Tailscale MCP Server
Manage Tailscale tailnets, devices, and policies from your agent when homelab or staging lives on private networks.
Overview
io.github.itunified-io/tailscale is an Operate-phase MCP server that exposes 48 Tailscale API tools across 9 domains for secure agent access to private infrastructure.
What is this MCP server?
- 48 MCP tools organized across 9 domain areas on the Tailscale API surface
- Authenticate with TAILSCALE_API_KEY or OAuth client ID and secret plus TAILSCALE_TAILNET
- stdio server via npx tailscale-mcp (version 2026.3.16)
- Bridges MCP agents to private infrastructure without exposing services publicly
- Source repository itunified-io/mcp-tailscale on GitHub
- 48 MCP tools across 9 domains per server description
- tailscale-mcp npm package version 2026.3.16 with stdio transport
What problem does it solve?
Your services sit on a tailnet and you waste time context-switching to the Tailscale admin UI when the agent could run the same checks if it had API tools.
Who is it for?
Indie operators who already use Tailscale for homelab, staging, or small prod and want agent-driven tailnet inspection and changes with audited API keys.
Skip if: Builders with only public cloud resources and no Tailscale footprint, or orgs that block agents from holding Tailscale API credentials.
What do I get? / Deliverables
Once API or OAuth env vars and tailnet are set, your agent can query and manage Tailscale resources over MCP while you keep private hosts off the public internet.
- Agent-driven Tailscale API operations across 9 documented domains
- MCP bridge for private host and policy management without public exposure
- Repeatable stdio MCP setup for ops workflows
Recommended MCP Servers
Journey fit
Tailscale governs how you reach production and private hosts day to day, which aligns with Operate and infrastructure on Skillselion. Private network access, ACLs, and tailnet administration are core infra tasks for solo operators running services behind Tailscale.
How it compares
Tailscale control-plane MCP (48 tools), not a generic SSH skill or public-cloud-only IaC plugin.
Common Questions / FAQ
Who is io.github.itunified-io/tailscale for?
Solo builders and tiny teams who route admin work through Tailscale and want Claude, Cursor, or Codex to call Tailscale APIs via MCP instead of manual console work.
When should I use io.github.itunified-io/tailscale?
Use it in Operate when debugging connectivity, reviewing devices and ACLs, or automating tailnet tasks; also during Ship when validating private deploy paths.
How do I add io.github.itunified-io/tailscale to my agent?
Register tailscale-mcp with npx stdio transport, set TAILSCALE_API_KEY (or OAuth client ID/secret) and TAILSCALE_TAILNET, then enable the server in your MCP client config.