blumeops

History

Erich Blume 630ebcd12d Add ringtail DeviceTags and homelab-to-homelab SSH rule (#210 ) ## Summary - Add `ringtail` DeviceTags Pulumi resource with `tag:homelab` + `tag:blumeops` (matching indri/sifaka pattern) - Remove the bootstrap `ringtail_key` auth key — ringtail is already on the tailnet - Add SSH ACL rule allowing `tag:homelab` → `tag:homelab` SSH, unblocking cross-host management (e.g., ringtail running ansible against indri) ## Deployment and Testing - [ ] `mise run tailnet-preview` — dry run, confirm diff - [ ] `mise run tailnet-up` — apply - [ ] From ringtail: `ssh indri 'hostname'` — should succeed 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/210	2026-02-18 21:48:11 -08:00
..
gandi	Review gandi-operations doc and reorganize how-to guides (#200 )	2026-02-17 07:29:33 -08:00
tailscale	Add ringtail DeviceTags and homelab-to-homelab SSH rule (#210 )	2026-02-18 21:48:11 -08:00

Erich Blume 630ebcd12d Add ringtail DeviceTags and homelab-to-homelab SSH rule (#210 )

## Summary
- Add `ringtail` DeviceTags Pulumi resource with `tag:homelab` + `tag:blumeops` (matching indri/sifaka pattern)
- Remove the bootstrap `ringtail_key` auth key — ringtail is already on the tailnet
- Add SSH ACL rule allowing `tag:homelab` → `tag:homelab` SSH, unblocking cross-host management (e.g., ringtail running ansible against indri)

## Deployment and Testing
- [ ] `mise run tailnet-preview` — dry run, confirm diff
- [ ] `mise run tailnet-up` — apply
- [ ] From ringtail: `ssh indri 'hostname'` — should succeed

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/210

2026-02-18 21:48:11 -08:00

gandi

Review gandi-operations doc and reorganize how-to guides (#200 )

2026-02-17 07:29:33 -08:00

tailscale

Add ringtail DeviceTags and homelab-to-homelab SSH rule (#210 )

2026-02-18 21:48:11 -08:00