ansible/roles/tailscale/tasks/main.yml

---
- name: Include OS-specific installation tasks
  ansible.builtin.include_tasks: "{{ ansible_os_family | lower }}.yml"

- name: Fail if not running on supported OS
  ansible.builtin.fail:
    msg: "This role only supports Ubuntu, Debian, and Alpine systems"
  when: ansible_os_family not in ["Debian", "Alpine"]

- name: Check if Tailscale is already connected
  ansible.builtin.command: tailscale status --json
  register: tailscale_status
  failed_when: false
  changed_when: false

- name: Parse Tailscale status
  ansible.builtin.set_fact:
    tailscale_connected: "{{ (tailscale_status.stdout | from_json).BackendState == 'Running' if tailscale_status.rc == 0 and tailscale_status.stdout != '' else false }}"

- name: Reset Tailscale if requested
  ansible.builtin.command: tailscale logout
  when:
    - tailscale_reset | bool
    - tailscale_connected | bool
  notify: Restart tailscaled
  changed_when: true

- name: Connect to Tailscale network
  ansible.builtin.command: >
    tailscale up --reset
    {{ '--auth-key=' + tailscale_auth_key if tailscale_auth_key else '' }}
    {{ '--hostname=' + tailscale_hostname if tailscale_hostname else '' }}
    {{ '--advertise-routes=' + tailscale_advertise_routes if tailscale_advertise_routes else '' }}
    {{ '--accept-routes' if tailscale_accept_routes else '--accept-routes=false' }}
    {{ '--accept-dns' if tailscale_accept_dns else '--accept-dns=false' }}
    {{ '--shields-up' if tailscale_shields_up else '' }}
    {{ '--login-server=' + tailscale_login_server if tailscale_login_server else '' }}
    {{ '--operator=' + tailscale_operator if tailscale_operator else '' }}
    {{ '--ssh' if tailscale_ssh else '' }}
  when: not tailscale_connected or tailscale_reset
  register: tailscale_up_result
  changed_when: tailscale_up_result.rc == 0

- name: Display Tailscale status
  ansible.builtin.command: tailscale status
  register: tailscale_final_status
  changed_when: false

- name: Show Tailscale connection status
  ansible.builtin.debug:
    msg: "{{ tailscale_final_status.stdout_lines }}"