Back to Details

tailscale

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Tailscale Skill

Tailscale Skill

⚠️ MANDATORY SKILL INVOCATION ⚠️
YOU MUST invoke this skill (NOT optional) when the user mentions ANY of these triggers:
  • "Tailscale status", "tailnet devices", "VPN status"
  • "Tailscale peers", "who's connected", "exit nodes"
  • "check Tailscale", "tailnet monitoring", "Tailscale"
  • Any mention of Tailscale or VPN network management
Failure to invoke this skill when triggers occur violates your operational requirements.
Hybrid skill using CLI for local operations and API for tailnet-wide management.
⚠️ 必须调用本技能 ⚠️
当用户提及以下任一触发词时,你必须调用本技能(而非可选):
  • "Tailscale状态"、"tailnet设备"、"VPN状态"
  • "Tailscale节点"、"谁已连接"、"出口节点"
  • "检查Tailscale"、"tailnet监控"、"Tailscale"
  • 任何提及Tailscale或VPN网络管理的内容
若触发条件出现却未调用本技能,将违反操作规范。
本混合技能通过CLI执行本地操作,通过API进行tailnet全局管理。

Setup

设置

API config (optional, for tailnet-wide operations) is stored in 
~/.claude-homelab/.env
:
bash
TAILSCALE_API_KEY="tskey-api-k..."
TAILSCALE_TAILNET="-"
Get your API key from: Tailscale Admin Console → Settings → Keys → Generate API Key
The 
TAILSCALE_TAILNET
can be 
-
(auto-detect), your org name, or email domain.
API配置(可选,用于tailnet全局操作)存储在
~/.claude-homelab/.env
中:
bash
TAILSCALE_API_KEY="tskey-api-k..."
TAILSCALE_TAILNET="-"
从以下位置获取API密钥:Tailscale管理控制台 → 设置 → 密钥 → 生成API密钥
TAILSCALE_TAILNET
可设为
-
(自动检测)、你的组织名称或邮箱域名。

Local Operations (CLI)

本地操作(CLI)

These work on the current machine only.
这些操作仅在当前机器上生效。

Status & Diagnostics

状态与诊断

bash
undefined
bash
undefined

Current status (peers, connection state)

当前状态(节点、连接状态)

tailscale status tailscale status --json | jq '.Peer | to_entries[] | {name: .value.HostName, ip: .value.TailscaleIPs[0], online: .value.Online}'
tailscale status tailscale status --json | jq '.Peer | to_entries[] | {name: .value.HostName, ip: .value.TailscaleIPs[0], online: .value.Online}'

Network diagnostics (NAT type, DERP, UDP)

网络诊断(NAT类型、DERP、UDP)

tailscale netcheck tailscale netcheck --format=json
tailscale netcheck tailscale netcheck --format=json

Get this machine's Tailscale IP

获取本机的Tailscale IP

tailscale ip -4
tailscale ip -4

Identify a Tailscale IP

识别Tailscale IP

tailscale whois 100.x.x.x
undefined
tailscale whois 100.x.x.x
undefined

Connectivity

连接性

bash
undefined
bash
undefined

Ping a peer (shows direct vs relay)

Ping节点(显示直连还是中继)

tailscale ping <hostname-or-ip>
tailscale ping <hostname-or-ip>

Connect/disconnect

连接/断开

tailscale up tailscale down
tailscale up tailscale down

Use an exit node

使用出口节点

tailscale up --exit-node=<node-name> tailscale exit-node list tailscale exit-node suggest
undefined
tailscale up --exit-node=<node-name> tailscale exit-node list tailscale exit-node suggest
undefined

File Transfer (Taildrop)

文件传输(Taildrop)

bash
undefined
bash
undefined

Send files to a device

向设备发送文件

tailscale file cp myfile.txt <device-name>:
tailscale file cp myfile.txt <device-name>:

Receive files (moves from inbox to directory)

接收文件(从收件箱移动到指定目录)

tailscale file get ~/Downloads tailscale file get --wait ~/Downloads # blocks until file arrives
undefined
tailscale file get ~/Downloads tailscale file get --wait ~/Downloads # 阻塞直到文件到达
undefined

Expose Services

暴露服务

bash
undefined
bash
undefined

Share locally within tailnet (private)

在tailnet内共享(私有)

tailscale serve 3000 tailscale serve https://localhost:8080
tailscale serve 3000 tailscale serve https://localhost:8080

Share publicly to internet

向互联网公开共享

tailscale funnel 8080
tailscale funnel 8080

Check what's being served

查看当前共享的服务

tailscale serve status tailscale funnel status
undefined
tailscale serve status tailscale funnel status
undefined

SSH

SSH

bash
undefined
bash
undefined

SSH via Tailscale (uses MagicDNS)

