Merge pull request 'chore: disable VM tailscale bootstrap for now' (#32) from stage into master

Reviewed-on: #32
2026-02-28 13:47:11 +00:00
parent 8b8bab77b0 c516c8ba35
commit ba1884bbc5
6 changed files with 0 additions and 14 deletions
--- a/.gitea/workflows/terraform-apply.yml
+++ b/.gitea/workflows/terraform-apply.yml
@@ -24,7 +24,6 @@ jobs:
          cat > secrets.auto.tfvars << EOF
          pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}"
          SSH_KEY_PUBLIC      = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')"
-          TS_AUTHKEY          = "$(printf '%s' "${{ secrets.TS_AUTHKEY }}" | tr -d '\r\n')"
          EOF
          cat > backend.hcl << EOF
          bucket                      = "${{ secrets.B2_TF_BUCKET }}"
--- a/.gitea/workflows/terraform-destroy.yml
+++ b/.gitea/workflows/terraform-destroy.yml
@@ -44,7 +44,6 @@ jobs:
          cat > secrets.auto.tfvars << EOF
          pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}"
          SSH_KEY_PUBLIC      = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')"
-          TS_AUTHKEY          = "$(printf '%s' "${{ secrets.TS_AUTHKEY }}" | tr -d '\r\n')"
          EOF
          cat > backend.hcl << EOF
          bucket                      = "${{ secrets.B2_TF_BUCKET }}"
--- a/.gitea/workflows/terraform-plan.yml
+++ b/.gitea/workflows/terraform-plan.yml
@@ -26,7 +26,6 @@ jobs:
          cat > secrets.auto.tfvars << EOF
          pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}"
          SSH_KEY_PUBLIC      = "$(printf '%s' "${{ secrets.SSH_KEY_PUBLIC }}" | tr -d '\r\n')"
-          TS_AUTHKEY          = "$(printf '%s' "${{ secrets.TS_AUTHKEY }}" | tr -d '\r\n')"
          EOF
          cat > backend.hcl << EOF
          bucket                      = "${{ secrets.B2_TF_BUCKET }}"
--- a/terraform/cloud-init.tf
+++ b/terraform/cloud-init.tf
@@ -3,7 +3,6 @@ data "template_file" "cloud_init_global" {

  vars = {
    SSH_KEY_PUBLIC = var.SSH_KEY_PUBLIC
-    TS_AUTHKEY     = var.TS_AUTHKEY
  }
 }

--- a/terraform/files/cloud_init_global.tpl
+++ b/terraform/files/cloud_init_global.tpl
@@ -11,7 +11,3 @@ users:
  - name: micqdf
    ssh_authorized_keys:
      - ${SSH_KEY_PUBLIC}
-
-runcmd:
-  - [ /run/current-system/sw/bin/sh, -lc, "set -eu; install -d -m 700 /var/lib/tailscale; rm -f /var/lib/tailscale/tailscaled.state" ]
-  - [ /run/current-system/sw/bin/sh, -lc, "set -eu; for i in 1 2 3 4 5; do /run/current-system/sw/bin/tailscale up --reset --auth-key='${TS_AUTHKEY}' --hostname='$(hostname)' --advertise-tags='tag:k8s' && exit 0; sleep 15; done; /run/current-system/sw/bin/tailscale up --reset --auth-key='${TS_AUTHKEY}' --hostname='$(hostname)'" ]
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -71,9 +71,3 @@ variable "SSH_KEY_PUBLIC" {
  type        = string
  description = "Public SSH key injected via cloud-init"
 }
-
-variable "TS_AUTHKEY" {
-  type        = string
-  sensitive   = true
-  description = "Tailscale auth key used during cloud-init enrollment"
-}