eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/pulumi/tailscale
History
Erich Blume 630ebcd12d Add ringtail DeviceTags and homelab-to-homelab SSH rule (#210) 
## Summary
- Add `ringtail` DeviceTags Pulumi resource with `tag:homelab` + `tag:blumeops` (matching indri/sifaka pattern)
- Remove the bootstrap `ringtail_key` auth key — ringtail is already on the tailnet
- Add SSH ACL rule allowing `tag:homelab` → `tag:homelab` SSH, unblocking cross-host management (e.g., ringtail running ansible against indri)

## Deployment and Testing
- [ ] `mise run tailnet-preview` — dry run, confirm diff
- [ ] `mise run tailnet-up` — apply
- [ ] From ringtail: `ssh indri 'hostname'` — should succeed

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/210
2026-02-18 21:48:11 -08:00
..
.gitignore Add Fly.io public reverse proxy for docs.eblu.me (#120) 2026-02-08 02:36:19 -08:00
__main__.py Add ringtail DeviceTags and homelab-to-homelab SSH rule (#210) 2026-02-18 21:48:11 -08:00
policy.hujson Add ringtail DeviceTags and homelab-to-homelab SSH rule (#210) 2026-02-18 21:48:11 -08:00
Pulumi.tail8d86e.yaml Add Gandi DNS management via Pulumi (#54) 2026-01-25 08:15:46 -08:00
Pulumi.yaml Add Gandi DNS management via Pulumi (#54) 2026-01-25 08:15:46 -08:00
pyproject.toml Add Gandi DNS management via Pulumi (#54) 2026-01-25 08:15:46 -08:00
uv.lock Add Fly.io public reverse proxy for docs.eblu.me (#120) 2026-02-08 02:36:19 -08:00