HomeInfra/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Rancher access: add kubectl port-forward + tailscale serve setup
Some checks failed
Deploy Cluster / Ansible (push) Has been cancelled
Details
Deploy Cluster / Terraform (push) Has been cancelled
Details

Browse Source
This commit is contained in:
MichaelFisher1997
2026-03-24 20:01:57 +00:00
parent 47b384a337
commit 60ceac4624
7 changed files with 35 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ansible/roles/private-access/tasks/main.yml
View File

@@ -35,6 +35,18 @@
unit_local_port: 19001
unit_remote_port: 9001
- name: Create systemd unit for Rancher private access
template:
src: kubectl-port-forward.service.j2
dest: /etc/systemd/system/k8s-portforward-rancher.service
mode: "0644"
vars:
unit_description: Port-forward Rancher for Tailscale access
unit_namespace: cattle-system
unit_target: svc/rancher
unit_local_port: 19442
unit_remote_port: 80
- name: Reload systemd
systemd:
daemon_reload: true
@@ -48,11 +60,13 @@
- k8s-portforward-grafana.service
- k8s-portforward-prometheus.service
- k8s-portforward-flux-ui.service
- k8s-portforward-rancher.service
- name: Configure Tailscale Serve for private access endpoints
shell: >-
tailscale serve reset &&
tailscale serve --bg --tcp={{ private_access_grafana_port }} tcp://127.0.0.1:13080 &&
tailscale serve --bg --tcp={{ private_access_prometheus_port }} tcp://127.0.0.1:19090 &&
tailscale serve --bg --tcp={{ private_access_flux_port }} tcp://127.0.0.1:19001
tailscale serve --bg --tcp={{ private_access_flux_port }} tcp://127.0.0.1:19001 &&
tailscale serve --bg --tcp={{ private_access_rancher_port }} tcp://127.0.0.1:19442
changed_when: true