From fadfd47e3f265e4382f302f7449e211ef878507e Mon Sep 17 00:00:00 2001
From: JuliusFreudenberger <julius+git@jfreudenberger.de>
Date: Thu, 18 Sep 2025 01:11:06 +0200
Subject: [PATCH] Configure teleport on srv01-hf

---
 hosts/srv01.hf/default.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/hosts/srv01.hf/default.nix b/hosts/srv01.hf/default.nix
index 1cea677..f8a2c5b 100644
--- a/hosts/srv01.hf/default.nix
+++ b/hosts/srv01.hf/default.nix
@@ -15,11 +15,21 @@
       ../../modules/sshd.nix
       ../../modules/qemu-guest.nix
       ../../modules/docker.nix
+      ../../modules/teleport.nix
       ../../modules/auto-upgrade.nix
       # Include the results of the hardware scan.
       ./hardware-configuration.nix
     ];
 
+  services.openssh.openFirewall = false;
+  services.teleport = {
+    enable = true;
+    settings.teleport = {
+      ca_pin = config.age.secrets."teleport-ca_pin".path;
+      auth_token = config.age.secrets."teleport-join_token".path;
+    };
+  };
+
   systemd.network = {
     enable = true;
       networks."10-wan" = {