HomeInfra/TerraHome-pre-k8s
1
0
Fork 0
Code Pull Requests Activity

chore: disable VM tailscale bootstrap for now

Browse Source 
Remove tailscale auth/bootstrap from cloud-init and workflows, keeping VM provisioning focused on core network behind pfSense while preserving SSH key cloud-init setup.
This commit is contained in:
MichaelFisher1997
2026-02-28 13:46:11 +00:00
parent 93bba9fbfc
commit c516c8ba35
6 changed files with 0 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitea/workflows/terraform-apply.yml
View File

@@ -24,7 +24,6 @@ jobs:
cat > secrets.auto.tfvars << EOF cat > secrets.auto.tfvars << EOF
pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}" pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}"
SSH_KEY_PUBLIC = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')" SSH_KEY_PUBLIC = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')"
TS_AUTHKEY = "$(printf '%s' "${{ secrets.TS_AUTHKEY }}" | tr -d '\r\n')"
EOF EOF
cat > backend.hcl << EOF cat > backend.hcl << EOF
bucket = "${{ secrets.B2_TF_BUCKET }}" bucket = "${{ secrets.B2_TF_BUCKET }}"

1
.gitea/workflows/terraform-destroy.yml
View File

@@ -44,7 +44,6 @@ jobs:
cat > secrets.auto.tfvars << EOF cat > secrets.auto.tfvars << EOF
pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}" pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}"
SSH_KEY_PUBLIC = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')" SSH_KEY_PUBLIC = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')"
TS_AUTHKEY = "$(printf '%s' "${{ secrets.TS_AUTHKEY }}" | tr -d '\r\n')"
EOF EOF
cat > backend.hcl << EOF cat > backend.hcl << EOF
bucket = "${{ secrets.B2_TF_BUCKET }}" bucket = "${{ secrets.B2_TF_BUCKET }}"

1
.gitea/workflows/terraform-plan.yml
View File

@@ -26,7 +26,6 @@ jobs:
cat > secrets.auto.tfvars << EOF cat > secrets.auto.tfvars << EOF
pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}" pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}"
SSH_KEY_PUBLIC = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')" SSH_KEY_PUBLIC = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')"
TS_AUTHKEY = "$(printf '%s' "${{ secrets.TS_AUTHKEY }}" | tr -d '\r\n')"
EOF EOF
cat > backend.hcl << EOF cat > backend.hcl << EOF
bucket = "${{ secrets.B2_TF_BUCKET }}" bucket = "${{ secrets.B2_TF_BUCKET }}"

1
terraform/cloud-init.tf
View File

@@ -3,7 +3,6 @@ data "template_file" "cloud_init_global" {
vars = { vars = {
SSH_KEY_PUBLIC = var.SSH_KEY_PUBLIC SSH_KEY_PUBLIC = var.SSH_KEY_PUBLIC
TS_AUTHKEY = var.TS_AUTHKEY
} }
} }

4
terraform/files/cloud_init_global.tpl
View File

@@ -11,7 +11,3 @@ users:
- name: micqdf - name: micqdf
ssh_authorized_keys: ssh_authorized_keys:
- ${SSH_KEY_PUBLIC} - ${SSH_KEY_PUBLIC}
runcmd:
- [ /run/current-system/sw/bin/sh, -lc, "set -eu; install -d -m 700 /var/lib/tailscale; rm -f /var/lib/tailscale/tailscaled.state" ]
- [ /run/current-system/sw/bin/sh, -lc, "set -eu; for i in 1 2 3 4 5; do /run/current-system/sw/bin/tailscale up --reset --auth-key='${TS_AUTHKEY}' --hostname='$(hostname)' --advertise-tags='tag:k8s' && exit 0; sleep 15; done; /run/current-system/sw/bin/tailscale up --reset --auth-key='${TS_AUTHKEY}' --hostname='$(hostname)'" ]

6
terraform/variables.tf
View File

@@ -71,9 +71,3 @@ variable "SSH_KEY_PUBLIC" {
type = string type = string
description = "Public SSH key injected via cloud-init" description = "Public SSH key injected via cloud-init"
} }
variable "TS_AUTHKEY" {
type = string
sensitive = true
description = "Tailscale auth key used during cloud-init enrollment"
}