ilia/ansible
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
ansible/SIMPLE_SETUP.md

1.8 KiB
Raw Blame History

Simple Tailscale Setup

What you need:

  1. A Tailscale account (free at https://tailscale.com)
  2. An auth key from your Tailscale admin console

3-Step Setup:

Step 1: Get your auth key

  1. Go to https://login.tailscale.com/admin/settings/keys
  2. Click "Generate auth key"
  3. Make it Reusable and set expiration to 90 days (or longer)
  4. Copy the key (starts with tskey-auth-)

Step 2: Store the key securely

make create-vault

When prompted, add this content:

---
vault_tailscale_auth_key: "tskey-auth-your-actual-key-here"

Save and exit.

Step 3: Install Tailscale everywhere

# Check what will happen (dry run)
make tailscale-check

# Install on all machines
make tailscale

That's it! Your machines should now be connected to your Tailscale network.

Check if it worked:

make tailscale-status

How the vault connects to your settings:

The group_vars/all.yml file now contains:

tailscale_auth_key: "{{ vault_tailscale_auth_key | default('') }}"

This tells Ansible: "Look for vault_tailscale_auth_key in the encrypted vault file, and if it's not there, use an empty string."

So when you put your real auth key in the vault, it automatically gets used!

The confusing variables explained:

  • tailscale_auth_key: YOU NEED THIS - your authentication key
  • tailscale_ssh: USEFUL - lets you SSH through Tailscale network
  • tailscale_accept_routes: USEFUL - access other networks through Tailscale
  • tailscale_hostname: OPTIONAL - custom name (defaults to your server names)
  • tailscale_advertise_routes: ADVANCED - share your local network with others
  • tailscale_shields_up: SECURITY - blocks incoming connections
  • Everything else: IGNORE unless you have specific enterprise needs