gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(tf): tailscale tag indirection

Browse source
This commit is contained in:
arcnmx 2024-09-05 16:42:05 -07:00
parent ba44e75d41
commit 32e9778772
1 changed files with 11 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

17
tf/tailscale_devices.tf
View file

@ -2,13 +2,16 @@ locals {
tailscale_tag_infra = "tag:infrastructure"
tailscale_tag_genso = "tag:gensokyo"
tailscale_tag_reisen = "tag:reisen"
tailscale_tag_arc = "tag:arc"
tailscale_tag_kat = "tag:kat"
tailscale_group_admin = "autogroup:admin"
tailscale_tag_arc = "tag:arc"
tailscale_tag_arc_deploy = "tag:arc-deploy"
tailscale_tag_kat = "tag:kat"
tailscale_tag_kat_deploy = "tag:kat-deploy"
tailscale_user_arc = "arc@${var.tailscale_tailnet}"
tailscale_user_kat = "kat@${var.tailscale_tailnet}"
tailscale_group_admin = "autogroup:admin"
}
resource "tailscale_acl" "tailnet" {
@ -16,9 +19,11 @@ resource "tailscale_acl" "tailnet" {
tagOwners = {
"${local.tailscale_tag_infra}" : [local.tailscale_group_admin],
"${local.tailscale_tag_reisen}" : [local.tailscale_group_admin, local.tailscale_tag_infra],
"${local.tailscale_tag_genso}" : [local.tailscale_group_admin, local.tailscale_tag_arc, local.tailscale_tag_kat],
"${local.tailscale_tag_arc}" : [local.tailscale_user_arc],
"${local.tailscale_tag_kat}" : [local.tailscale_user_kat],
"${local.tailscale_tag_genso}" : [local.tailscale_group_admin, local.tailscale_tag_arc_deploy, local.tailscale_tag_kat_deploy],
"${local.tailscale_tag_arc}" : [local.tailscale_user_arc, local.tailscale_tag_arc_deploy],
"${local.tailscale_tag_arc_deploy}" : [local.tailscale_user_arc],
"${local.tailscale_tag_kat}" : [local.tailscale_user_kat, local.tailscale_tag_kat_deploy],
"${local.tailscale_tag_kat_deploy}" : [local.tailscale_user_kat],
}
acls = [
{