Use tailscale to allow ssh access to gitea

2025-05-23 00:15:04 +10:00
parent 3f70bc62d3
commit c1aeb11354
5 changed files with 97 additions and 14 deletions
--- a/2-nomad-config/2-services.tf
+++ b/2-nomad-config/2-services.tf
@@ -58,8 +58,19 @@ resource "nomad_csi_volume_registration" "unraid_appdata_transferfilebrowser" {
  }
 }

+resource "cloudflare_dns_record" "git-othrayte-one" {
+  comment = "git.othrayte.one maps to tailscale fqdn"
+  zone_id = "2616ab2a44d0645b03fbc3106c79bd99"
+  type    = "CNAME"
+  name    = "git"
+  content = "git.tail15856.ts.net"
+  ttl     = 1 # Auto
+}
+
 resource "nomad_job" "gitea" {
-  jobspec = file("gitea.nomad.hcl")
+  jobspec = templatefile("gitea.nomad.hcl", {
+    ts_authkey = data.sops_file.secrets.data["tailscale.auth_key"]
+  })
 }

 resource "nomad_variable" "gitea" {