Deployment over ssh via a tailnet

Deployments
1

Hey there,

I want to deploy code over a tailscale network (check the deployment workflow below). Unfortunately, the ssh connection request times out. I’m guessing the tailscale IP cannot be reached.
I tried to ping the destination tailscale IP, but got some error looking like ping is not allowed in circleci builds. I’m running out of troubleshooting ideas.

Has anybody tried something similar? Has anybody experienced similar timeout issues and has tips for troubleshooting? Any input is welcome.

Thx!

version: 2.1

jobs:
  deploy:
    docker:
      - image: cimg/python:3.11
    steps:
      - add_ssh_keys:
          fingerprints:
            - "SHA256:myshamyshamysha"
      - checkout
      - setup_remote_docker
      - run:
          name: login to docker
          command: |
            docker login -u $DOCKER_USER -p $DOCKER_PASS
      - run:
          name : image naming convention
          command: |
            echo "export PRODUCTION_IMAGE=some_image_name" >> $BASH_ENV
      - run:
          name: install tailscale
          command: |
            sudo apt-get update
            sudo apt-get install -y \
              rsync \
              curl
            sudo curl -fsSL https://tailscale.com/install.sh | sh
      - run:
          name: add secrets
          command: |
            echo "TS_AUTHKEY=${TS_AUTHKEY}" >> .env
      - run:
          name: start tailscale
          command: |
            echo "Starting Tailscale..."
            sudo tailscaled --state=mem: --tun=userspace-networking --outbound-http-proxy-listen=localhost:1054 --socks5-server=localhost:1055 1>/dev/null 2>/tmp/tailscaled.log &
            sleep 10  # wait for tailscaled to start
            sudo tailscale up --authkey ${TS_AUTHKEY} --hostname ${TS_HOSTNAME}
            sudo tailscale status > /tmp/tailscale_status.log
      - run:
          name: deploy to site
          command: |
            # sync repo
            ssh-keyscan -H "${MY_TS_IP}" >> ~/.ssh/known_hosts 2>> /tmp/ssh.log
            rsync -avz --delete -e "ssh -i $HOME/.ssh/id_rsa_mymd5sum -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" ./ myuser@${MY_TS_IP}:/home/some/path 1>/dev/null 2>/tmp/rsync.log 
            sudo ssh -i $HOME/.ssh/id_rsa_mymd5sum -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null myuser@${MY_TS_IP} "docker pull ${PRODUCTION_IMAGE}"
            echo "Disconnecting from Tailscale..."
            sudo tailscale down
            sudo pkill tailscaled || true

workflows:
  release:
    when:
      matches:
        pattern: "\\d+\\.\\d+\\.\\d+.\\d+$"
        value: << pipeline.git.tag >>
    jobs:
      - deploy:
          filters:
            tags:
              only: /^\d+\.\d+\.\d+\.\d+$/
            branches:
              ignore: /.*/