From d68669ffafda30ee5ab763922a0a9e4fb012c272 Mon Sep 17 00:00:00 2001
From: godot <lukanetik@seznam.cz>
Date: Tue, 23 Jul 2024 23:55:09 +0200
Subject: [PATCH] Tags rulles

---
 my-rules.json | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/my-rules.json b/my-rules.json
index 58b888c..6f41755 100644
--- a/my-rules.json
+++ b/my-rules.json
@@ -1,10 +1,5 @@
 // Example/default ACLs for unrestricted connections.
 {
-	// Declare static groups of users. Use autogroups for all users or users with a specific role.
-	// "groups": {
-	//  	"group:example": ["alice@example.com", "bob@example.com"],
-	// },
-
 	// Define the tags which can be applied to devices and by which users.
 	"tagOwners": {
 		"tag:Host":    ["autogroup:admin"],
@@ -20,12 +15,17 @@
 	"acls": [
 		// Allow all connections.
 		// Comment this section out if you want to define specific restrictions.
-		{"action": "accept", "src": ["*"], "dst": ["*:*"]},
+		// {"action": "accept", "src": ["*"], "dst": ["*:*"]},
 
-		// Allow users in "group:example" to access "tag:example", but only from
-		// devices that are running macOS and have enabled Tailscale client auto-updating.
+		// Random can
 		{"action": "accept", "src": ["tag:Random"], "dst": ["*:*"]}, 
-		// {"action": "accept", "src": ["group:example"], "dst": ["tag:example:*"], "srcPosture":["posture:autoUpdateMac"]},
+	
+		// Host can
+		{"action": "accept", "src": ["tag:Host"], "dst": ["tag:Service":*]},
+
+		// Hidden serves
+		{"action": "accept", "src": ["*"], "dst": ["tag:Hidden:*"]},
+
 	],
 
 	// Define postures that will be applied to all rules without any specific