From f52ebe093e61172d3b31a60b9baadce984153da1 Mon Sep 17 00:00:00 2001
From: Matthew Stobbs <matthew@stobbs.ca>
Date: Fri, 7 Feb 2025 14:16:52 -0700
Subject: [PATCH] completed tailscale

---
 tasks/pkgs/hashicorp_repo.yml | 10 +++---
 tasks/pkgs/tailscale.yml      | 57 ++++++++++++++++++++++++++++++++---
 vars/main.yml                 |  1 +
 vars/tailscale.yml            | 15 +++++++++
 4 files changed, 74 insertions(+), 9 deletions(-)
 create mode 100644 vars/tailscale.yml

diff --git a/tasks/pkgs/hashicorp_repo.yml b/tasks/pkgs/hashicorp_repo.yml
index af2eeeb..61af81a 100644
--- a/tasks/pkgs/hashicorp_repo.yml
+++ b/tasks/pkgs/hashicorp_repo.yml
@@ -16,7 +16,7 @@
       ansible.builtin.command:
         creates: /etc/yum.repos.d/hashicorp.repo
         cmd: "dnf config-manager addrepo --from-repofile={{ pkgconfig_hashicorp.Linux.Fedora.repo }}"
-    
+
     - name: enable hashicorp repo for fedora <41
       become: true
       when:
@@ -25,7 +25,7 @@
       ansible.builtin.command:
         creates: /etc/yum.repos.d/hashicorp.repo
         cmd: "dnf config-manager --add-repo {{ pkgconfig_hashicorp.Linux.Fedora.repo }}"
-    
+
     - name: enable hashicorp repo for RHEL like distribution
       become: true
       when:
@@ -41,12 +41,12 @@
         state: directory
         prefix: hashicorp.
       register: d_hashicorp_tmp
-    
+
     - name: get hashicorp archive gpg key
       ansible.builtin.get_url:
         dest: "{{ d_hashicorp_tmp.path }}/gpg"
         url: https://apt.releases.hashicorp.com/gpg
-    
+
     - name: install hashicorp archive gpg key
       become: true
       ansible.builtin.command:
@@ -56,7 +56,7 @@
           - -o
           - /usr/share/keyrings/hashicorp-archive-keyring.gpg
           - "{{ d_hashicorp_tmp.path }}/gpg"
-    
+
     - name: enable hasicorp repo for debian
       ansible.builtin.apt_repository:
         repo: "{{ pkgconfig_hashicorp.Linux.Debian.repo }}"
diff --git a/tasks/pkgs/tailscale.yml b/tasks/pkgs/tailscale.yml
index 0098dbf..2bbd14d 100644
--- a/tasks/pkgs/tailscale.yml
+++ b/tasks/pkgs/tailscale.yml
@@ -1,8 +1,57 @@
-# TODO: implement
 ---
-- name: append to syspkgs
-  debug:
-    msg: "NOT IMPLEMENTED YET"
+- ansible.builtin.include_vars:
+    file: tailscale.yml
+    name: _tailscale
+- ansible.builtin.set_fact:
+    pkgconfig_tailscale: "{{ _tailscale | ansible.builtin.combine(pkgconfig.tailscale) }}"
+- name: enable for linux
+  block:
+    - name: enable for RedHat distros
+      block:
+        - name: fedora >=41
+          ansible.builtin.command:
+            creates: /etc/yum.repos.d/tailscale.repo
+            cmd: "dnf config-manager addrepo --from-repofile={{ pkgconfig_tailscale.url_base }}/fedora/tailscale.repo"
+          become: true
+          when:
+            - ansible_distribution == 'Fedora'
+            - ansible_distribution_major_version|int >= 41
+
+        - name: fedora <41
+          ansible.builtin.command:
+            creates: /etc/yum.repos.d/tailscale.repo
+            cmd: "dnf config-manager --add-repo {{ pkgconfig_tailscale.url_base }}/fedora/tailscale.repo"
+          become: true
+          when:
+            - ansible_distribution == 'Fedora'
+            - ansible_distribution_major_version|int < 41
+
+        - name: rhel based distros
+          ansible.builtin.command:
+            creates: /etc/yum.repos.d/tailscale.repo
+            cmd: "dnf config-manager --add-repo {{ pkgconfig_tailscale.url_base }}/rhel/{{ ansible_os_major_version }}/tailscale.repo"
+          become: true
+          when:
+            - ansible_distribution != 'Fedora'
+      when: ansible_os_family == 'RedHat'
+
+    - name: enable for Debian distros
+      block:
+        - name: install tailscale keyring
+          block:
+            - ansible.builtin.get_url:
+                url: "{{ pkgconfig_tailscale.url_base }}/debian/{{ pkgconfig_tailscale.release[ansible_os_release].gpg }}"
+                dest: /usr/share/keyrings/tailscale-archive-keyring.gpg
+              become: true
+            - ansible.builtin.get_url:
+                url: "{{ pkgconfig_tailscale.url_base }}/debian/{{ pkgconfig_tailscale.release[ansible_os_release].list }}"
+                dest: /etc/apt/sources.list.d/tailscale.list
+              become: true
+      when: ansible_os_family == 'Debian'
+
+    - name: append to syspkgs
+      ansible.builtin.set_fact:
+        syspkgs: "{{ syspkgs + [ 'tailscale' ] }}"
   when: ansible_os_family != 'Darwin'
 
 - name: append to caskpkgs
diff --git a/vars/main.yml b/vars/main.yml
index 71eae79..fbb04bd 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -51,6 +51,7 @@ pkgconfig:
   packer: {}
   python3: {}
   rust: {}
+  tailscale: {}
   terraform: {}
   terraformls: {}
   terrarepo: {}
diff --git a/vars/tailscale.yml b/vars/tailscale.yml
new file mode 100644
index 0000000..de3539f
--- /dev/null
+++ b/vars/tailscale.yml
@@ -0,0 +1,15 @@
+---
+url_base: https://pkgs.tailscale.com/stable
+release:
+  bookworm:
+    gpg: bookworm.noarmor.gpg
+    list: bookworm.tailscale-keyring.list
+  bullseye:
+    gpg: bullseye.noarmor.gpg
+    list: bullseye.tailscale-keyring.list
+  buster:
+    gpg: buster.gpg
+    list: buster.list
+  stretch:
+    gpg: stretch.gpg
+    list: stretch.list