From ae0c58f2ad2d460d676c156505b32536a5baece8 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Sat, 9 May 2026 19:07:37 +0000 Subject: [PATCH 1/3] feat: deploy Tailscale Operator --- namespaces/tailscale.yaml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 namespaces/tailscale.yaml diff --git a/namespaces/tailscale.yaml b/namespaces/tailscale.yaml new file mode 100644 index 0000000..264d06f --- /dev/null +++ b/namespaces/tailscale.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: tailscale + labels: + name: tailscale -- 2.52.0 From ad861564897e7bd09fca9b6801d1821badcf19c1 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Sat, 9 May 2026 19:07:37 +0000 Subject: [PATCH 2/3] feat: deploy Tailscale Operator --- tailscale/operator-rbac.yaml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 tailscale/operator-rbac.yaml diff --git a/tailscale/operator-rbac.yaml b/tailscale/operator-rbac.yaml new file mode 100644 index 0000000..10568a0 --- /dev/null +++ b/tailscale/operator-rbac.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: tailscale-operator + namespace: tailscale +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: tailscale-operator +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "namespaces", "events", "configmaps"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["apps"] + resources: ["deployments", "daemonsets"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["tailscale.com"] + resources: ["*"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingressclasses"] + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: tailscale-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: tailscale-operator +subjects: + - kind: ServiceAccount + name: tailscale-operator + namespace: tailscale -- 2.52.0 From c003da7f68ee6570fb3a8bca1d4bd26bae6e70d6 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Sat, 9 May 2026 19:07:38 +0000 Subject: [PATCH 3/3] feat: deploy Tailscale Operator --- tailscale/operator-deployment.yaml | 34 ++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 tailscale/operator-deployment.yaml diff --git a/tailscale/operator-deployment.yaml b/tailscale/operator-deployment.yaml new file mode 100644 index 0000000..b12e4bc --- /dev/null +++ b/tailscale/operator-deployment.yaml @@ -0,0 +1,34 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: tailscale-operator + namespace: tailscale + labels: + app: tailscale-operator +spec: + replicas: 1 + selector: + matchLabels: + app: tailscale-operator + template: + metadata: + labels: + app: tailscale-operator + spec: + serviceAccountName: tailscale-operator + containers: + - name: operator + image: ghcr.io/tailscale/k8s-operator:v1.78.3 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TAILSCALE_API_CLIENT_ID + value: "" + - name: TAILSCALE_API_CLIENT_SECRET + value: "" -- 2.52.0