feat: integrate tailscale access and lock SSH/API to tailnet

ansible/generate_inventory.py

@@ -26,29 +26,34 @@ def get_terraform_outputs():
 def main():
     outputs = get_terraform_outputs()
 
+    control_plane_names = outputs["control_plane_names"]["value"]
     control_plane_ips = outputs["control_plane_ips"]["value"]
     control_plane_private_ips = outputs["control_plane_private_ips"]["value"]
+    worker_names = outputs["worker_names"]["value"]
     worker_ips = outputs["worker_ips"]["value"]
     worker_private_ips = outputs["worker_private_ips"]["value"]
+    tailnet = outputs["tailscale_tailnet"]["value"]
 
     control_planes = [
         {
-            "name": f"cp-{i + 1}",
-            "public_ip": public_ip,
+            "name": name,
+            "public_ip": f"{name}.{tailnet}" if tailnet else public_ip,
             "private_ip": private_ip,
         }
-        for i, (public_ip, private_ip) in enumerate(
-            zip(control_plane_ips, control_plane_private_ips)
+        for name, public_ip, private_ip in zip(
+            control_plane_names, control_plane_ips, control_plane_private_ips
         )
     ]
 
     workers = [
         {
-            "name": f"worker-{i + 1}",
-            "public_ip": public_ip,
+            "name": name,
+            "public_ip": f"{name}.{tailnet}" if tailnet else public_ip,
             "private_ip": private_ip,
         }
-        for i, (public_ip, private_ip) in enumerate(zip(worker_ips, worker_private_ips))
+        for name, public_ip, private_ip in zip(
+            worker_names, worker_ips, worker_private_ips
+        )
     ]
 
     data = {