chore(nix): add OIDC configuration to Headscale

- Introduced OIDC settings in Headscale, including allowed domains, client ID, client secret path, and issuer.
- Enables support for OpenID Connect authentication.

systems/x86_64-linux/mx/headscale.nix

@@ -13,6 +13,12 @@ in
         dns = {
           base_domain = "hoyer.tail";
         };
+        oidc = {
+          allowed_domains = [ "hoyer.xyz" ];
+          client_id = "UgQYtXftYvB9ua4cuyZ9NBvaknQfN76pPnf50pDhqghdb87g9tFcuSMiTLVje3R7";
+          client_secret_path = "/var/lib/headscale/client_secret";
+          issuer = "https://nc.hoyer.xyz";
+        };
       };
     };