Tailscale with secrets

hosts/deadbeef/default.nix

@@ -1,10 +1,12 @@
-{
-  config,
-  pkgs,
-  lib,
-  home-manager,
-  ...
+{ config
+, pkgs
+, lib
+, home-manager
+, ...
 }:
+let
+  tailscaleMagicDNS = "neon-dory.ts.net";
+in
 {
   imports = [
     ./hardware-configuration.nix
@@ -12,6 +14,15 @@
     # home-manager.nixosModules.home-manager
   ];
 
+  age = {
+    identityPaths = [ "/home/pazpi/.ssh/id_ed25519" ];
+    secrets = {
+      tailscale-authKey.file = ../../secrets/tailscale-authKey.age;
+    };
+  };
+
+
+
   my = {
     desktop = {
       audio.enable = false;
@@ -22,17 +33,34 @@
         hashedPassword = "$y$j9T$dA94KVg1/jYLqclQQbTDk.$cnfxBWUN8P4shr8Kkipv5bU/RCtQNoAwYFDZ0X/BYs5";
       };
 
+      networking = {
+        enable = true;
+        hostname = "deadbeef";
+        localDNS = [ "192.168.1.2" ];
+      };
+
       plymouth = {
         enable = true;
         theme = "colorful_loop";
       };
 
       utils = {
-        commons.enable = true;
         i18n.enable = true;
       };
 
     };
+
+    utils = {
+      commons.enable = true;
+    };
+
+    networking = {
+      tailscale = {
+        enable = true;
+        magicDNSDomain = tailscaleMagicDNS;
+        authKeyFile = config.age.secrets.tailscale-authKey.path;
+      };
+    };
   };
 
   time.timeZone = "Europe/Rome";