vault-plugin-tailscale

A HashiCorp Vault plugin for generating device authentication keys for Tailscale. Generated keys are single use.

Installation

Download the binary for your architecture from the releases page
Generate the SHA256 sum of the plugin binary

$ sha256sum vault-plugin-tailscale | cut -d ' ' -f1
d6ffe79b13326eb472af0b670c694f21f779d524068ad705a672a00f6d433724

Add the plugin to your Vault plugin catalog

$ vault plugin register -sha256=d6ffe79b13326eb472af0b670c694f21f779d524068ad705a672a00f6d433724 secret vault-plugin-tailscale
Success! Registered plugin: vault-plugin-tailscale

Enable the plugin

$ vault secrets enable -path=tailscale vault-plugin-tailscale 
Success! Enabled the vault-plugin-tailscale secrets engine at: tailscale/

Usage

Obtain an API key from the Tailscale admin dashboard.
Create the Vault configuration for the Tailscale API

$ vault write tailscale/config tailnet=$TAILNET api_key=$API_KEY
Success! Data written to: tailscale/config

Generate keys using the Vault CLI.

$ vault read tailscale/key
Key          Value
---          -----
ephemeral    false
expires      2022-04-30T00:32:36Z
id           kMxzN47CNTRL
key          secret-key-data
reusable     false
tags         <nil>

Name		Name	Last commit message	Last commit date
Latest commit History 51 Commits
.github		.github
backend		backend
.gitignore		.gitignore
.goreleaser.yml		.goreleaser.yml
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

vault-plugin-tailscale

Installation

Usage

About

Releases 1

Packages

Languages

License

barskern/vault-plugin-tailscale

Folders and files

Latest commit

History

Repository files navigation

vault-plugin-tailscale

Installation

Usage

About

Resources

License

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages