fix: Add auto-restart config and restore required Headplane settings

- Added systemd auto-restart configuration for headscale and headplane services
- Restored cookie_secret and cookie_secure settings required by Headplane
- Pinned Headplane to v0.6.0 to avoid Go version conflicts
- Updated flake.lock after pinning Headplane version

configuration.nix

@@ -35,20 +35,32 @@
         host = "127.0.0.1";
         port = 3000;
         cookie_secret = "iQ0bUyaFgwaijWaSyZ1ILA9RwfywrbZ3";
-        cookie_secure = false;  # Set to true if using HTTPS directly (nginx handles SSL for us)
+        cookie_secure = false;
       };
       headscale = {
         url = "https://headscale.kennys.mom";
         config_path = "/etc/headscale-strict.yml";
         config_strict = true;
       };
-      # Optionally configure OIDC here if needed
     };
-    # Agent disabled due to upstream module bug
-    # See: https://github.com/tale/headplane/issues (type definition error)
     agent.enable = false;
   };
 
+  # Auto-restart services if they fail
+  systemd.services.headscale = {
+    serviceConfig = {
+      Restart = lib.mkForce "always";
+      RestartSec = lib.mkForce "5s";
+    };
+  };
+
+  systemd.services.headplane = {
+    serviceConfig = {
+      Restart = lib.mkForce "always";
+      RestartSec = lib.mkForce "5s";
+    };
+  };
+
 
 
   system.stateVersion = "23.11";

flake.lock

@@ -76,6 +76,7 @@
       "original": {
         "owner": "tale",
         "repo": "headplane",
+        "rev": "bd8a7a56d4021edf58511c6ab333af864d91304c",
         "type": "github"
       }
     },
@@ -85,11 +86,11 @@
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "lastModified": 1756307353,
-        "narHash": "sha256-tpRq+EJ5DPtVFKnyK0+tL/5bOoYwyTW+N+eWZG8i/60=",
+        "lastModified": 1764621811,
+        "narHash": "sha256-uMOpHcxiHo6KSRRdm6c2UAWLL1pvd1ihKcghPCokIq8=",
         "owner": "juanfont",
         "repo": "headscale",
-        "rev": "8e25f7f9dd12421a805f82f09676b592a39c61b9",
+        "rev": "16d811b30662e49c98a71faacaded6f0ec0176ca",
         "type": "github"
       },
       "original": {
@@ -100,11 +101,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1755829505,
-        "narHash": "sha256-4/Jd+LkQ2ssw8luQVkqVs9spDBVE6h/u/hC/tzngsPo=",
+        "lastModified": 1760533177,
+        "narHash": "sha256-OwM1sFustLHx+xmTymhucZuNhtq98fHIbfO8Swm5L8A=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "f937f8ecd1c70efd7e9f90ba13dfb400cf559de4",
+        "rev": "35f590344ff791e6b1d6d6b8f3523467c9217caf",
         "type": "github"
       },
       "original": {
@@ -116,11 +117,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1756617294,
-        "narHash": "sha256-aGnd4AHIYCWQKChAkHPpX+YYCt7pA6y2LFFA/s8q0wQ=",
+        "lastModified": 1764560356,
+        "narHash": "sha256-M5aFEFPppI4UhdOxwdmceJ9bDJC4T6C6CzCK1E2FZyo=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b4c2c57c31e68544982226d07e4719a2d86302a8",
+        "rev": "6c8f0cca84510cc79e09ea99a299c9bc17d03cb6",
         "type": "github"
       },
       "original": {

flake.nix

@@ -3,7 +3,7 @@
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
     headscale.url = "github:juanfont/headscale";
     headplane = {
-      url = "github:tale/headplane";
+      url = "github:tale/headplane/bd8a7a56d4021edf58511c6ab333af864d91304c";  # Pin to version 0.6.0 that works with Go 1.24
       inputs.nixpkgs.follows = "nixpkgs";
     };
   };