Recently
Tech
Career Dev log
Nature
Trail map Park completion
Hobby
Art Music Library Minerals
Odds & Ends
now playing
Alexis Garado

Tailscale

created2026-02-08
modified2026-06-05 18:07
tagsself-hosting
statusstub

Tailscale is a mesh VPN provider, allowing multiple devices to communicate with each other as though they were on the same LAN. The network of interconnected Tailscale devices is called a tailnet.

How it works

== (?) where exactly does the tailscale “bridge” happen? does my router see my real IP, or my tailscale IP it sees your real IP. ==

== (?) it’s peer-to-peer through wireguard… what is wireguard? ==

Tailscale features

tailscale serve

This is used to share a local service over the tailnet with HTTPS. It operates as a built-in reverse proxy.

tailscale-serve-reverse-proxy

tailscale serve only natively supports a single service per machine, so tsdproxy is often used to implement a multiple-service, single-host setup.

Setting up tailscale serve

In the Tailscale admin panel, the endpoint must be tcp:443.

# Runs `serve` persistently in the background
sudo tailscale serve --bg http://127.0.0.1:3000

# Gives the service a name for Tailscale's service discovery, so other tailnet nodes can find it by name
sudo tailscale serve --service="svc:enchiridion" --https=443 http://127.0.0.1:3000