Erich Blume
6f244e6f4f
- Manage tailscale serve configuration declaratively via ansible - Define services in defaults/main.yml (grafana, forge, kiwix, pypi) - Role depends on service roles to ensure correct execution order - Incremental idempotency: only apply if service missing Two-layer tailnet IaC is now complete: - Layer 1 (Pulumi): ACLs, tags, DNS - Layer 2 (Ansible): tailscale serve config Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
27 lines
540 B
YAML
27 lines
540 B
YAML
---
|
|
# Tailscale serve configuration for this host
|
|
# Each service maps a Tailscale service name to local endpoints
|
|
|
|
tailscale_services:
|
|
- name: svc:grafana
|
|
https:
|
|
port: 443
|
|
upstream: http://localhost:3000
|
|
|
|
- name: svc:forge
|
|
https:
|
|
port: 443
|
|
upstream: http://localhost:3001
|
|
tcp:
|
|
port: 22
|
|
upstream: tcp://localhost:2200
|
|
|
|
- name: svc:kiwix
|
|
https:
|
|
port: 443
|
|
upstream: http://localhost:5501
|
|
|
|
- name: svc:pypi
|
|
https:
|
|
port: 443
|
|
upstream: http://127.0.0.1:3141
|