Fix Rancher: remove conflicting LoadBalancer, add HTTPS port-forward, use tailscale serve only

infrastructure/addons/rancher/helmrelease-rancher.yaml

@@ -22,11 +22,9 @@ spec:
     remediation:
       retries: 3
   values:
-    hostname: k8s-cluster-cp-1.silverside-gopher.ts.net
+    hostname: k8s-cluster-cp-1-1.silverside-gopher.ts.net
     tls: external
     replicas: 1
-    bootstrapPassword: ""
-    existingSecret: rancher-bootstrap-password
     extraEnv:
       - name: CATTLE_PROMETHEUS_METRICS
         value: "true"

infrastructure/addons/rancher/kustomization.yaml

@@ -4,5 +4,4 @@ resources:
   - namespace.yaml
   - helmrepository-rancher.yaml
   - helmrelease-rancher.yaml
-  - service-rancher-tailscale.yaml
   - rancher-bootstrap-password-externalsecret.yaml

infrastructure/addons/rancher/service-rancher-tailscale.yaml

@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: rancher-tailscale
-  namespace: cattle-system
-  annotations:
-    tailscale.com/hostname: k8s-cluster-cp-1-rancher
-    tailscale.com/proxy-class: infra-stable
-spec:
-  type: LoadBalancer
-  loadBalancerClass: tailscale
-  selector:
-    app: cattle-system-rancher
-  ports:
-    - name: https
-      port: 443
-      protocol: TCP
-      targetPort: 444