通过Tailscale进行SSH(使用MagicDNS)

tailscale ssh user@hostname
tailscale ssh user@hostname

Enable SSH server on this machine

在本机启用SSH服务器

tailscale up --ssh

---
tailscale up --ssh

---

Tailnet-Wide Operations (API)

Tailnet全局操作(API)

These manage your entire tailnet. Requires API key.
这些操作管理整个tailnet,需要API密钥。

List All Devices

列出所有设备

bash
./scripts/ts-api.sh devices
bash
./scripts/ts-api.sh devices

With details

显示详细信息

./scripts/ts-api.sh devices --verbose
undefined
./scripts/ts-api.sh devices --verbose
undefined

Device Details

设备详情

bash
./scripts/ts-api.sh device <device-id-or-name>
bash
./scripts/ts-api.sh device <device-id-or-name>

Check Online Status

检查在线状态

bash
undefined
bash
undefined

Quick online check for all devices

快速检查所有设备的在线状态

./scripts/ts-api.sh online
undefined
./scripts/ts-api.sh online
undefined

Authorize/Delete Device

授权/删除设备

bash
./scripts/ts-api.sh authorize <device-id>
./scripts/ts-api.sh delete <device-id>
bash
./scripts/ts-api.sh authorize <device-id>
./scripts/ts-api.sh delete <device-id>

Device Tags & Routes

设备标签与路由

bash
./scripts/ts-api.sh tags <device-id> tag:server,tag:prod
./scripts/ts-api.sh routes <device-id>
bash
./scripts/ts-api.sh tags <device-id> tag:server,tag:prod
./scripts/ts-api.sh routes <device-id>

Auth Keys

授权密钥

bash
undefined
bash
undefined

Create a reusable auth key

创建可重用授权密钥

./scripts/ts-api.sh create-key --reusable --tags tag:server
./scripts/ts-api.sh create-key --reusable --tags tag:server

Create ephemeral key (device auto-removes when offline)

创建临时密钥(设备离线时自动移除)

./scripts/ts-api.sh create-key --ephemeral
./scripts/ts-api.sh create-key --ephemeral

List keys

列出密钥

./scripts/ts-api.sh keys
undefined
./scripts/ts-api.sh keys
undefined

DNS Management

DNS管理

bash
./scripts/ts-api.sh dns                 # Show DNS config
./scripts/ts-api.sh dns-nameservers     # List nameservers
./scripts/ts-api.sh magic-dns on|off    # Toggle MagicDNS
bash
./scripts/ts-api.sh dns                 # 显示DNS配置
./scripts/ts-api.sh dns-nameservers     # 列出域名服务器
./scripts/ts-api.sh magic-dns on|off    # 切换MagicDNS状态

ACLs

ACL

bash
./scripts/ts-api.sh acl                 # Get current ACL
./scripts/ts-api.sh acl-validate <file> # Validate ACL file
bash
./scripts/ts-api.sh acl                 # 获取当前ACL
./scripts/ts-api.sh acl-validate <file> # 验证ACL文件

Common Use Cases

常见用例

"Who's online right now?"
bash
./scripts/ts-api.sh online
"Send this file to my phone"
bash
tailscale file cp document.pdf my-phone:
"Expose my dev server publicly"
bash
tailscale funnel 3000
"Create a key for a new server"
bash
./scripts/ts-api.sh create-key --reusable --tags tag:server --expiry 7d
"Is the connection direct or relayed?"
bash
tailscale ping my-server
"当前谁在线?"
bash
./scripts/ts-api.sh online
"把这个文件发送到我的手机"
bash
tailscale file cp document.pdf my-phone:
"将我的开发服务器公开到互联网"
bash
tailscale funnel 3000
"为新服务器创建一个密钥"
bash
./scripts/ts-api.sh create-key --reusable --tags tag:server --expiry 7d
"连接是直连还是中继的?"
bash
tailscale ping my-server

🔧 Agent Tool Usage Requirements

🔧 Agent工具使用要求

CRITICAL: When invoking scripts from this skill via the zsh-tool, ALWAYS use 
pty: true
.
Without PTY mode, command output will not be visible even though commands execute successfully.
Correct invocation pattern:
typescript
<invoke name="mcp__plugin_zsh-tool_zsh-tool__zsh">
<parameter name="command">./skills/SKILL_NAME/scripts/SCRIPT.sh [args]</parameter>
<parameter name="pty">true</parameter>
</invoke>
重要提示: 当通过zsh-tool调用本技能中的脚本时,必须使用
pty: true
如果不使用PTY模式,即使命令执行成功,也无法看到命令输出。
正确调用格式:
typescript
<invoke name="mcp__plugin_zsh-tool_zsh-tool__zsh">
<parameter name="command">./skills/SKILL_NAME/scripts/SCRIPT.sh [args]</parameter>
<parameter name="pty">true</parameter>
</invoke>