add tailscale to backup role

2025-10-14 09:19:55 +02:00
parent 6335e200cd
commit d1d15ea480
5 changed files with 72 additions and 1 deletions
--- a/roles/backup/tasks/main.yml
+++ b/roles/backup/tasks/main.yml
@@ -12,6 +12,7 @@
  # Perform remaining tasks:
  - import_tasks: system_setup/cron.yml
  - import_tasks: system_setup/copy_backup_config.yml
+  - import_tasks: system_setup/configure_tailscale.yml

  rescue:
    - set_fact: task_failed=true
--- a/roles/backup/tasks/software/packages_utilities.yml
+++ b/roles/backup/tasks/software/packages_utilities.yml
@@ -20,4 +20,37 @@
    state: latest
    name:
      - mariadb-client
-  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+
+- name: backup | tailscale | install tailscale (arch)
+  tags: packages,system,system setup,tailscale
+  package:
+    name: tailscale
+    state: latest
+  when: ansible_distribution == "Archlinux"
+
+- name: backup | tailscale | install prerequisites (debian-based)
+  tags: packages,system,system setup,tailscale
+  apt:
+    name:
+      - apt-transport-https
+      - ca-certificates
+    state: present
+  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+
+- name: backup | tailscale | add tailscale apt key (debian-based)
+  tags: packages,system,system setup,tailscale
+  get_url:
+    url: "https://pkgs.tailscale.com/stable/{{ ansible_distribution | lower }}/{{ ansible_distribution_release }}.noarmor.gpg"
+    dest: /usr/share/keyrings/tailscale-archive-keyring.gpg
+    mode: '0644'
+  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+
+- name: backup | tailscale | add tailscale repository (debian-based)
+  tags: packages,system,system setup,tailscale
+  apt_repository:
+    repo: "deb [signed-by=/usr/share/keyrings/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main"
+    state: present
+    filename: tailscale
+  when: ansible_distribution in [ "Debian", "Ubuntu", "Linux Mint" ]
+  notify: update apt cache
--- a/roles/backup/tasks/system_setup/configure_tailscale.yml
+++ b/roles/backup/tasks/system_setup/configure_tailscale.yml
@@ -0,0 +1,21 @@
+---
+- include_vars: "headscale.yml"
+  ignore_errors: True
+
+- name: backup | tailscale | ensure tailscale is enabled and running
+  tags: tailscale,system,system setup
+  service:
+    name: tailscaled
+    state: started
+    enabled: true
+
+- name: backup | tailscale | connect to headscale
+  tags: tailscale,system,system setup
+  command: "tailscale up --login-server {{ headscale_url }} --authkey {{ headscale_authkey }}"
+  args:
+    creates: /var/lib/tailscale/tailscaled.state
+  when:
+    - headscale_url is defined
+    - headscale_authkey is defined
+  changed_when: true
+  notify: restart tailscaled