feat: deploy Tailscale Operator for secure cluster access

2026-05-09 17:29:29 +00:00 · 2026-05-09 17:29:28 +00:00 · 2026-05-09 17:29:28 +00:00 · 2026-05-09 17:29:28 +00:00 · 2026-05-09 17:29:20 +00:00 · 2026-05-09 17:29:19 +00:00
9 changed files with 86 additions and 1 deletions
@@ -1,3 +1,3 @@
 # talos-cluster

-ORION-managed cluster: Talos Cluster
+Managed by [ORION](https://github.com/richard-callis/orion-web). Do not edit manually — changes are proposed via PR.
@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: tailscale-operator
+  namespace: tailscale
+  labels:
+    app.kubernetes.io/name: tailscale-operator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: tailscale-operator
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: tailscale-operator
+    spec:
+      serviceAccountName: tailscale-operator
+      containers:
+        - name: operator
+          image: ghcr.io/tailscale/kubernetes-operator:v1.70.1
+          env:
+            - name: TS_AUTH_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: tailscale-auth
+                  key: TS_AUTH_KEY
+          resources:
+            requests:
+              cpu: 50m
+              memory: 64Mi
+            limits:
+              cpu: 100m
+              memory: 128Mi
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: tailscale
+  labels:
+    app.kubernetes.io/name: tailscale
@@ -0,0 +1,36 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: tailscale-operator
+  namespace: tailscale
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: tailscale-operator
+rules:
+  - apiGroups: ["apps"]
+    resources: ["deployments", "statefulsets", "daemonsets"]
+    verbs: ["get", "list", "watch", "update", "patch"]
+  - apiGroups: [""]
+    resources: ["services", "endpoints"]
+    verbs: ["get", "list", "watch", "update", "patch"]
+  - apiGroups: ["policy.tailscale.com"]
+    resources: ["tailnets", "tailscales"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+  - apiGroups: ["policy.tailscale.com"]
+    resources: ["tailnets/status", "tailscales/status"]
+    verbs: ["get", "update", "patch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: tailscale-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: tailscale-operator
+subjects:
+  - kind: ServiceAccount
+    name: tailscale-operator
+    namespace: tailscale
@@ -0,0 +1,9 @@
+apiVersion: policy.tailscale.com/v1alpha1
+kind: Tailnet
+metadata:
+  name: default
+  namespace: tailscale
+spec:
+  tagAuths:
+    - tag: k8s-tailscale-operator
+      approved: true
Author	SHA1	Message	Date
gitea-admin	c2e26f53b7	feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:29 +00:00
gitea-admin	0790ea83e3	feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:28 +00:00
gitea-admin	564750a074	feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:28 +00:00
gitea-admin	8a3cf4a8ab	feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:28 +00:00
gitea-admin	cdb1ad23af	Merge pull request 'feat: deploy Tailscale Operator for secure cluster access' (#2 ) from orion/auto/feat-deploy-tailscale-operator-for-secur-1778347758464 into main Auto-merged by ORION: feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:20 +00:00
gitea-admin	fadee9ad10	feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:19 +00:00
gitea-admin	dcae162d0f	feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:19 +00:00
gitea-admin	b25c22a3bd	feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:18 +00:00
gitea-admin	aba3cd8327	feat: deploy Tailscale Operator for secure cluster access	2026-05-09 17:29:18 +00:00
gitea-admin	06eb62e16f	chore: initial scaffold by ORION	2026-04-25 15:52:56 +00:00
gitea-admin	a149f7c1b7	chore: initial scaffold by ORION	2026-04-25 15:43:24 +00:00
gitea-admin	c9d3722a4b	chore: initial scaffold by ORION	2026-04-25 15:33:44 +00:00
gitea-admin	fdbe58c157	chore: initial scaffold by ORION	2026-04-25 15:33:14 +00:00
gitea-admin	c8da0c6bd2	chore: initial scaffold by ORION	2026-04-25 15:20:09 +00:00
gitea-admin	e69544dabe	chore: initial scaffold by ORION	2026-04-25 15:16:31 +00:00
gitea-admin	9f1d3c092b	chore: initial scaffold by ORION	2026-04-25 15:09:50 +00:00
gitea-admin	5c1a116618	chore: initial scaffold by ORION	2026-04-25 15:09:00 +00:00
gitea-admin	d5cdd9ec2f	chore: initial scaffold by ORION	2026-04-25 15:03:36 +00:00
gitea-admin	b7cc8a3690	chore: initial scaffold by ORION	2026-04-25 14:45:38 +00:00
gitea-admin	8bcebbfa1d	chore: initial scaffold by ORION	2026-04-25 14:01:45 +00:00
gitea-admin	5f56ee34ab	chore: initial scaffold by ORION	2026-04-25 13:56:40 +00:00
gitea-admin	763492e20f	chore: initial scaffold by ORION	2026-04-25 13:44:48 +00:00
gitea-admin	ceea38603a	chore: initial scaffold by ORION	2026-04-20 23:42:31 +00:00