fix quote issue

ansible/roles/our/tasks/main.yml

@@ -8,6 +8,10 @@
   ansible.builtin.include_tasks:
     file: filesystem.yml
 
+- name: Configure tailscale
+  ansible.builtin.include_tasks:
+    file: tailscale.yml
+
 - name: Configure docker stack app
   ansible.builtin.include_tasks:
     file: stack.yml

ansible/roles/our/tasks/stack.yml

@@ -39,8 +39,8 @@
     compose:
       - /etc/futureporn/our/compose.production.yaml
       - services:
-          environment:
           server:
+            environment:
               DATABASE_URL: "{{ lookup('dotenv', 'DATABASE_URL', file='../../../../.env.production') }}"
               NODE_ENV: "{{ lookup('dotenv', 'NODE_ENV', file='../../../../.env.production') }}"
               ORIGIN: "{{ lookup('dotenv', 'ORIGIN', file='../../../../.env.production') }}"
@@ -64,6 +64,7 @@
               SEEDBOX_SFTP_USERNAME: "{{ lookup('dotenv', 'SEEDBOX_SFTP_USERNAME', file='../../../../.env.production') }}"
               SEEDBOX_SFTP_PASSWORD: "{{ lookup('dotenv', 'SEEDBOX_SFTP_PASSWORD', file='../../../../.env.production') }}"
           worker:
+            environment:
               DATABASE_URL: "{{ lookup('dotenv', 'DATABASE_URL', file='../../../../.env.production') }}"
               NODE_ENV: "{{ lookup('dotenv', 'NODE_ENV', file='../../../../.env.production') }}"
               ORIGIN: "{{ lookup('dotenv', 'ORIGIN', file='../../../../.env.production') }}"
@@ -87,7 +88,9 @@
               SEEDBOX_SFTP_USERNAME: "{{ lookup('dotenv', 'SEEDBOX_SFTP_USERNAME', file='../../../../.env.production') }}"
               SEEDBOX_SFTP_PASSWORD: "{{ lookup('dotenv', 'SEEDBOX_SFTP_PASSWORD', file='../../../../.env.production') }}"
           pgadmin:
+            environment:
               PGADMIN_DEFAULT_EMAIL: "{{ lookup('dotenv', 'PGADMIN_DEFAULT_EMAIL', file='../../../../.env.production') }}"
               PGADMIN_DEFAULT_PASSWORD: "{{ lookup('dotenv', 'PGADMIN_DEFAULT_PASSWORD', file='../../../../.env.production') }}"
           tailscale-pgadmin:
+            environment:
               TS_AUTHKEY: "{{ lookup('dotenv', 'TS_AUTHKEY', file='../../../../.env.production') }}"

ansible/roles/our/tasks/tailscale.yml

@@ -0,0 +1,16 @@
+---
+- name: Ensure Tailscale directories exist with proper permissions
+  ansible.builtin.file:
+    path: "/mnt/vfs/futureporn/tailscale/{{ item }}"
+    state: directory
+    mode: "0755"
+    recurse: true
+  loop:
+    - config
+    - state
+
+- name: Render tailscale template
+  ansible.builtin.template:
+    mode: "0755"
+    src: tailscale-pgadmin.json.j2
+    dest: /mnt/vfs/futureporn/tailscale/tailscale-pgadmin.json

ansible/roles/our/templates/tailscale-pgadmin.json.j2

@@ -0,0 +1,19 @@
+{
+  "TCP": {
+    "443": {
+      "HTTPS": true
+    }
+  },
+  "Web": {
+    "${TS_CERT_DOMAIN}:443": {
+      "Handlers": {
+        "/": {
+          "Proxy": "http://127.0.0.1:5050"
+        }
+      }
+    }
+  },
+  "AllowFunnel": {
+    "${TS_CERT_DOMAIN}:443": false
+  }
+}

services/our/compose.production.yaml

@@ -81,7 +81,7 @@ services:
       - net_admin
     restart: unless-stopped
     environment:
-      TS_EXTRA_ARGS: --advertise-tags=tag:container --reset"
+      TS_EXTRA_ARGS: "--advertise-tags=tag:container --reset"
       TS_SERVE_CONFIG: /config/pgadmin.json
       TS_STATE_DIR: /var/lib/tailscale
       TS_USERSPACE: "false"