feat(tailscale): Complete configuration

This commit is contained in:
Tanguy Herbron 2024-01-14 01:31:57 +01:00
parent 73e48b3203
commit f3cda8f36c

View File

@ -1,50 +1,82 @@
--- ---
# tasks file for headscale # tasks file for headscale
- name: Check if tailscale (client) is installed
shell: command -v tailscale >/dev/null 2>&1
register: tailscale_exists
ignore_errors: true
changed_when: false
- name: Check if headscale is installed
shell: command -v headscale >/dev/null 2>&1
register: headscale_exists
ignore_errors: true
changed_when: false
- name: Download headscale binary (arm64) - name: Download headscale binary (arm64)
ansible.builtin.get_url: get_url:
url: https://github.com/juanfont/headscale/releases/download/v0.22.3/headscale_0.22.3_linux_arm64.deb url: https://github.com/juanfont/headscale/releases/download/v0.22.3/headscale_0.22.3_linux_arm64.deb
dest: /tmp/headscale_install.deb dest: /tmp/headscale_install.deb
when: ansible_architecture == "aarch64" mode: u+rwx
when: ansible_architecture == "aarch64" and inventory_hostname in groups['headscale_server']
- name: Download headscale binary (amd64) - name: Download headscale binary (amd64)
ansible.builtin.get_url: get_url:
url: https://github.com/juanfont/headscale/releases/download/v0.22.3/headscale_0.22.3_linux_amd64.deb url: https://github.com/juanfont/headscale/releases/download/v0.22.3/headscale_0.22.3_linux_amd64.deb
dest: /tmp/headscale_install.deb dest: /tmp/headscale_install.deb
when: ansible_architecture == "x86_64" mode: u+rwx
when: ansible_architecture == "x86_64" and inventory_hostname in groups['headscale_server']
- name: Install headscale - name: Download tailscale install script
get_url:
url: https://tailscale.com/install.sh
dest: /tmp/tailscale_install.sh
mode: u+rwx
when: tailscale_exists.rc != 0
- name: Install headscale (server)
apt: apt:
deb: /tmp/headscale_install.deb deb: /tmp/headscale_install.deb
become: true become: true
when: inventory_hostname in groups['headscale_server']
- name: Enable and start headscale service - name: Install tailscale (client)
ansible.builtin.service: command: /tmp/tailscale_install.sh
become: true
when: tailscale_exists.rc != 0
changed_when: true
- name: Enable and start headscale server
service:
name: headscale name: headscale
state: started state: started
enabled: yes enabled: true
become: true become: true
when: inventory_hostname in groups['headscale_server'] when: inventory_hostname in groups['headscale_server']
- name: Create headscale users - name: Create headscale users
loop: "{{ groups['headscale_client'] }}" loop: "{{ groups['all'] }}"
command: headscale users create "{{ hostname }}" command: headscale users create "{{ item }}"
when: inventory_hostname in groups['headscale_server'] when: inventory_hostname in groups['headscale_server']
become: true become: true
- name: Generate pre authentication keys - name: Generate pre authentication keys
loop: "{{ groups['headscale_client'] }}" with_items: "{{ groups['all'] }}"
command: headscale --user "{{ hostname }}" preauthkeys create --expiration 1h command: headscale --user "{{ item }}" preauthkeys create --expiration 1h
when: inventory_hostname in groups['headscale_server'] when: inventory_hostname in groups['headscale_server']
become: true become: true
register: headscale_preauthkey register: headscale_preauthkey
- name: Print keys - name: Register clients
loop: "{{ headscale_preauthkey.results }}" with_items: "{{ hostvars[groups['headscale_server'][0]].headscale_preauthkey.results }}"
debug: command: |
msg: "{{ item.stdout }}" tailscale up --reset --login-server
when: inventory_hostname in groups['headscale_server'] http://"{{ hostvars[groups['headscale_server'][0]]['ansible_default_ipv4']['address'] }}":8080
--auth-key "{{ item.stdout }}"
become: true
when: inventory_hostname in groups['all'] and inventory_hostname in item['item']
#- name: - name: Advertise exit nodes
# ansible.builtin.command: headscale -- command: tailscale set --advertise-exit-node
# register: become: true
when: inventory_hostname in groups['headscale_server']