ops/tailscalesd

Fork 0

Service discovery for tailscale. Returns a list of services for Prometheus to scrape, with some extra smarts for Guardian Project Ops.

buildbot-nix

Find a file

Abel Luck 76088070bf remove version info for now		2023-11-06 10:40:31 +01:00
docker	make container build work	2023-11-06 09:13:21 +01:00
tailscalesd	remove version info for now	2023-11-06 10:40:31 +01:00
tests	add tests	2023-11-06 09:01:18 +01:00
.envrc	make container build work	2023-11-06 09:13:21 +01:00
.flake8	first pass	2023-11-05 20:30:24 +01:00
.gitignore	make container build work	2023-11-06 09:13:21 +01:00
.gitlab-ci.yml	fix ci	2023-11-06 10:29:10 +01:00
LICENSE.md	first pass	2023-11-05 20:30:24 +01:00
Makefile	make container build work	2023-11-06 09:13:21 +01:00
poetry.lock	Move all the work to the worker task and add json logging	2023-11-05 20:53:43 +01:00
pyproject.toml	spruce up readme	2023-11-06 09:17:38 +01:00
README.md	add container image url to readme	2023-11-06 09:19:02 +01:00
requirements.frozen.txt	Add frozen requirements for docker file	2023-11-05 21:08:37 +01:00
shell.nix	first pass	2023-11-05 20:30:24 +01:00

README.md

tailscalesd

Service discovery for tailscale

Returns a list of services for Prometheus to scrape, with some extra smarts for Guardian Project Ops.

See the prometheus docs for more information on the HTTP service discovery format.

Example

curl http://tailscalesd:9242/

[
  {
    "labels": {
      "__meta_tailscale_device_client_version": "1.52.1-t75d3c9385-g3e9627f3b",
      "__meta_tailscale_device_hostname": "gp-ourapp-prod-main",
      "__meta_tailscale_device_authorized": "true",
      "__meta_tailscale_device_id": "1234678910",
      "__meta_tailscale_device_name": "gp-ourapp-prod-main.rocky-rocks.ts.net",
      "__meta_tailscale_device_os": "linux",
      "__meta_tailscale_tailnet": "ourtailnet"
    },
    "targets": [
      "100.100.100.101"
    ]
  },
  {
    "labels": {
      "__meta_tailscale_device_client_version": "1.52.1-t75d3c9385-g3e9627f3b",
      "__meta_tailscale_device_hostname": "ip-10-10-10-10",
      "__meta_tailscale_device_authorized": "true",
      "__meta_tailscale_device_id": "123456789101",
      "__meta_tailscale_device_name": "ip-10-31-0-182.rocky-rocks.ts.net",
      "__meta_tailscale_device_os": "linux",
      "__meta_tailscale_tailnet": "ourtailnet"
    },
    "targets": [
      "100.100.100.102"
    ]
  }
]

Usage

Deploy with a container

Container image: registry.gitlab.com/guardianproject-ops/tailscalesd:VERSION
See versions at: 5749401

Configuration

Configuration values can be set using environment variables, or optionally loaded from an environment file. The settings include:

host (TAILSCALESD_HOST): The host address on which the application will bind (designed to be used in a container, BE CAREFUL!). Default is 0.0.0.0.
port (TAILSCALESD_PORT): The port number on which the application will be accessible. Default is 9242.
interval (TAILSCALESD_INTERVAL): The interval on which the Tailscale API is polled in seconds. Default is 60.
tailnet (TAILSCALESD_TAILNET): The Tailscale tailnet identifier (required).
api_key (TAILSCALESD_API_KEY): The Tailscale API key (required).

Environment File

You can also specify an environment file to load configuration values. The path to the environment file should be set in the TAILSCALESD_ENV_FILE environment variable. All of the config values can be provided in the env file.

Example Environment File (env):

TAILSCALESD_TAILNET=my-tailnet
TAILSCALESD_API_KEY=my-api-key
TAILSCALESD_HOST=127.0.0.1

Running the Application

Install Dependencies: Ensure that all required dependencies are installed.
```
poetry install
```
Set Configuration: Set the necessary environment variables or create an environment file with the configuration values.
Start the Application: Run the application using the following command:
```
poetry run tailscalesd
```
Access the Application: The application will be accessible at http://<host>:<port>.