Tailscale VPN Setup

Tailscale is a mesh VPN software that uses WireGuard technology. It also include other fun features like Tailscale Funnel.

Tailscale Funnel allows you to publicly expose your machine's local services without needing to purchase a domain & set up port forwarding. It hosts your machine's domain on their Funnel Servers. The Funnel Server accepts requests & sends a TCP proxy to your machine where TLS cert is terminated. Simple, secure & only requires a few short commands.

Requirements

Tailscale account
Enable HTTPS certificates in the admin console.
Open the Access controls page in the admin console and click the Add Funnel to policy button

Download Tailscale from the Mac App Store or directly from Tailscale
Login from the top right menu icon & enable start on login from preferences
Add alias for the Tailscale CLI to your shell configuration by entering the command below into terminal.

echo 'alias tailscale="/Applications/Tailscale.app/Contents/MacOS/Tailscale"' | sudo tee -a ~/.zshrc

Alternatively, you can use /Applications/Tailscale.app/Contents/MacOS/Tailscale <command>

Proxy requests to BlueBubbles's local web server on the default port 1234. Make sure to check your setup in case a different port is being used. Supported serve ports are 443, 8443, or 10000.

tailscale serve --bg --https=443 1234

Enable the funnel to route proxy traffic over Tailscale funnel servers. Again, supported ports are 443, 8443, or 10000 - match with what you chose in Step 4. Replace port 1234 with your BlueBubble's local web server.

tailscale funnel --bg --https=443 1234

Check the funnel status with the following - you should see (Funnel on):

tailscale serve status

Finally, copy the entire URL that you see in step 6 to the BlueBubbles Proxy Service drop-down menu:

https://machine-name.example.ts.net:443/

Thanks to @bobspop in Discord for creating this guide. Updated by @ampersandru

PreviousNginx Manual Setup NextDeveloper Guides - Overview

Last updated 10 months ago