The Tailscale MCP Server provides a standardized interface for automating Tailscale network management through CLI and REST API integration. With this server, you can:
- Device Management: List, authorize, deauthorize, and delete devices; manage routes and tags 
- Network Operations: Connect/disconnect networks, check status, and ping peers 
- Security Controls: Manage ACLs, policy files, device tags, and network lock settings 
- DNS Management: Configure nameservers, search paths, and MagicDNS preferences 
- Key Management: Create, list, and delete authentication keys with specific capabilities 
- Additional Features: Configure exit nodes, manage file sharing, set up webhooks, and retrieve version information 
Built on Node.js runtime (requires v18+) with ES module support for executing Tailscale CLI commands and interacting with the Tailscale REST API.
Provides tools for managing Tailscale networks, including device management (listing, authorizing/deauthorizing devices), subnet route control, network connectivity operations (connect/disconnect), and peer monitoring via ping functionality.
Leverages TypeScript for type safety throughout the implementation, with Zod validation for schema validation and type checking of inputs and outputs.
Uses Zod for runtime validation of data schemas, ensuring type safety and providing descriptive error messages for invalid parameters.
Tailscale MCP Server
A modern Model Context Protocol (MCP) server that provides seamless integration with Tailscale's CLI commands and REST API, enabling automated network management and monitoring through a standardized interface.
๐ฆ Available Packages
- Docker Hub: - hexsleeves/tailscale-mcp-server
- GitHub Container Registry: - ghcr.io/hexsleeves/tailscale-mcp-server
๐ Recommended Package Manager
This project is optimized for Bun for faster installation and execution. NPM is supported as a fallback option.
Quick Setup with Bun
Fallback with NPM
Features
- Device Management: List, authorize, deauthorize, and manage Tailscale devices 
- Network Operations: Connect/disconnect, manage routes, and monitor network status 
- Security Controls: Manage ACLs, device tags, and network lock settings 
- Modern Architecture: Modular tool system with TypeScript and Zod validation 
- CLI Integration: Direct integration with Tailscale CLI commands 
- API Integration: REST API support for advanced operations 
๐ Documentation
This project includes comprehensive documentation organized by domain:
- ๐ง CI/CD Workflows - GitHub Actions, testing pipelines, and release automation 
- ๐งช Testing Strategy - Unit tests, integration tests, and testing best practices 
- ๐ณ Docker Guide - Container usage, development workflows, and deployment strategies 
Quick Start
Option 1: NPX (Recommended)
Run directly without installation:
Option 2: Docker
๐ For detailed Docker usage, development workflows, and deployment strategies, see the
Configuration
Claude Desktop
Add to your Claude Desktop configuration (~/.claude/claude_desktop_config.json):
Using NPX (Recommended)
Using Docker
Environment Variables
| Variable | Description | Required | Default | 
| 
 | Tailscale API key | Yes* | - | 
| 
 | Tailscale tailnet name | Yes* | - | 
| 
 | API base URL | No | 
 | 
| 
 | Logging level (0-3) | No | 
 (INFO) | 
| 
 | Server log file path | No | - | 
*Required for API-based operations. CLI operations work without API credentials.
Available Tools
Device Management
- list_devices- List all devices in the Tailscale network
- device_action- Perform actions on specific devices (authorize, deauthorize, delete, expire-key)
- manage_routes- Enable or disable routes for devices
Network Operations
- get_network_status- Get current network status from Tailscale CLI
- connect_network- Connect to the Tailscale network
- disconnect_network- Disconnect from the Tailscale network
- ping_peer- Ping a peer device
System Information
- get_version- Get Tailscale version information
- get_tailnet_info- Get detailed network information
Development
Quick Setup
Development Commands
Local Claude Desktop Configuration
๐ For comprehensive development guides, testing strategies, and CI/CD information:
Testing Documentation - Unit tests, integration tests, coverage
Docker Development - Container-based development workflows
CI/CD Workflows - GitHub Actions, automation, releases
Project Structure
Adding New Tools
Create a tool module in src/tools/ and register it in src/server.ts. See existing tools for examples of the modular architecture using Zod schemas and TypeScript.
Debugging
API Reference
Tool Categories
Device Tools
- Device listing and filtering 
- Device authorization management 
- Route management per device 
Network Tools
- Network status monitoring 
- Connection management 
- Peer connectivity testing 
Security Tools
- ACL management 
- Device tagging 
- Network lock operations 
Contributing
- Fork the repository 
- Create a feature branch: - git checkout -b feature/amazing-feature
- Make your changes and add tests 
- Run quality checks: - bun run qa:full(or- npm run qa:full)
- Commit your changes: - git commit -m 'Add amazing feature'
- Push to the branch: - git push origin feature/amazing-feature
- Open a Pull Request 
Development Guidelines
- Use TypeScript for all new code 
- Add Zod schemas for input validation 
- Include tests for new tools (see Testing Guide) 
- Follow the existing modular architecture 
- Update documentation for new features 
Resources for Contributors
- Testing Strategy - How to write and run tests 
- CI/CD Workflows - Understanding the automation pipeline 
- Docker Development - Container-based development workflows 
License
MIT License - see LICENSE file for details.
Support
- Issues - Bug reports and feature requests 
- Discussions - Questions and community support 
- MCP Documentation - Learn more about MCP 
Changelog
See CHANGELOG.md for version history and updates.
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
Tools
Provides seamless integration with Tailscale's CLI commands and REST API, enabling automated network management and monitoring through a standardized Model Context Protocol interface.
Related MCP Servers
- Asecurity-licenseAqualityA Model Context Protocol server that integrates with AWS CodePipeline, allowing users to manage pipelines through Windsurf and Cascade using natural language commands.Last updated -124
- -security-license-qualityA Model Context Protocol server that provides a comprehensive interface for interacting with the ConnectWise Manage API, simplifying API discovery, execution, and management for both developers and AI assistants.Last updated -06
- Asecurity-licenseAqualityA Model Context Protocol server that provides network packet capture and analysis capabilities through Wireshark/tshark integration, enabling AI assistants to perform network security analysis and troubleshooting.Last updated -423MIT License
- -security-license-qualityAn MCP (Model Context Protocol) server for managing Tailscale resources using the official Tailscale Go client library v2. This server provides complete coverage of the Tailscale API with enhanced, self-descriptive tools powered by OpenAPI documentation.Last updated -2MIT License