kugetsu/skills/kugetsu/scripts/tailscale-setup.sh

#!/bin/bash
set -euo pipefail

USERNAME="${1:-$(whoami)}"
HOSTNAME="${2:-$(hostname)}"

echo "=== kugetsu Tailscale Setup ==="
echo "Target user: $USERNAME"
echo "Device name: $HOSTNAME"
echo ""

detect_os() {
    if [ -f /etc/os-release ]; then
        . /etc/os-release
        case "$ID" in
            debian|ubuntu|"noble"|"jammy"|"focal"|"bionic"|"bullseye"|"bookworm"|"trixie"|"sid")
                echo "debian"
                ;;
            fedora|rhel|centos|rocky|alma)
                echo "fedora"
                ;;
            *)
                echo "unknown"
                ;;
        esac
    else
        echo "unknown"
    fi
}

OS_TYPE=$(detect_os)
echo "Detected OS: $OS_TYPE"

echo ""
echo "=== Step 1: Installing Tailscale ==="

install_tailscale() {
    case "$OS_TYPE" in
        debian)
            echo "Installing Tailscale via apt (Debian/Ubuntu)..."
            curl -fsSL https://tailscale.com/install.sh | sh
            ;;
        fedora)
            echo "Installing Tailscale via dnf (Fedora/RHEL)..."
            # Create repo file manually (gpgcheck=0 since the GPG key URL may return 404)
            echo "[tailscale]
name=Tailscale
baseurl=https://pkgs.tailscale.com/stable/fedora/x86_64
enabled=1
gpgcheck=0" | sudo tee /etc/yum.repos.d/tailscale.repo > /dev/null
            sudo dnf install -y tailscale
            ;;
        *)
            echo "ERROR: Unsupported OS. Please install Tailscale manually."
            echo "See: https://tailscale.com/download"
            exit 1
            ;;
    esac
}

if command -v tailscale &> /dev/null; then
    echo "Tailscale is already installed: $(tailscale --version)"
else
    install_tailscale
fi

echo ""
echo "=== Step 2: Verify Tailscale installation ==="
if ! command -v tailscale &> /dev/null; then
    echo "ERROR: Tailscale installation failed."
    exit 1
fi
echo "Tailscale binary: $(which tailscale)"
echo "Tailscale version: $(tailscale --version)"

echo ""
echo "=== Step 3: Start tailscaled daemon ==="
systemctl enable --now tailscaled
sleep 2

if systemctl is-active --quiet tailscaled; then
    echo "SUCCESS: tailscaled is running."
else
    echo "ERROR: tailscaled failed to start."
    echo "Debug: systemctl status tailscaled"
    exit 1
fi

echo ""
echo "=== Step 4: Authentication ==="

auth_method() {
    echo "Choose authentication method:"
    echo "  1) AUTHKEY - Use a pre-generated auth key (headless/scripted)"
    echo "  2) Headless - Get a login URL to click in browser"
    echo ""
    read -p "Enter choice [1/2]: " choice
    
    case "$choice" in
        1)
            echo ""
            echo "To generate an AUTHKEY:"
            echo "  1. Go to: https://login.tailscale.com/admin/settings/keys"
            echo "  2. Click 'Generate auth key'"
            echo "  3. Copy the key (starts with 'tskey-auth-')"
            echo ""
            read -p "Paste your AUTHKEY (or press Enter to cancel): " AUTHKEY
            
            if [ -z "$AUTHKEY" ]; then
                echo "Cancelled."
                exit 0
            fi
            
            if [[ ! "$AUTHKEY" =~ ^tskey-auth ]]; then
                echo "ERROR: AUTHKEY should start with 'tskey-auth-'. Please check and try again."
                exit 1
            fi
            
            echo ""
            echo "Connecting with AUTHKEY..."
            tailscale up --authkey="$AUTHKEY" --hostname="$HOSTNAME" --operator="$USERNAME"
            ;;
        2|"")
            echo ""
            echo "Getting login URL..."
            echo "After you click the URL and authenticate in browser, this script will continue."
            echo ""
            tailscale up --hostname="$HOSTNAME" --operator="$USERNAME"
            ;;
        *)
            echo "Invalid choice. Please enter 1 or 2."
            exit 1
            ;;
    esac
}

auth_method

echo ""
echo "=== Step 5: Verify Tailscale connection ==="
sleep 2

if tailscale status &> /dev/null; then
    echo "SUCCESS: Connected to Tailscale!"
    echo ""
    echo "Your Tailscale IP:"
    tailscale ip -4
    echo ""
    echo "Your Tailscale hostname: $HOSTNAME"
    echo ""
    echo "To connect from another Tailscale device:"
    echo "  ssh $USERNAME@$HOSTNAME"
    echo ""
    echo "Or directly via IP:"
    echo "  ssh $USERNAME@$(tailscale ip -4)"
else
    echo "WARNING: Tailscale may not be fully connected yet."
    echo "Check status with: tailscale status"
fi

echo ""
echo "=== Setup Complete ==="
echo ""
echo "Next steps:"
echo "  - Install Tailscale on your other devices: https://tailscale.com/download"
echo "  - Add this device to your tailnet"
echo "  - SSH from anywhere using: ssh $USERNAME@$HOSTNAME"
echo ""