dumontix/forgejo-autohebergement
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
forgejo-autohebergement/ansible/roles/forgejo/tasks/tailscale.yml
Horacio Duran 822e42dbb8 Add Template to deploy forgejo. 
This template allows deploying a forgejo en either Scaleway or Hetzner
(untested) without much knowledge about them.
It DOES require knowledge about Terragrunt and ansible. A wizard of
sorts is provided but it will not guarantee success without some
knowledge about the underlying technology.
2026-01-09 16:07:44 +01:00

76 lines
2.2 KiB
YAML
Raw Blame History

---
# Tailscale VPN installation and configuration
# Provides secure access to SSH and internal services
- name: Install prerequisites for Tailscale
ansible.builtin.apt:
name:
- curl
- gnupg
- apt-transport-https
state: present
update_cache: yes
become: yes
- name: Add Tailscale GPG key
ansible.builtin.shell: |
curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/noble.noarmor.gpg | tee /usr/share/keyrings/tailscale-archive-keyring.gpg > /dev/null
args:
creates: /usr/share/keyrings/tailscale-archive-keyring.gpg
become: yes
- name: Add Tailscale repository
ansible.builtin.shell: |
curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/noble.tailscale-keyring.list | tee /etc/apt/sources.list.d/tailscale.list > /dev/null
args:
creates: /etc/apt/sources.list.d/tailscale.list
become: yes
- name: Install Tailscale
ansible.builtin.apt:
name: tailscale
state: present
update_cache: yes
become: yes
- name: Enable Tailscale service
ansible.builtin.systemd:
name: tailscaled
state: started
enabled: yes
become: yes
- name: Check if Tailscale is already authenticated
ansible.builtin.command: tailscale status
register: tailscale_status
ignore_errors: yes
changed_when: false
become: yes
- name: Display Tailscale authentication instructions
ansible.builtin.debug:
msg: |
===============================================================
TAILSCALE AUTHENTICATION REQUIRED
===============================================================
Tailscale is installed but needs to be authenticated.
SSH into the server and run:
sudo tailscale up --ssh
This will:
1. Open a browser URL for authentication
2. Connect to your Tailnet
3. Enable Tailscale SSH (optional but recommended)
For headless servers, use an auth key:
sudo tailscale up --authkey=tskey-auth-XXXXX
Generate an auth key at: https://login.tailscale.com/admin/settings/keys
After authentication, you can access this server via:
- Tailscale IP (shown in 'tailscale ip')
- Tailscale hostname (from admin console)
===============================================================
when: tailscale_status.rc != 0
View git blame Copy permalink