dump-tailscale-acl: coily verb for round-tripping current tailnet policy #135

New issue

Closed

opened 2026-05-26 17:40:50 +00:00 by coilysiren · 0 comments

coilysiren commented

2026-05-26 17:40:50 +00:00

Owner

Problem

No way to dump the current tailnet policy file outside the web console. Bootstrap of terraform/tailscale-policy/ (coilysiren/infrastructure#134) needs to round-trip current state into the new tailscale_acl.policy body before terraform import adopts it.

Change

scripts/k8s/dump_tailscale_acl.py - admin-OAuth → bearer → GET /api/v2/tailnet/-/acl, prints HuJSON to stdout.
Makefile + .coily/coily.yaml - new dump-tailscale-acl verb.

Reuses tailscale_admin_oauth_env() from scripts/_lib.py (same admin pair as terraform_tailscale_devices.py).

Filed by Claude.

**Problem** No way to dump the current tailnet policy file outside the web console. Bootstrap of `terraform/tailscale-policy/` (coilysiren/infrastructure#134) needs to round-trip current state into the new `tailscale_acl.policy` body before `terraform import` adopts it. **Change** - `scripts/k8s/dump_tailscale_acl.py` - admin-OAuth → bearer → `GET /api/v2/tailnet/-/acl`, prints HuJSON to stdout. - `Makefile` + `.coily/coily.yaml` - new `dump-tailscale-acl` verb. Reuses `tailscale_admin_oauth_env()` from `scripts/_lib.py` (same admin pair as `terraform_tailscale_devices.py`). Filed by Claude.

coilysiren referenced this issue from a commit

2026-05-26 17:50:38 +00:00

feat: add dump-tailscale-acl coily verb

coilysiren closed this issue

2026-05-26 17:50:38 +00:00

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

coilyco-flight-deck/infrastructure#135

No description provided.

Rows
Columns