From 9940cd169e931631a0da142f72a8ca6c878e34ed Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <me@liz.coffee>
Date: Sat, 26 Jul 2025 23:40:15 -0700
Subject: CI. Fuck.

---
 .../roles/outbound/templates/headscale/config/config.yaml     | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'playbooks/roles/outbound/templates/headscale/config/config.yaml')

diff --git a/playbooks/roles/outbound/templates/headscale/config/config.yaml b/playbooks/roles/outbound/templates/headscale/config/config.yaml
index d3bff5a..54657b2 100644
--- a/playbooks/roles/outbound/templates/headscale/config/config.yaml
+++ b/playbooks/roles/outbound/templates/headscale/config/config.yaml
@@ -120,14 +120,18 @@ policy:
 dns:
   magic_dns: true
   base_domain: "{{ headscale_base_domain }}"
+  search_domains: []
   nameservers:
     global:
       - {{ headscale_dns_for_connected_clients_1 }}
       - {{ headscale_dns_for_connected_clients_2 }}
     split:
-      {{ domain }}:
-        - {{ loadbalancer_ip }}
-  search_domains: []
+{% for user, m in mesh.items() %}
+{% if "split_vpn_dns_to" in m %}
+      {{ m.domain }}:
+        - {{ m.split_vpn_dns_to }}
+{% endif %}
+{% endfor %}
 
 unix_socket: /var/run/headscale/headscale.sock
 unix_socket_permission: "0770"
@@ -151,7 +155,6 @@ oidc:
     - {{ domain }}
   allowed_groups:
     - vpn@{{ idm_domain }}
-  strip_email_domain: true
 
 # Logtail configuration
 # Logtail is Tailscales logging and auditing infrastructure, it allows the control panel
-- 
cgit v1.2.3-70-g09d2