From d1776f3693ca2af42a937227ccb91df238c5fbf1 Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@oceanbox.io>
Date: Mon, 28 Apr 2025 10:33:49 +0200
Subject: [PATCH] fix: allow tailscale users to access gw-tos

---
 values/headscale/values.yaml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/values/headscale/values.yaml b/values/headscale/values.yaml
index 1d91a872..5e3ecbb6 100644
--- a/values/headscale/values.yaml
+++ b/values/headscale/values.yaml
@@ -143,6 +143,17 @@ configMaps:
             "mgmt.tos": "10.255.240.0/24"
           },
           "acls": [
+            {
+              "action": "accept",
+              "src": [
+                "group:admin",
+                "group:devops",
+                "group:oceanographer",
+                "group:manager",
+                "group:dev",
+              ],
+              "dst": [ "gw-tos:0" ]
+            },
             {
               "action": "accept",
               "src": [ "group:admin" ],