feat: tailscale

This commit is contained in:
Tine 2024-11-09 17:43:32 +01:00
parent 9acc5c83b4
commit af502b77d2
Signed by: mentos1386
SSH key fingerprint: SHA256:MNtTsLbihYaWF8j1fkOHfkKNlnN1JQfxEU/rBU8nCGw

View file

@ -7,7 +7,7 @@ set -euo pipefail
cd /srv
# Clone if not yet cloned
if [ ! -d .git ]; then
git clone https://code.tjo.space/tjo-cloud/ingress.git .
git clone --depth 1 https://code.tjo.space/tjo-cloud/ingress.git .
else
git pull
fi
@ -35,14 +35,20 @@ apt install -y \
# Grafana Alloy
mkdir -p /etc/apt/keyrings/
wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | tee /etc/apt/keyrings/grafana.gpg >/dev/null
echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | tee /etc/apt/sources.list.d/grafana.list
wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor >/etc/apt/keyrings/grafana.gpg
echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" >/etc/apt/sources.list.d/grafana.list
apt update -y
apt install -y alloy
# Tailscale
curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/noble.noarmor.gpg >/usr/share/keyrings/tailscale-archive-keyring.gpg
curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/noble.tailscale-keyring.list >/etc/apt/sources.list.d/tailscale.list
apt update -y
apt install -y tailscale
##
# Ensure services are enabled
systemctl enable --now nginx alloy
systemctl enable --now nginx alloy tailscaled
##
# Configure Alloy
@ -61,6 +67,15 @@ echo "OTEL_RESOURCE_ATTRIBUTES=${ATTRIBUTES}" >>/etc/default/alloy
} >>/etc/default/alloy
systemctl reload alloy
##
# Configure Tailscale
tailscale up \
--ssh=true \
--accept-routes=true \
--accept-dns=false \
--advertise-tags="tag:ingress-tjo-cloud" \
--hostname="$(hostname -f | sed 's/\./-/g')"
##
# Configure NGINX
cp assets/dbip-city-lite-2023-07.mmdb /var/geoip.mmdb