ilia/ansible
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
ansible/roles/tailscale
History
ilia 3415340e26
All checks were successful
CI / skip-ci-check (pull_request) Successful in 1m18s
Details
CI / lint-and-test (pull_request) Successful in 1m21s
Details
CI / ansible-validation (pull_request) Successful in 2m43s
Details
CI / secret-scanning (pull_request) Successful in 1m19s
Details
CI / dependency-scan (pull_request) Successful in 1m23s
Details
CI / sast-scan (pull_request) Successful in 2m28s
Details
CI / license-check (pull_request) Successful in 1m20s
Details
CI / vault-check (pull_request) Successful in 2m21s
Details
CI / playbook-test (pull_request) Successful in 2m19s
Details
CI / container-scan (pull_request) Successful in 1m48s
Details
CI / sonar-analysis (pull_request) Successful in 1m26s
Details
CI / workflow-summary (pull_request) Successful in 1m17s
Details
Refactor playbooks: servers/workstations, split monitoring, improve shell
2025-12-31 23:13:03 -05:00
..
defaults
Add monitoring and backup roles, enhancing infrastructure management capabilities. Introduce Proxmox VM creation playbook for automated VM provisioning. Update Makefile with new commands for monitoring and backup tasks. Enhance README.md with detailed usage instructions for new features, including automated backups and system monitoring tools. Refactor existing roles for improved organization and clarity, ensuring compatibility across various systems.
2025-09-07 22:17:22 -04:00
handlers
Add monitoring and backup roles, enhancing infrastructure management capabilities. Introduce Proxmox VM creation playbook for automated VM provisioning. Update Makefile with new commands for monitoring and backup tasks. Enhance README.md with detailed usage instructions for new features, including automated backups and system monitoring tools. Refactor existing roles for improved organization and clarity, ensuring compatibility across various systems.
2025-09-07 22:17:22 -04:00
tasks
Refactor playbooks: servers/workstations, split monitoring, improve shell
2025-12-31 23:13:03 -05:00
README.md
Add initial project structure with configuration files and playbooks for infrastructure management. Introduce .ansible-lint-ignore to manage linting exceptions for vault files. Create README.md and documentation for setup guides, including Tailscale and monitoring roles. Establish Makefile commands for streamlined execution of playbooks and tasks. Update inventory structure for better organization of hosts and variables.
2025-09-09 21:12:08 -04:00

README.md

Role: tailscale

Description

Installs and configures Tailscale VPN mesh networking for secure connectivity across all managed hosts.

Requirements

  • Ansible 2.9+
  • Debian/Ubuntu/Alpine Linux
  • Tailscale account and auth key
  • Internet connectivity

Features

  • Cross-platform support (Debian, Ubuntu, Alpine)
  • Automatic OS detection and package installation
  • Secure auth key management via vault
  • Configurable network settings
  • SSH over Tailscale support

Variables

Variable Default Description
tailscale_auth_key {{ vault_tailscale_auth_key }} Auth key from vault
tailscale_hostname {{ inventory_hostname }} Custom hostname
tailscale_accept_routes true Accept subnet routes
tailscale_accept_dns true Accept DNS settings
tailscale_ssh true Enable SSH server
tailscale_shields_up false Block incoming connections

Vault Variables (Required)

Variable Description
vault_tailscale_auth_key Tailscale authentication key

Dependencies

  • Valid Tailscale account
  • Auth key stored in Ansible vault

Example Playbook

- hosts: all
  roles:
    - role: tailscale
      tailscale_accept_routes: false

Tags

  • tailscale: All Tailscale tasks
  • vpn: VPN configuration
  • network: Network setup

Supported Platforms

  • Debian: bullseye, bookworm, trixie
  • Ubuntu: focal, jammy, noble
  • Alpine: all versions

Notes

  • Requires Tailscale auth key in vault
  • Machines need approval in Tailscale admin console
  • Supports both reusable and ephemeral keys
  • Automatic logout/re-auth on key changes