VPN server configuration

This is an experimental configuration for my Hetzner VPS and Cloudflare to run a VPN using OpenTofu and Nix, based on NixOS/nixos-wiki-infra on Github.

How to use

Copy .env.example to .env and fill in the values.

To generate a token with Hetzner, go to the project and click Security -> API Tokens.

For cross-compiling, you will need to add a builder by visiting the following resources:

https://nix.dev/tutorials/nixos/distributed-builds-setup.html
https://nix.dev/manual/nix/2.25/advanced-topics/distributed-builds

Run nix develop at the root of the project directory to access a shell where OpenTofu is accessible.

In the targets directory, run ./apply.sh to update the configurations.

VPN

To set up the VPN, on the VPS run:

headscale users create default
headscale preauthkeys create --user default --reusable

On the client run:

tailscale up --login-server <HEADSCALE_URL> --auth-key <KEY>

1 KiB Raw Blame History

VPN server configuration

How to use

VPN

1 KiB

Raw Blame History