chore: disable VM tailscale bootstrap for now

Remove tailscale auth/bootstrap from cloud-init and workflows, keeping VM provisioning focused on core network behind pfSense while preserving SSH key cloud-init setup.
2026-02-28 13:46:11 +00:00
parent 93bba9fbfc
commit c516c8ba35
6 changed files with 0 additions and 14 deletions
--- a/terraform/cloud-init.tf
+++ b/terraform/cloud-init.tf
@@ -3,7 +3,6 @@ data "template_file" "cloud_init_global" {

  vars = {
    SSH_KEY_PUBLIC = var.SSH_KEY_PUBLIC
-    TS_AUTHKEY     = var.TS_AUTHKEY
  }
 }

--- a/terraform/files/cloud_init_global.tpl
+++ b/terraform/files/cloud_init_global.tpl
@@ -11,7 +11,3 @@ users:
  - name: micqdf
    ssh_authorized_keys:
      - ${SSH_KEY_PUBLIC}
-
-runcmd:
-  - [ /run/current-system/sw/bin/sh, -lc, "set -eu; install -d -m 700 /var/lib/tailscale; rm -f /var/lib/tailscale/tailscaled.state" ]
-  - [ /run/current-system/sw/bin/sh, -lc, "set -eu; for i in 1 2 3 4 5; do /run/current-system/sw/bin/tailscale up --reset --auth-key='${TS_AUTHKEY}' --hostname='$(hostname)' --advertise-tags='tag:k8s' && exit 0; sleep 15; done; /run/current-system/sw/bin/tailscale up --reset --auth-key='${TS_AUTHKEY}' --hostname='$(hostname)'" ]
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -71,9 +71,3 @@ variable "SSH_KEY_PUBLIC" {
  type        = string
  description = "Public SSH key injected via cloud-init"
 }
-
-variable "TS_AUTHKEY" {
-  type        = string
-  sensitive   = true
-  description = "Tailscale auth key used during cloud-init enrollment"
-}