19450d3047
Configure tailscale serve to proxy https://hetzner-ex44.tail1b1987.ts.net/ to localhost:3000. Tailnet-only — no public internet exposure. - scripts/setup-tailscale-serve.sh: one-time setup script (idempotent) - README.md: add Remote Access section with URL, access model, and setup steps - CLAUDE.md: new project-level reference for service location, URLs, auth model Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
25 lines
824 B
Bash
Executable file
25 lines
824 B
Bash
Executable file
#!/usr/bin/env bash
|
|
# Configure Tailscale Serve to expose FABRIC dashboard over Tailscale with TLS.
|
|
# Tailnet-only (not public internet). Run once; config persists across reboots.
|
|
#
|
|
# Prerequisites:
|
|
# - tailscale connected to tail1b1987.ts.net
|
|
# - Current user is set as Tailscale operator (handled below)
|
|
# - fabric-web.service running (fabric web on :3000)
|
|
#
|
|
# After setup: https://hetzner-ex44.tail1b1987.ts.net/
|
|
|
|
set -euo pipefail
|
|
|
|
# Grant operator access so future serve commands don't need sudo
|
|
sudo tailscale set --operator="$USER"
|
|
|
|
# Configure HTTPS serve (tailnet-only, not Funnel)
|
|
tailscale serve --bg http://localhost:3000
|
|
|
|
echo ""
|
|
echo "Tailscale Serve configured."
|
|
tailscale serve status
|
|
echo ""
|
|
echo "Dashboard: https://hetzner-ex44.tail1b1987.ts.net/"
|
|
echo "To remove: tailscale serve --https=443 off"
|