password manager

2 files changed, 8 insertions, 4 deletions

diff --git a/playbooks/roles/outbound/templates/headscale/config/acl.json b/playbooks/roles/outbound/templates/headscale/config/acl.json
index fe1197a..449207d 100644
--- a/playbooks/roles/outbound/templates/headscale/config/acl.json
+++ b/playbooks/roles/outbound/templates/headscale/config/acl.json
@@ -1,12 +1,17 @@
 {
   "groups": {
-    "group:admin": ["liz"]
+    "group:internal": ["liz{{ oauth_user_suffix }}", "lucina{{ oauth_user_suffix }}", "riley{{ oauth_user_suffix }}"],
   },
   "acls": [
     {
       "action": "accept",
       "src": ["{{ auth_key_user }}"],
       "dst": ["{{ auth_key_user }}:*", "10.0.0.0/8:*"]
+    },
+    {
+      "action": "accept",
+      "src": ["group:internal"],
+      "dst": ["10.0.0.0/8:*"]
     }
   ]
 }
diff --git a/playbooks/roles/outbound/templates/headscale/config/config.yaml b/playbooks/roles/outbound/templates/headscale/config/config.yaml
index 2586848..d3bff5a 100644
--- a/playbooks/roles/outbound/templates/headscale/config/config.yaml
+++ b/playbooks/roles/outbound/templates/headscale/config/config.yaml
@@ -125,9 +125,8 @@ dns:
       - {{ headscale_dns_for_connected_clients_1 }}
       - {{ headscale_dns_for_connected_clients_2 }}
     split:
-      {}
-      # foo.bar.com:
-      #   - 1.1.1.1
+      {{ domain }}:
+        - {{ loadbalancer_ip }}
   search_domains: []
 
 unix_socket: /var/run/headscale/headscale.sock