The Tailscale MCP Server provides a standardized interface for automating Tailscale network management through CLI and REST API integration. With this server, you can:
- Device Management: List, authorize, deauthorize, and delete devices; manage routes and tags
- Network Operations: Connect/disconnect networks, check status, and ping peers
- Security Controls: Manage ACLs, policy files, device tags, and network lock settings
- DNS Management: Configure nameservers, search paths, and MagicDNS preferences
- Key Management: Create, list, and delete authentication keys with specific capabilities
- Additional Features: Configure exit nodes, manage file sharing, set up webhooks, and retrieve version information
Built on Node.js runtime (requires v18+) with ES module support for executing Tailscale CLI commands and interacting with the Tailscale REST API.
Provides tools for managing Tailscale networks, including device management (listing, authorizing/deauthorizing devices), subnet route control, network connectivity operations (connect/disconnect), and peer monitoring via ping functionality.
Leverages TypeScript for type safety throughout the implementation, with Zod validation for schema validation and type checking of inputs and outputs.
Uses Zod for runtime validation of data schemas, ensuring type safety and providing descriptive error messages for invalid parameters.
Tailscale MCP Server
A modern Model Context Protocol (MCP) server that provides seamless integration with Tailscale's CLI commands and REST API, enabling automated network management and monitoring through a standardized interface.
📦 Available Packages
- NPM:
@hexsleeves/tailscale-mcp-server
- Docker Hub:
hexsleeves/tailscale-mcp-server
- GitHub Container Registry:
ghcr.io/hexsleeves/tailscale-mcp-server
🚀 Recommended Package Manager
This project is optimized for Bun for faster installation and execution. NPM is supported as a fallback option.
Quick Setup with Bun
Fallback with NPM
Features
- Device Management: List, authorize, deauthorize, and manage Tailscale devices
- Network Operations: Connect/disconnect, manage routes, and monitor network status
- Security Controls: Manage ACLs, device tags, and network lock settings
- Modern Architecture: Modular tool system with TypeScript and Zod validation
- CLI Integration: Direct integration with Tailscale CLI commands
- API Integration: REST API support for advanced operations
📚 Documentation
This project includes comprehensive documentation organized by domain:
- 🔧 CI/CD Workflows - GitHub Actions, testing pipelines, and release automation
- 🧪 Testing Strategy - Unit tests, integration tests, and testing best practices
- 🐳 Docker Guide - Container usage, development workflows, and deployment strategies
Quick Start
Option 1: NPX (Recommended)
Run directly without installation:
Option 2: Docker
📖 For detailed Docker usage, development workflows, and deployment strategies, see the Docker Guide
Configuration
Claude Desktop
Add to your Claude Desktop configuration (~/.claude/claude_desktop_config.json
):
Using NPX (Recommended)
Using Docker
Environment Variables
Variable | Description | Required | Default |
---|---|---|---|
TAILSCALE_API_KEY | Tailscale API key | Yes* | - |
TAILSCALE_TAILNET | Tailscale tailnet name | Yes* | - |
TAILSCALE_API_BASE_URL | API base URL | No | https://api.tailscale.com |
LOG_LEVEL | Logging level (0-3) | No | 1 (INFO) |
MCP_SERVER_LOG_FILE | Server log file path | No | - |
*Required for API-based operations. CLI operations work without API credentials.
Available Tools
Device Management
list_devices
- List all devices in the Tailscale networkdevice_action
- Perform actions on specific devices (authorize, deauthorize, delete, expire-key)manage_routes
- Enable or disable routes for devices
Network Operations
get_network_status
- Get current network status from Tailscale CLIconnect_network
- Connect to the Tailscale networkdisconnect_network
- Disconnect from the Tailscale networkping_peer
- Ping a peer device
System Information
get_version
- Get Tailscale version informationget_tailnet_info
- Get detailed network information
Development
Quick Setup
Development Commands
Local Claude Desktop Configuration
📖 For comprehensive development guides, testing strategies, and CI/CD information:
- Testing Documentation - Unit tests, integration tests, coverage
- Docker Development - Container-based development workflows
- CI/CD Workflows - GitHub Actions, automation, releases
Project Structure
Adding New Tools
Create a tool module in src/tools/
and register it in src/server.ts
. See existing tools for examples of the modular architecture using Zod schemas and TypeScript.
Debugging
API Reference
Tool Categories
Device Tools
- Device listing and filtering
- Device authorization management
- Route management per device
Network Tools
- Network status monitoring
- Connection management
- Peer connectivity testing
Security Tools
- ACL management
- Device tagging
- Network lock operations
Contributing
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature
- Make your changes and add tests
- Run quality checks:
bun run qa:full
(ornpm run qa:full
) - Commit your changes:
git commit -m 'Add amazing feature'
- Push to the branch:
git push origin feature/amazing-feature
- Open a Pull Request
Development Guidelines
- Use TypeScript for all new code
- Add Zod schemas for input validation
- Include tests for new tools (see Testing Guide)
- Follow the existing modular architecture
- Update documentation for new features
Resources for Contributors
- Testing Strategy - How to write and run tests
- CI/CD Workflows - Understanding the automation pipeline
- Docker Development - Container-based development workflows
License
MIT License - see LICENSE file for details.
Support
- Issues - Bug reports and feature requests
- Discussions - Questions and community support
- MCP Documentation - Learn more about MCP
Changelog
See CHANGELOG.md for version history and updates.
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
Tools
Provides seamless integration with Tailscale's CLI commands and REST API, enabling automated network management and monitoring through a standardized Model Context Protocol interface.
Related MCP Servers
- AsecurityFlicenseAqualityEnables interaction with Linear's API for managing issues, teams, and projects programmatically through the Model Context Protocol.Last updated -7831JavaScript
- -securityAlicense-qualityA Model Context Protocol server implementation that allows AI models to interact with and manage Spinnaker deployments, pipelines, and applications through a standardized interface.Last updated -14TypeScriptMIT License
- -securityFlicense-qualityA Model Context Protocol server that integrates with AWS CodePipeline, allowing users to manage pipelines through Windsurf and Cascade using natural language commands.Last updated -4TypeScript
- -securityFlicense-qualityA Model Context Protocol server that provides a comprehensive interface for interacting with the ConnectWise Manage API, simplifying API discovery, execution, and management for both developers and AI assistants.Last updated -462Python