From cc4d29d3532c5ff5ff832aecfbc7f06fe749f2cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= <mail@dotlambda.de>
Date: Sat, 12 Oct 2024 18:28:17 -0700
Subject: [PATCH] nixos/headscale: assert that dns.base_domain is set when
 using MagicDNS

---
 nixos/modules/services/networking/headscale.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/nixos/modules/services/networking/headscale.nix b/nixos/modules/services/networking/headscale.nix
index aac6d331a027..9261ec03c532 100644
--- a/nixos/modules/services/networking/headscale.nix
+++ b/nixos/modules/services/networking/headscale.nix
@@ -498,6 +498,10 @@ in {
         assertion = with cfg.settings; dns.use_username_in_magic_dns or false || dns.base_domain == "" || !lib.hasInfix dns.base_domain server_url;
         message = "server_url cannot contain the base_domain, this will cause the headscale server and embedded DERP to become unreachable from the Tailscale node.";
       }
+      {
+        assertion = with cfg.settings; dns.magic_dns -> dns.base_domain != "";
+        message = "dns.base_domain must be set when using MagicDNS";
+      }
       (assertRemovedOption ["settings" "acl_policy_path"] "Use `policy.path` instead.")
       (assertRemovedOption ["settings" "db_host"] "Use `database.postgres.host` instead.")
       (assertRemovedOption ["settings" "db_name"] "Use `database.postgres.name` instead.")