From 324a52b511b8c54ec0e4e706df7a1d4568447efc Mon Sep 17 00:00:00 2001 From: Craig Jennings Date: Tue, 30 Jun 2026 13:30:07 -0400 Subject: docs: reframe daily-drivers around direct tailscale reach The rule claimed the agent can't reach the other daily driver, so the only move was to flag the drift. That's false: both machines are on the same tailnet, and this session repaired ratio's dotfiles over tailscale ssh. So the rule now says reach the other box directly to sync, verify, or repair, with flag-it kept as the fallback for when tailscale is down. I added a section on the connection mechanics: tailscale status lists the nodes, the tailscale IP and MagicDNS name always resolve, a bare hostname only resolves when MagicDNS is configured locally, and the first connection needs StrictHostKeyChecking=accept-new. --- docs/design/2026-06-30-daily-drivers-tailscale-correction.org | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 docs/design/2026-06-30-daily-drivers-tailscale-correction.org (limited to 'docs') diff --git a/docs/design/2026-06-30-daily-drivers-tailscale-correction.org b/docs/design/2026-06-30-daily-drivers-tailscale-correction.org new file mode 100644 index 0000000..9e2bb52 --- /dev/null +++ b/docs/design/2026-06-30-daily-drivers-tailscale-correction.org @@ -0,0 +1,9 @@ +#+TITLE: Correction to claude-rules/daily-drivers.md: it states 'the +#+SOURCE: from .emacs.d +#+DATE: 2026-06-30 13:20:30 -0400 + +Correction to claude-rules/daily-drivers.md: it states 'the agent can't reach the other machine; the point is to surface...'. That assumption is now demonstrably false. On 2026-06-30, from velox, I drove ratio directly over tailscale ssh — git fetch + reset --hard to repair ratio's .emacs.d after a history rewrite, plus scp'd a file across. Both daily drivers are on the same tailnet and reachable from each other. + +Gotcha worth capturing in the rule: the BARE hostname does not resolve (ssh ratio -> 'Could not resolve hostname'), which makes it look unreachable. The tailscale IP (e.g. 100.71.182.1) and the MagicDNS name (ratio.tailf3bb8c.ts.net) DO resolve and connect. First connection from a given address fails host-key verification under BatchMode; -o StrictHostKeyChecking=accept-new clears it. 'tailscale status' lists every node's IP + online state. + +Suggested rule change: reframe daily-drivers.md from 'can't reach, so surface it' to 'CAN reach over tailscale ssh — so the agent can directly sync/verify/repair the other daily driver, not just flag it'. Keep the flag-it guidance as the fallback for when tailscale is actually down. Add the bare-hostname-doesn't-resolve / use-tailscale-IP-or-MagicDNS gotcha. uname -n still tells you which machine you're on. -- cgit v1.2.3