Approve machine as exit node

[OJFord]

Is your feature request related to a problem? Please describe.
When a machine starts up with --advertise-exit-node, it must be manually enabled in the UI:

Describe the solution you'd like
Something in terraform. Perhaps similarly to device_authorization:

data "tailscale_device" "sample_device" {
  name = "device.example.com"
}

resource "tailscale_device_exit_node" "sample_device" {
  device_id  = data.tailscale_device.sample_device.id
  exit_node = true
}

or perhaps it's an opportunity to refactor that into a single tailscale_device_settings or something.

Additional context

[mayakacz]

You can approve a device's advertised routes via the API (they still need to be advertised from the device): https://github.com/tailscale/tailscale/blob/main/api.md#set-device-routes. This requires specifying the route.

You could also address this with auto approvers: https://tailscale.com/kb/1018/acls/#auto-approvers-for-routes-and-exit-nodes. You could tag the auth key or OAuth client the Terraform provider uses, and allow that tag to approve whatever routes you expect.

[mhutter]

Through some diggging I found out that an "Exit node" is just a node that routes 0.0.0.0/0 and ::/0, so to achieve this just add those two routes (with tailscale_device_subnet_routes).

See: #279