# Tailscale VPN Setup

Tailscale is a mesh VPN software that uses WireGuard technology. It also include other fun features like Tailscale Funnel.

[Tailscale Funnel ](https://tailscale.com/kb/1223/tailscale-funnel/)allows you to publicly expose your machine's local services without needing to purchase a domain & set up port forwarding. It hosts your machine's domain on their Funnel Servers. The Funnel Server accepts requests & sends a TCP proxy to your machine where TLS cert is terminated. Simple, secure & only requires a few short commands.

***

Requirements

* [Tailscale account](https://login.tailscale.com/start)
* Enable [HTTPS certificates](https://login.tailscale.com/admin/dns) in the [admin console](https://login.tailscale.com/admin/dns).
* Open the [**Access controls**](https://login.tailscale.com/admin/acls) page in the admin console and click the **Add Funnel to policy** button

***

1. Download Tailscale from the [Mac App Store](https://apps.apple.com/ca/app/tailscale/id1475387142) or [directly from Tailscale](https://pkgs.tailscale.com/stable/#macos)
2. Login from the top right menu icon & enable start on login from preferences
3. Add alias for the Tailscale CLI to your shell configuration by entering the command below into terminal.

```bash
echo 'alias tailscale="/Applications/Tailscale.app/Contents/MacOS/Tailscale"' | sudo tee -a ~/.zshrc
```

Alternatively, you can use `/Applications/Tailscale.app/Contents/MacOS/Tailscale <command>`

4. Proxy requests to BlueBubbles's local web server on the default port 1234. Make sure to check your setup in case a different port is being used. Supported serve ports are 443, 8443, or 10000.

```bash
tailscale serve --bg --https=443 1234
```

5. Enable the funnel to route proxy traffic over Tailscale funnel servers. Again, supported ports are 443, 8443, or 10000 - match with what you chose in Step 4. Replace port 1234 with your BlueBubble's local web server.

```bash
tailscale funnel --bg --https=443 1234
```

6. Check the funnel status with the following - you should see `(Funnel on)`:

```bash
tailscale serve status 
```

7. Finally, copy the entire URL that you see in step 6 to the BlueBubbles Proxy Service drop-down menu:

```bash
https://machine-name.example.ts.net:443/
```

***

* [Tailscale Funnel CLI](https://tailscale.com/kb/1080/cli/#serve)
* [Tailscale Funnel Documentation](https://tailscale.com/kb/1223/tailscale-funnel/)
* [Access Control Lists (ACLs)](https://tailscale.com/kb/1018/acls/)
* [Download](https://tailscale.com/download/mac)
* [Introduction to Tailscale funnel](https://tailscale.com/blog/introducing-tailscale-funnel/)

Thanks to @bobspop in Discord for creating this guide. Updated by @ampersandru


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.bluebubbles.app/server/advanced/byo-proxy-service-guides/tailscale-vpn-setup.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.