HomeInfra/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4726db2b5b21f5dc2da5d8281991f6ac18f0ad59
HetznerTerra/ansible/roles/k3s-server/defaults/main.yml
MichaelFisher1997 4726db2b5b
All checks were successful
Deploy Cluster / Terraform (push) Successful in 2m30s
Details
Deploy Cluster / Ansible (push) Successful in 9m48s
Details
Add Tailscale IPs to k3s TLS SANs for secure tailnet access 
Changes:
- Add tailscale_control_plane_ips list to k3s-server defaults
- Include all 3 control plane Tailscale IPs (100.120.55.97, 100.108.90.123, 100.92.149.85)
- Update primary k3s install to add Tailscale IPs to TLS certificates
- Enables kubectl access via Tailscale without certificate errors

After next deploy, cluster will be accessible via:
- kubectl --server=https://100.120.55.97:6443 (or any CP tailscale IP)
- kubectl --server=https://k8s-cluster-cp-1:6443 (via tailscale DNS)
2026-03-23 23:04:00 +00:00

16 lines
446 B
YAML
Raw Blame History

---
k3s_version: latest
k3s_token: ""
k3s_node_ip: ""
k3s_primary_public_ip: ""
k3s_disable_embedded_ccm: true
k3s_disable_servicelb: true
k3s_kubelet_cloud_provider_external: true
# Load Balancer endpoint for HA cluster joins (set in inventory)
kube_api_endpoint: ""
# Tailscale IPs for control planes (to enable tailnet access)
tailscale_control_plane_ips:
- "100.120.55.97" # cp-1
- "100.108.90.123" # cp-2
- "100.92.149.85" # cp-3
Reference in New Issue View Git Blame Copy Permalink