From f0289e8cecb6427eb9dc3beafdb9bafc1a77b213 Mon Sep 17 00:00:00 2001
From: ooks-io <ooks@protonmail.com>
Date: Thu, 31 Oct 2024 17:29:50 +1100
Subject: [PATCH] tailscale: fix tailscale operator flag

---
 modules/nixos/base/secrets.nix   | 4 +---
 modules/nixos/base/tailscale.nix | 2 +-
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/modules/nixos/base/secrets.nix b/modules/nixos/base/secrets.nix
index e4a2799..14685a1 100644
--- a/modules/nixos/base/secrets.nix
+++ b/modules/nixos/base/secrets.nix
@@ -17,9 +17,7 @@ in {
   age.secrets = {
     tailscale-auth = mkIf tailscale.enable {
       file = "${self}/secrets/tailscale-auth.age";
-      owner = "${admin.name}";
-      group = "users";
-      mode = "400";
+      mode = "444";
     };
     github_key = mkIf admin.homeManager {
       file = "${self}/secrets/github_key.age";
diff --git a/modules/nixos/base/tailscale.nix b/modules/nixos/base/tailscale.nix
index 47a80f2..26ab237 100644
--- a/modules/nixos/base/tailscale.nix
+++ b/modules/nixos/base/tailscale.nix
@@ -24,7 +24,7 @@ in {
     # flags to pass to the auto-connect service
     extraUpFlags = concatLists [
       ["--ssh"]
-      (optionals (admin.name != null) ["--operator ${admin.name}"])
+      ["--operator" "${admin.name}"]
       (optionals host.exitNode ["--advertise-exit-node"])
     ];