diff --git a/configs/nixos/plover/terraform/tailscale.tf b/configs/nixos/plover/terraform/tailscale.tf
new file mode 100644
index 00000000..69ea31b9
--- /dev/null
+++ b/configs/nixos/plover/terraform/tailscale.tf
@@ -0,0 +1,22 @@
+data "tailscale_device" "plover" {
+  hostname = "plover"
+}
+
+resource "tailscale_device_authorization" "plover_authorization" {
+  device_id = data.tailscale_device.plover.id
+  authorized = true
+  depends_on = [ hcloud_server.plover ]
+}
+
+resource "tailscale_tailnet_key" "plover" {
+  reusable = false
+  ephemeral = false
+  preauthorized = true
+  recreate_if_invalid = "always"
+  description = "Plover"
+}
+
+resource "local_file" "tailscale_auth_key" {
+  content = tailscale_tailnet_key.plover.key
+  filename = "${path.module}/plover-tailscale-auth-key"
+}
diff --git a/configs/nixos/plover/terraform/versions.tf b/configs/nixos/plover/terraform/versions.tf
index 5f5c1832..30a92369 100644
--- a/configs/nixos/plover/terraform/versions.tf
+++ b/configs/nixos/plover/terraform/versions.tf
@@ -9,5 +9,15 @@ terraform {
       source = "timohirt/hetznerdns"
       version = "2.2.0"
     }
+
+    tailscale = {
+      source = "tailscale/tailscale"
+      version = "0.17.2"
+    }
+
+    local = {
+      source = "hashicorp/local"
+      version = "2.5.2"
+    }
   }
 }