What would be your use-case for auth keys with long expiry times? Auth keys are only required for registering new nodes.

▲

stingraycharles 4 hours ago | parent [-]

When managing your infrastructure as code, it’s quite common to deploy new instances for upgrades etc. Having these keys expire after 3 months is a big pain. Eg doing a routine update by rebuilding an AMI.

I don’t understand how they can have such a strategy, and then not having any decent way to programmatically allocate new keys.

	▲	matthewmacleod 2 hours ago \| parent [-]
		Yeah, that's a common workflow. It's easy to programatically allocate those keys using the OAuth workflow though – there's even a CLI utility to do it (https://tailscale.com/kb/1215/oauth-clients#get-authkey-util...) This can all be automated using e.g. the Terraform Tailscale provider, which takes the OAuth id/secret and can then issue keys as needed for the infrastructure you are deploying.