forked from mobalt/ccf-relay
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathtailscale.yml
64 lines (58 loc) · 2 KB
/
tailscale.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
##################################################################################################
## Tailscale
## As per https://tailscale.com/download/linux/ubuntu-2204
##################################################################################################
- hosts: all
become: yes
become_method: sudo
vars:
# This is a bad place to put the key, even as an example.
# could accidently be added to repo. Please remove key
# definition to some extra-repo file like .env etc.
#tailscale_authkey: tskey-aaaaaaaaaaaa-bbbbbbbbbbccccccddddde
## FIRST: source ./secrets/setup_env.sh
tailscale_authkey: "{{ lookup('env', 'TAILSCALE_AUTHKEY') }}"
tasks:
- name: Add Tailscale GPG apt Key
apt_key:
id: 2596A99EAAB33821893C0A79458CA832957F5868
url: https://pkgs.tailscale.com/stable/ubuntu/jammy.gpg
state: present
keyring: /etc/apt/trusted.gpg.d/tailscale-archive-keyring.gpg
- name: Add Tailscale Repository
apt_repository:
repo: deb [signed-by=/etc/apt/trusted.gpg.d/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/ubuntu jammy main
state: present
- name: Install Tailscale
apt:
name:
- tailscale
state: latest
update_cache: true
- name: Enable tailscaled
systemd:
name: tailscaled
enabled: true
state: started
- name: Validate tailscale_authkey
assert:
that:
- tailscale_authkey is defined
- tailscale_authkey|length >= 30
quiet: true
success_msg: 'TAILSCALE_AUTHKEY is valid'
register: authorization
ignore_errors: true
- name: Check if tailscale is up
command: tailscale status
register: status
failed_when: status.rc|int > 1
changed_when: false
- name: Connect machine to tailscale
command: "tailscale up -authkey {{ tailscale_authkey }}"
no_log: true
when:
- status.rc|int != 0
- not authorization.failed
register: tailscale_node
changed_when: tailscale_node.rc|int == 0