Add ringtail DeviceTags and homelab-to-homelab SSH rule #210

Merged

eblume merged 2 commits from fix/tailscale-ssh-ringtail into main

2026-02-18 21:48:12 -08:00

Author	SHA1	Message	Date
Erich Blume	e4b930d4f4	Use accept action for homelab-to-homelab SSH rule Tagged devices cannot perform interactive browser-based "check" auth, so use "accept" for tag:homelab → tag:homelab SSH. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-18 21:40:00 -08:00
Erich Blume	c87dd1c6d7	Add ringtail DeviceTags and homelab-to-homelab SSH rule Ringtail is already on the tailnet but had no DeviceTags resource — add one matching the indri/sifaka pattern. Remove the bootstrap auth key since ringtail is fully provisioned. Add an SSH ACL rule so tag:homelab devices can SSH to each other, which unblocks ansible/cross-host management from ringtail to indri. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-18 21:38:10 -08:00

Author

SHA1

Message

Date

Erich Blume

e4b930d4f4

Use accept action for homelab-to-homelab SSH rule

Tagged devices cannot perform interactive browser-based "check" auth,
so use "accept" for tag:homelab → tag:homelab SSH.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-18 21:40:00 -08:00

Erich Blume

c87dd1c6d7

Add ringtail DeviceTags and homelab-to-homelab SSH rule

Ringtail is already on the tailnet but had no DeviceTags resource —
add one matching the indri/sifaka pattern. Remove the bootstrap auth
key since ringtail is fully provisioned.

Add an SSH ACL rule so tag:homelab devices can SSH to each other,
which unblocks ansible/cross-host management from ringtail to indri.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-18 21:38:10 -08:00