<feed xmlns='http://www.w3.org/2005/Atom'>
<title>rulesets/docs/design/2026-06-30-daily-drivers-tailscale-correction.org, branch main</title>
<subtitle>Claude Code skills, rules, and language bundles
</subtitle>
<id>https://git.cjennings.net/rulesets/atom?h=main</id>
<link rel='self' href='https://git.cjennings.net/rulesets/atom?h=main'/>
<link rel='alternate' type='text/html' href='https://git.cjennings.net/rulesets/'/>
<updated>2026-06-30T17:30:07+00:00</updated>
<entry>
<title>docs: reframe daily-drivers around direct tailscale reach</title>
<updated>2026-06-30T17:30:07+00:00</updated>
<author>
<name>Craig Jennings</name>
<email>c@cjennings.net</email>
</author>
<published>2026-06-30T17:30:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.cjennings.net/rulesets/commit/?id=324a52b511b8c54ec0e4e706df7a1d4568447efc'/>
<id>urn:sha1:324a52b511b8c54ec0e4e706df7a1d4568447efc</id>
<content type='text'>
The rule claimed the agent can't reach the other daily driver, so the only move was to flag the drift. That's false: both machines are on the same tailnet, and this session repaired ratio's dotfiles over tailscale ssh. So the rule now says reach the other box directly to sync, verify, or repair, with flag-it kept as the fallback for when tailscale is down.

I added a section on the connection mechanics: tailscale status lists the nodes, the tailscale IP and MagicDNS name always resolve, a bare hostname only resolves when MagicDNS is configured locally, and the first connection needs StrictHostKeyChecking=accept-new.
</content>
</entry>
</feed>
