross-compiling, you will need to add a builder by visiting the following resources:`
			`- https://nix.dev/tutorials/nixos/distributed-builds-setup.html`
			`- https://nix.dev/manual/nix/2.25/advanced-topics/distributed-builds`
Create initial tf file 2025-02-21 07:49:45 +00:00
Create working Hetzner NixOS install 2025-02-22 05:16:37 +00:00			Run `nix develop` at the root of the project directory to access a shell where OpenTofu is accessible.

Add headscale 2025-02-22 12:01:14 +00:00			In the `targets` directory, run `./apply.sh` to update the configurations.

			`## VPN`

			`To set up the VPN, on the VPS run:`

			```bash
			`headscale users create default`
			`headscale preauthkeys create --user default --reusable`
			```

			`On the client run:`

			```bash
			`tailscale up --login-server <HEADSCALE_URL> --auth-key <KEY>`
			```