Terraform #78

New Issue

adam · 2025-12-29T01:21:45+01:00

adam commented

2025-12-29 01:21:45 +01:00

Originally created by @kradalby on GitHub (Nov 12, 2021).

Explore the use of our gRPC client to create a terraform provider.

The code can be generated from proto (or imported from the gen directory) and how it can be used can be found in the cli client.

Originally created by @kradalby on GitHub (Nov 12, 2021). Explore the use of our gRPC client to create a terraform provider. The code can be generated from proto (or imported from the gen directory) and how it can be used can be found in the cli client.

adam added the enhancement out of scope labels 2025-12-29 01:21:45 +01:00

adam closed this issue

2025-12-29 01:21:46 +01:00

adam commented

2025-12-29 01:21:47 +01:00

@fdelucchijr commented on GitHub (Nov 14, 2021):

this would be an awesome feature!!!

@fdelucchijr commented on GitHub (Nov 14, 2021): this would be an awesome feature!!!

adam commented

2025-12-29 01:21:47 +01:00

@samcday commented on GitHub (Oct 15, 2022):

Now that there's an official Tailscale provider plugin published in the registry, that seems to support pointing at a custom base URL, would it perhaps make more sense to try to emulate whatever API calls the provider needs from the official Tailscale control plane?

In that case, the toil of building and maintaining a headscale Terraform provider can be completely avoided. Instead, some documentation would need to be maintained indicating which resources are supported from the official provider, what caveats there are, etc.

In the case of resources that headscale doesn't yet support (which I assume would be a lot of it, at least for now, since ACLs are derived from static filesystem metadata currently and so on), the emulated API layer could simply barf client 4xx errors to signal this unsupported usage.

I'm not sure if there's been discussion in the past about doing something like this (emulating the official/proprietary control plane API), though I wouldn't be surprised if there has and it's fraught with lots of complexities I haven't even begun to consider :D

@samcday commented on GitHub (Oct 15, 2022): Now that there's an official Tailscale provider plugin published [in the registry](https://registry.terraform.io/providers/tailscale/tailscale/latest/docs), that seems to support pointing at a [custom base URL](https://registry.terraform.io/providers/tailscale/tailscale/latest/docs#base_url), would it perhaps make more sense to try to emulate whatever API calls the provider needs from the official Tailscale control plane? In that case, the toil of building and maintaining a headscale Terraform provider can be completely avoided. Instead, some documentation would need to be maintained indicating which resources are supported from the official provider, what caveats there are, etc. In the case of resources that headscale doesn't yet support (which I assume would be a lot of it, at least for now, since ACLs are derived from static filesystem metadata currently and so on), the emulated API layer could simply barf client 4xx errors to signal this unsupported usage. I'm not sure if there's been discussion in the past about doing something like this (emulating the official/proprietary control plane API), though I wouldn't be surprised if there has and it's fraught with lots of complexities I haven't even begun to consider :D

adam commented

2025-12-29 01:21:48 +01:00

@unusualevent commented on GitHub (Jan 20, 2023):

I really like the idea of having headscale support the tailscale terraform provider - is there a way to test the coverage between the two interfaces in some kind of unit test?

@unusualevent commented on GitHub (Jan 20, 2023): I really like the idea of having headscale support the tailscale terraform provider - is there a way to test the coverage between the two interfaces in some kind of unit test?

adam commented

2025-12-29 01:21:49 +01:00

@kradalby commented on GitHub (Jan 20, 2023):

It is unfeasible, the APIs are not the same.

@kradalby commented on GitHub (Jan 20, 2023): It is unfeasible, the APIs are not the same.

adam commented

2025-12-29 01:21:50 +01:00

@awlsring commented on GitHub (Apr 18, 2023):

I wrote a manual provider utilizing the API gen'ed from the swagger doc.

https://registry.terraform.io/providers/awlsring/headscale/latest

If y'all like this, let me know and I can make a PR adding some usage to the docs.

@awlsring commented on GitHub (Apr 18, 2023): I wrote a manual provider utilizing the API gen'ed from the swagger doc. https://registry.terraform.io/providers/awlsring/headscale/latest If y'all like this, let me know and I can make a PR adding some usage to the docs.

adam commented

2025-12-29 01:21:50 +01:00

@kradalby commented on GitHub (Apr 19, 2023):

@awlsring, neat, it could also be listed in the readme in the same way as we list UIs atm.

@kradalby commented on GitHub (Apr 19, 2023): @awlsring, neat, it could also be listed in the readme in the same way as we list UIs atm.

adam commented

2025-12-29 01:21:51 +01:00

@awlsring commented on GitHub (Apr 27, 2023):

@kradalby Sure thing.

Looking at the readme, I was thinking of just renaming the section Graphical Control Panels to Control Planes and listing as a box in there.

I'll try to send out a PR for it in a few days

@awlsring commented on GitHub (Apr 27, 2023): @kradalby Sure thing. Looking at the readme, I was thinking of just renaming the section `Graphical Control Panels` to `Control Planes` and listing as a box in there. I'll try to send out a PR for it in a few days

adam commented

2025-12-29 01:21:52 +01:00

@kradalby commented on GitHub (May 10, 2023):

I will close this as out of scope, we happy with a community provider

@kradalby commented on GitHub (May 10, 2023): I will close this as out of scope, we happy with a community provider

adam referenced this issue

2025-12-29 02:29:26 +01:00

[PR #80] [MERGED] Add CLI command to mark preauthkeys as expired #1244

Sign in to join this conversation.

Branches Tags

main

update_flake_lock_action

gh-pages

kradalby/release-v0.27.2

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/github.com/opencontainers/runc-1.3.3

copilot/investigate-headscale-issue-2788

copilot/investigate-visibility-issue-2788

copilot/investigate-issue-2833

copilot/debug-issue-2846

copilot/fix-issue-2847

dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0

dependabot/go_modules/github.com/docker/docker-28.3.3incompatible

kradalby/cli-experiement3

doc/0.26.1

doc/0.25.1

doc/0.25.0

doc/0.24.3

doc/0.24.2

doc/0.24.1

doc/0.24.0

kradalby/build-docker-on-pr

topic/docu-versioning

topic/docker-kos

juanfont/fix-crash-node-id

juanfont/better-disclaimer

update-contributors

topic/prettier

revert-1893-add-test-stage-to-docs

add-test-stage-to-docs

remove-node-check-interval

fix-empty-prefix

fix-ephemeral-reusable

bug_report-debuginfo

autogroups

logs-to-stderr

revert-1414-topic/fix_unix_socket

rename-machine-node

port-embedded-derp-tests-v2

port-derp-tests

duplicate-word-linter

update-tailscale-1.36

warn-against-apache

ko-fi-link

more-acl-tests

fix-typo-standalone

parallel-nolint

tparallel-fix

rerouting

ssh-changelog-docs

oidc-cleanup

web-auth-flow-tests

kradalby-gh-runner

fix-proto-lint

remove-funding-links

go-1.19

enable-1.30-in-tests

0.16.x

cosmetic-changes-integration

tmp-fix-integration-docker

fix-integration-docker

configurable-update-interval

show-nodes-online

hs2021

acl-syntax-fixes

ts2021-implementation

fix-spurious-updates

unstable-integration-tests

mandatory-stun

embedded-derp

prtemplate-fix

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/headscale#78