feat/add tailscale module#849
Conversation
|
@dy-ma can you fix the failing test ? |
|
Fixed the ShellCheck failure - The fix passes ShellCheck locally. Ready for another review when you have a chance. |
|
Hi @dy-ma, can you update the module to conform with instructions in |
|
As far as I can see, the only non-conformance was the Tailscale icon being referanced via CDN link instead of local path. I initially wasn't sure of the correct approach for adding new icons, but since I had already added the icon to Also, I wasn't aware of the AI attribution policy, so I edited my comment. I appreciate the patience, as this is my first open source contribution. |
| data "coder_workspace" "me" {} | ||
|
|
||
| locals { | ||
| icon_url = "${path.module}/../../../../.icons/tailscale.svg" |
There was a problem hiding this comment.
This will not work. Coder can only show bundled icons or something accessible over the network.
There was a problem hiding this comment.
I see. The guidelines mention the README icon must be a local path. There isn't a bundled Tailscale icon. Is the correct approach for me to add the icon in .icons, but only reference it for the README, and use a network call for the module?
| resource "coder_script" "install_tailscale" { | ||
| agent_id = var.agent_id | ||
| display_name = "Tailscale" | ||
| icon = local.icon_url | ||
| script = templatefile("${path.module}/run.sh", { | ||
| TAILSCALE_API_URL = var.tailscale_api_url | ||
| AUTH_KEY = var.auth_key | ||
| OAUTH_CLIENT_ID = var.oauth_client_id | ||
| OAUTH_CLIENT_SECRET = var.oauth_client_secret | ||
| TAILNET = var.tailnet | ||
| HOSTNAME = local.hostname | ||
| TAGS_JSON = local.tags_json | ||
| TAGS_CSV = local.tags_csv | ||
| EPHEMERAL = var.ephemeral | ||
| PREAUTHORIZED = var.preauthorized | ||
| NETWORKING_MODE = var.networking_mode | ||
| SOCKS5_PORT = var.socks5_proxy_port | ||
| HTTP_PROXY_PORT = var.http_proxy_port | ||
| ACCEPT_DNS = var.accept_dns | ||
| ACCEPT_ROUTES = var.accept_routes | ||
| ADVERTISE_ROUTES = join(",", var.advertise_routes) | ||
| SSH = var.ssh | ||
| EXTRA_FLAGS = var.extra_flags | ||
| STATE_DIR = var.state_dir | ||
| }) | ||
| run_on_start = true | ||
| run_on_stop = false | ||
| } |
There was a problem hiding this comment.
You could try using the coder-utils module to manage installation and start the service.
This would also help comply with the suggested logs storage preference.
|
|
|
I split I considered using a post-install configuration, but in order to configure tailscale, the daemon needs to be running first, and I figure I'd want the flags to be reapplied on restart anyways. So I kept it to just a |
|
Upon further testing, I ran into an apt lock race condition between this module and KasmVNC, as both run apt-get update concurrently at boot, and whichever runs second fails with E: Could not get lock /var/lib/apt/lists/lock. I looked into solutions and found coder/coder#22365 and coder/registry#82. The experimental I'm currently testing a few approaches for handling this in
Happy to go with whatever approach you think fits best here, or if there's a preferred pattern for modules, please let me know. |
3 participants
Description
Adds a Tailscale module that installs Tailscale and joins the workspace to a tailnet on startup.
Supports:
Tailscale seemed like an obvious fit for a Coder module and I was surprised one didn't already exist. I needed it for my own deployments so I built it.
This is my first open-source contribution. I've done my best to follow the contribution guidelines, but please tell me if I've done something horribly wrong.
Type of Change
Module Information
Path:
registry/dy-ma/modules/tailscaleNew version:
v1.0.0Breaking change: [ ] Yes [x] No
Template Information
Path:
registry/[namespace]/templates/[template-name]Testing & Validation
bun test)bun fmt)Related Issues
None
Generated with Claude Code using Claude Sonnet 4.5