jason_riddle.tailscale

Panoramica Versioni Approfondimenti

Ansible Role for Tailscale

This is an Ansible role for managing Tailscale on Linux.

Features:

Installs Tailscale.
Registers a Node to the Tailnet.
Supports provisioning of HTTPS certificates.

Requirements

None.

Role Variables

Here are the available settings, with their default values (see defaults/main.yml):

Apt Repository Settings (for Tailscale installation):

tailscale_apt_gpg_key: "https://pkgs.tailscale.com/stable/{{ ansible_distribution|lower }}/{{ ansible_distribution_release|lower }}.gpg"
tailscale_apt_repository: "deb https://pkgs.tailscale.com/stable/{{ ansible_distribution|lower }} {{ ansible_distribution_release|lower }} main"

Yum Repository Settings (for Tailscale installation):

__ts_yum_centos_repo_url: "https://pkgs.tailscale.com/stable/centos/{{ ansible_distribution_major_version }}/tailscale.repo"
__ts_yum_fedora_repo_url: "https://pkgs.tailscale.com/stable/fedora/tailscale.repo"
tailscale_yum_repository_url: "{{ (ansible_distribution == 'Fedora') | ternary(__ts_yum_fedora_repo_url, __ts_yum_centos_repo_url) }}"

Service Control:

tailscale_service_name: "tailscaled"
tailscale_service_state: started
tailscale_service_enabled: true

Running Tailscale Up:

tailscale_up_node: false
tailscale_up_authkey: ""
tailscale_up_timeout: "30s"
tailscale_up_extra_args: ""
tailscale_up_no_log: true

(Note: tailscale_up_authkey must be set.)

Configuring HTTPS Certificates:

tailscale_cert_enabled: false
tailscale_cert_domain: ""
tailscale_cert_dir: "/usr/local/etc/ssl/certs"
tailscale_cert_filename: "{{ tailscale_cert_domain }}.crt"
tailscale_cert_private_key_dir: "/usr/local/etc/ssl/private"
tailscale_cert_private_key_filename: "{{ tailscale_cert_domain }}.key"

(Note: tailscale_cert_domain must be set.)

Dependencies

None.

Example Playbook

Installing Tailscale

- hosts: all
  roles:
    - jason_riddle.tailscale

Registering Node to Tailnet

- hosts: all
  vars:
    tailscale_up_node: true
    tailscale_up_authkey: "{{ lookup('env', 'TAILSCALE_AUTHKEY') }}"
    tailscale_up_extra_args: "--hostname={{ lookup('env', 'HOSTNAME') }}-{{ ansible_distribution|lower }}"
  roles:
    - jason_riddle.tailscale

Provisioning HTTPS Certificates

- hosts: all
  vars:
    tailscale_cert_enabled: true
    tailscale_cert_domain: "machine-name.domain-alias.ts.net"
    tailscale_cert_dir: "/usr/local/etc/ssl/certs"
    tailscale_cert_filename: "{{ tailscale_cert_domain }}.crt"
    tailscale_cert_private_key_dir: "/usr/local/etc/ssl/private"
    tailscale_cert_private_key_filename: "{{ tailscale_cert_domain }}.key"
    tailscale_default_options_enabled: true
    tailscale_default_options_settings:
      - regexp: "^#?TS_PERMIT_CERT_UID"
        line: "TS_PERMIT_CERT_UID=\"caddy\""
  roles:
    - jason_riddle.tailscale

License

Informazioni sul progetto

Tailscale on Linux.

role system tailscale

Installa

ansible-galaxy install jason_riddle.tailscale

GitHub repository

7 stelle

0 fork

3 problemi aperti

Licenza

mit

Download

2.8k

Proprietario

Jason Riddle