fix: avoid server replacement; install tailscale via Ansible

2026-03-01 04:51:19 +00:00
parent 1eebfe77df
commit 011c220f59
7 changed files with 32 additions and 25 deletions
--- a/terraform/servers.tf
+++ b/terraform/servers.tf
@@ -17,14 +17,6 @@ resource "hcloud_server" "control_plane" {
    role    = "control-plane"
  }

-  user_data = <<-EOF
-    #cloud-config
-    package_update: true
-    runcmd:
-      - curl -fsSL https://tailscale.com/install.sh | sh
-      - tailscale up --authkey '${var.tailscale_auth_key}' --hostname '${var.cluster_name}-cp-${count.index + 1}' --ssh=false --accept-routes=false
-  EOF
-
  network {
    network_id = hcloud_network.cluster.id
    ip         = cidrhost(var.subnet_cidr, 10 + count.index)
@@ -52,14 +44,6 @@ resource "hcloud_server" "workers" {
    role    = "worker"
  }

-  user_data = <<-EOF
-    #cloud-config
-    package_update: true
-    runcmd:
-      - curl -fsSL https://tailscale.com/install.sh | sh
-      - tailscale up --authkey '${var.tailscale_auth_key}' --hostname '${var.cluster_name}-worker-${count.index + 1}' --ssh=false --accept-routes=false
-  EOF
-
  network {
    network_id = hcloud_network.cluster.id
    ip         = cidrhost(var.subnet_cidr, 20 + count.index)
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -76,12 +76,6 @@ variable "tailnet_cidr" {
  default     = "100.64.0.0/10"
 }

-variable "tailscale_auth_key" {
-  description = "Tailscale auth key for node bootstrap"
-  type        = string
-  sensitive   = true
-}
-
 variable "tailscale_tailnet" {
  description = "Tailnet domain suffix, e.g. mytailnet.ts.net"
  type        = string