playbooks

home / skills / plurigrid / asi / tailscale

tailscale skill

/skills/tailscale

This skill helps you manage and diagnose a Tailscale mesh VPN by outlining common commands for connect, ssh, serve, funnel, file, and dns.

npx playbooks add skill plurigrid/asi --skill tailscale

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
712 B
---
name: tailscale
description: Mesh VPN.
metadata:
  trit: 0
---

# tailscale

Mesh VPN.

## Connect

```bash
tailscale up
tailscale down
tailscale status
```

## SSH

```bash
tailscale ssh hostname
tailscale ssh user@hostname
```

## Serve

```bash
tailscale serve http://localhost:8080
tailscale serve https://localhost:443
tailscale serve status
tailscale serve reset
```

## Funnel

```bash
tailscale funnel 443
tailscale funnel status
tailscale funnel reset
```

## File

```bash
tailscale file cp file.txt hostname:
tailscale file get ~/Downloads/
```

## DNS

```bash
tailscale dns status
tailscale whois 100.x.y.z
```

## Exit

```bash
tailscale set --exit-node=hostname
tailscale set --exit-node=
```

Overview

This skill exposes common Tailscale mesh VPN operations and workflows for managing secure private networking across devices. It focuses on quick commands for connecting, SSHing, serving local apps, enabling funnels, transferring files, DNS queries, and using exit nodes. The guidance helps developers and operators perform routine actions reliably.

How this skill works

The skill maps typical Tailscale CLI actions to clear, actionable commands. It shows how to bring interfaces up and down, inspect status, initiate SSH over the mesh, expose local services via Tailscale Serve and Funnel, transfer files, query DNS/whois information, and configure exit nodes. Each command is presented as a concise example for immediate execution.

When to use it

  • Set up or tear down a Tailscale connection on a device.
  • SSH into a machine on your Tailscale network without opening ports.
  • Expose a local web app to a team or the internet securely using Serve or Funnel.
  • Transfer files between devices over the mesh without additional tooling.
  • Route all traffic through another device using an exit node for testing or privacy.

Best practices

  • Run 'tailscale up' as part of startup scripts or systemd units to ensure connectivity.
  • Use 'tailscale status' frequently to verify device health and connectivity before relying on services.
  • Prefer 'tailscale serve' for short-lived demos and 'funnel' for single-port public exposure with minimal config.
  • Use Tailscale SSH keys or user-level access controls rather than broad host-level accounts when possible.
  • Test exit-node routing and DNS behavior in a controlled environment before deploying to users.

Example use cases

  • Developer exposes a local web server to a teammate: tailscale serve http://localhost:8080 then share the generated URL.
  • Admin SSHs into a remote machine across NAT: tailscale ssh user@hostname to run maintenance.
  • Support agent copies logs from a user device: tailscale file cp /var/log/app.log hostname:
  • Team routes traffic through a secure gateway for compliance testing: tailscale set --exit-node=hostname
  • Engineer checks mesh routing problems: tailscale status and tailscale whois 100.x.y.z to inspect IP ownership.

FAQ

How do I quickly enable the mesh on a new device?

Run 'tailscale up' after installing Tailscale; verify with 'tailscale status'. Use automated startup to persist connectivity.

Can I expose a local HTTPS site with Tailscale?

Yes. Use 'tailscale serve https://localhost:443' to expose a local HTTPS site through Tailscale's serving layer.