feat: Expose Rancher via Tailscale hostname

infrastructure/addons/rancher/helmrelease-rancher.yaml

@@ -22,7 +22,7 @@ spec:
     remediation:
       retries: 3
   values:
-    hostname: k8s-cluster-cp-1-1.silverside-gopher.ts.net
+    hostname: rancher.silverside-gopher.ts.net
     tls: external
     replicas: 1
     extraEnv:

infrastructure/addons/rancher/kustomization.yaml

@@ -5,3 +5,4 @@ resources:
   - helmrepository-rancher.yaml
   - helmrelease-rancher.yaml
   - rancher-bootstrap-password-externalsecret.yaml
+  - rancher-tailscale-service.yaml

infrastructure/addons/rancher/rancher-tailscale-service.yaml

@@ -0,0 +1,22 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: rancher-tailscale
+  namespace: cattle-system
+  annotations:
+    tailscale.com/hostname: rancher
+    tailscale.com/proxy-class: infra-stable
+spec:
+  type: LoadBalancer
+  loadBalancerClass: tailscale
+  selector:
+    app: cattle-system-rancher
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: 80
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: 444