The Tailscale MCP Server provides a standardized interface for automating Tailscale network management through CLI and REST API integration. With this server, you can:
Device Management: List, authorize, deauthorize, and delete devices; manage routes and tags
Network Operations: Connect/disconnect networks, check status, and ping peers
Security Controls: Manage ACLs, policy files, device tags, and network lock settings
DNS Management: Configure nameservers, search paths, and MagicDNS preferences
Key Management: Create, list, and delete authentication keys with specific capabilities
Additional Features: Configure exit nodes, manage file sharing, set up webhooks, and retrieve version information
Built on Node.js runtime (requires v18+) with ES module support for executing Tailscale CLI commands and interacting with the Tailscale REST API.
Provides tools for managing Tailscale networks, including device management (listing, authorizing/deauthorizing devices), subnet route control, network connectivity operations (connect/disconnect), and peer monitoring via ping functionality.
Leverages TypeScript for type safety throughout the implementation, with Zod validation for schema validation and type checking of inputs and outputs.
Uses Zod for runtime validation of data schemas, ensuring type safety and providing descriptive error messages for invalid parameters.
Tailscale MCP Server
A modern Model Context Protocol (MCP) server that provides seamless integration with Tailscale's CLI commands and REST API, enabling automated network management and monitoring through a standardized interface.
๐ฆ Available Packages
Docker Hub:
hexsleeves/tailscale-mcp-server
GitHub Container Registry:
ghcr.io/hexsleeves/tailscale-mcp-server
๐ Recommended Package Manager
This project is optimized for Bun for faster installation and execution. NPM is supported as a fallback option.
Quick Setup with Bun
Fallback with NPM
Features
Device Management: List, authorize, deauthorize, and manage Tailscale devices
Network Operations: Connect/disconnect, manage routes, and monitor network status
Security Controls: Manage ACLs, device tags, and network lock settings
Modern Architecture: Modular tool system with TypeScript and Zod validation
CLI Integration: Direct integration with Tailscale CLI commands
API Integration: REST API support for advanced operations
๐ Documentation
This project includes comprehensive documentation organized by domain:
๐ง CI/CD Workflows - GitHub Actions, testing pipelines, and release automation
๐งช Testing Strategy - Unit tests, integration tests, and testing best practices
๐ณ Docker Guide - Container usage, development workflows, and deployment strategies
Quick Start
Option 1: NPX (Recommended)
Run directly without installation:
Option 2: Docker
๐ For detailed Docker usage, development workflows, and deployment strategies, see the
Configuration
Claude Desktop
Add to your Claude Desktop configuration (~/.claude/claude_desktop_config.json
):
Using NPX (Recommended)
Using Docker
Environment Variables
Variable | Description | Required | Default |
| Tailscale API key | Yes* | - |
| Tailscale tailnet name | Yes* | - |
| API base URL | No |
|
| Logging level (0-3) | No |
(INFO) |
| Server log file path | No | - |
*Required for API-based operations. CLI operations work without API credentials.
Available Tools
Device Management
list_devices
- List all devices in the Tailscale networkdevice_action
- Perform actions on specific devices (authorize, deauthorize, delete, expire-key)manage_routes
- Enable or disable routes for devices
Network Operations
get_network_status
- Get current network status from Tailscale CLIconnect_network
- Connect to the Tailscale networkdisconnect_network
- Disconnect from the Tailscale networkping_peer
- Ping a peer device
System Information
get_version
- Get Tailscale version informationget_tailnet_info
- Get detailed network information
Development
Quick Setup
Development Commands
Local Claude Desktop Configuration
๐ For comprehensive development guides, testing strategies, and CI/CD information:
Testing Documentation - Unit tests, integration tests, coverage
Docker Development - Container-based development workflows
CI/CD Workflows - GitHub Actions, automation, releases
Project Structure
Adding New Tools
Create a tool module in src/tools/
and register it in src/server.ts
. See existing tools for examples of the modular architecture using Zod schemas and TypeScript.
Debugging
API Reference
Tool Categories
Device Tools
Device listing and filtering
Device authorization management
Route management per device
Network Tools
Network status monitoring
Connection management
Peer connectivity testing
Security Tools
ACL management
Device tagging
Network lock operations
Contributing
Fork the repository
Create a feature branch:
git checkout -b feature/amazing-feature
Make your changes and add tests
Run quality checks:
bun run qa:full
(ornpm run qa:full
)Commit your changes:
git commit -m 'Add amazing feature'
Push to the branch:
git push origin feature/amazing-feature
Open a Pull Request
Development Guidelines
Use TypeScript for all new code
Add Zod schemas for input validation
Include tests for new tools (see Testing Guide)
Follow the existing modular architecture
Update documentation for new features
Resources for Contributors
Testing Strategy - How to write and run tests
CI/CD Workflows - Understanding the automation pipeline
Docker Development - Container-based development workflows
License
MIT License - see LICENSE file for details.
Support
Issues - Bug reports and feature requests
Discussions - Questions and community support
MCP Documentation - Learn more about MCP
Changelog
See CHANGELOG.md for version history and updates.
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
Tools
Provides seamless integration with Tailscale's CLI commands and REST API, enabling automated network management and monitoring through a standardized Model Context Protocol interface.
Related MCP Servers
- AsecurityFlicenseAqualityA Model Context Protocol server that integrates with AWS CodePipeline, allowing users to manage pipelines through Windsurf and Cascade using natural language commands.Last updated -124
- -securityFlicense-qualityA Model Context Protocol server that provides a comprehensive interface for interacting with the ConnectWise Manage API, simplifying API discovery, execution, and management for both developers and AI assistants.Last updated -06
- AsecurityAlicenseAqualityA Model Context Protocol server that provides network packet capture and analysis capabilities through Wireshark/tshark integration, enabling AI assistants to perform network security analysis and troubleshooting.Last updated -423MIT License
- -securityAlicense-qualityAn MCP (Model Context Protocol) server for managing Tailscale resources using the official Tailscale Go client library v2. This server provides complete coverage of the Tailscale API with enhanced, self-descriptive tools powered by OpenAPI documentation.Last updated -2MIT License