From 1cd2dace22c521777b69ae99216f36d6fc2dc27c Mon Sep 17 00:00:00 2001
From: Peter Wood <peter@peterwood.dev>
Date: Thu, 29 May 2025 13:13:07 -0400
Subject: [PATCH] removed since the Tailscale ACLs are maintained in
 <https://github.com/acedanger/tailscale>

---
 dotfiles/tailscale-acl.json | 59 -------------------------------------
 1 file changed, 59 deletions(-)
 delete mode 100644 dotfiles/tailscale-acl.json

diff --git a/dotfiles/tailscale-acl.json b/dotfiles/tailscale-acl.json
deleted file mode 100644
index e63566b..0000000
--- a/dotfiles/tailscale-acl.json
+++ /dev/null
@@ -1,59 +0,0 @@
-// Example/default ACLs for unrestricted connections.
-{
-	// Define access control lists for users, groups, autogroups, tags,
-	// Tailscale IP addresses, and subnet ranges.
-	"acls": [
-		{
-			"action": "accept",
-			"src":    ["tag:client", "tag:server", "acedanger49@gmail.com"],
-			"dst":    ["tag:golink:*", "tag:server:*"],
-		},
-		// Allow all connections.
-		// Comment this section out if you want to define specific restrictions.
-		{"action": "accept", "src": ["*"], "dst": ["*:*"]},
-	],
-
-	// Define users and devices that can use Tailscale SSH.
-	"ssh": [
-		{
-			// any user can use Tailscale SSH to connect to their own devices
-			// in check mode as a root or non-root user
-			"action": "accept",
-			"src":    ["tag:client", "tag:server", "acedanger49@gmail.com"],
-			"dst":    ["tag:server"],
-			"users":  ["autogroup:nonroot", "root"],
-		},
-		{
-			// any user can use Tailscale SSH to connect to their own devices
-			// in check mode as a root or non-root user
-			"action": "check",
-			"src":    ["autogroup:member"],
-			"dst":    ["autogroup:self"],
-			"users":  ["autogroup:nonroot", "root"],
-		},
-	],
-
-	"nodeAttrs": [
-		{
-			// Funnel policy, which lets tailnet members control Funnel
-			// for their own devices.
-			// Learn more at https://tailscale.com/kb/1223/tailscale-funnel/
-			"target": ["autogroup:member"],
-			"attr":   ["funnel"],
-		},
-		{"target": ["*"], "app": {"tailscale.com/app-connectors": []}},
-	],
-
-	// Define the tags which can be applied to devices and by which users.
-	"tagOwners": {
-		"tag:golink": ["acedanger49@gmail.com"],
-		"tag:server": ["acedanger49@gmail.com"],
-		"tag:client": ["acedanger49@gmail.com"],
-		"tag:docker": ["acedanger49@gmail.com"],
-	},
-
-	"autoapprovers": {
-		"exitNode": ["autogroup:admin"],
-	},
-	// Test access rules every time they're saved.
-}