Using tailscale ssh in ansible playbooks

[rednafi]

Assumptions:

• Tailscale is installed on both local and remote hosts.
• tailscale up --ssh has been running on both hosts.
• Running tailscale ping <remote-host-name works.

  $ tailscale ping hetzner-ubuntu                                              
  pong from hetzner-ubuntu (100.99.214.7) via 188.245.70.191:41641 in 28ms

• Running tailscale ssh root@<remote-host-name> works.

The hosts.ini looks like this:

[servers]
server0 ansible_host=hetzner-ubuntu.zebra-spica.ts.net ansible_user=root ansible_ssh_executable="tailscale" ansible_ssh_extra_args="ssh" ansible_remote_tmp=/tmp

Running:

ansible all -m ping -i hosts.ini -vvv

currently doesn't work. What's going on?

[rednafi]

Ah, I don't need so much complexity. The hosts.ini can be like this:

[servers]
server0 ansible_host=hetzner-ubuntu ansible_user=root

Then just running ansible all -m ping -i hosts.ini -vvv should work. The hetzner-ubunu will make sure the default ssh CLI goes through the tailnet instead of trying to directly connect to the VM. Running ansible all -m ping hosts.ini -vvv works fine now:

server0 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.12"
    },
    "changed": false,
    "invocation": {
        "module_args": {
            "data": "pong"
        }
    },
    "ping": "pong"
}