blumeops/argocd/manifests/tailscale-operator/kustomization.yaml at 716f1f0cfa3e9d3c9c656c10cee0f0980a61ba62 - eblume/blumeops - Forgejo: Beyond coding. We Forge.

eblume/blumeops

Erich Blume 756f2dff13 Migrate Tailscale Ingresses to shared ProxyGroup for per-Ingress tagging

The legacy per-Ingress StatefulSet proxy model silently ignores the
tailscale.com/tags annotation, so tag:flyio-target was never applied
to docs/loki/prometheus — breaking the restricted ACL. This adds a
ProxyGroup (type: Ingress, 2 replicas) and annotates all 12 Ingresses
with tailscale.com/proxy-group: "ingress" to enable per-Ingress tag
overrides and restore connectivity.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-08 12:13:04 -08:00

12 lines

230 B

YAML

Raw Blame History

 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: tailscale
 resources:
   - operator.yaml
   - proxyclass.yaml
   - proxygroup-ingress.yaml
   - dnsconfig.yaml
   - egress-forge.yaml
   - external-secret.yaml