From be3eea5d80e0c9213ebf047c2480046aaf8baafb Mon Sep 17 00:00:00 2001
From: Peter Wood <peter@peterwood.dev>
Date: Thu, 14 Nov 2024 15:11:40 +0000
Subject: [PATCH] slimmed down acl after reddit post feedback

---
 tailscale-acl.json | 19 +++----------------
 1 file changed, 3 insertions(+), 16 deletions(-)

diff --git a/tailscale-acl.json b/tailscale-acl.json
index 6d814b9..e63566b 100644
--- a/tailscale-acl.json
+++ b/tailscale-acl.json
@@ -1,38 +1,25 @@
 // Example/default ACLs for unrestricted connections.
 {
-	// Declare static groups of users. Use autogroups for all users or users with a specific role.
-	"groups": {
-		"group:admin": ["acedanger49@gmail.com"],
-		"group:owner": ["acedanger49@gmail.com"],
-	},
-
 	// Define access control lists for users, groups, autogroups, tags,
 	// Tailscale IP addresses, and subnet ranges.
 	"acls": [
 		{
 			"action": "accept",
-			"src":    ["tag:client", "tag:server"],
+			"src":    ["tag:client", "tag:server", "acedanger49@gmail.com"],
 			"dst":    ["tag:golink:*", "tag:server:*"],
 		},
 		// Allow all connections.
 		// Comment this section out if you want to define specific restrictions.
 		{"action": "accept", "src": ["*"], "dst": ["*:*"]},
 	],
-	"hosts": {
-		"ts-io":            "100.114.112.100",
-		"ts-svr-office":    "100.84.197.41",
-		"ts-vperanda":      "100.102.106.71",
-		"ts-wood-surface8": "100.67.131.121",
-		"ts-desktop-pete":  "100.102.106.71",
-		"go":               "100.112.82.132",
-	},
+
 	// Define users and devices that can use Tailscale SSH.
 	"ssh": [
 		{
 			// any user can use Tailscale SSH to connect to their own devices
 			// in check mode as a root or non-root user
 			"action": "accept",
-			"src":    ["tag:client", "tag:server"],
+			"src":    ["tag:client", "tag:server", "acedanger49@gmail.com"],
 			"dst":    ["tag:server"],
 			"users":  ["autogroup:nonroot", "root"],
 		},