← Back to Home ☕ Buy Me a Coffee

Tailscale on Raspberry Pi

Tailscale is a modern mesh VPN service built on the WireGuard protocol that securely connects devices into a private network (called a tailnet) without complex configuration. Unlike traditional VPNs that route all traffic through a central server, Tailscale establishes encrypted peer‑to‑peer connections directly between devices, reducing latency and bottlenecks.

🔍 What Tailscale Does

Zero‑config VPN: Devices automatically discover each other and connect securely, no manual IP setup required.
Mesh networking: Every device talks directly to others, forming a resilient peer‑to‑peer network.
Identity integration: Works with identity providers (Google, Microsoft, Okta, etc.) for authentication.
Cross‑platform: Runs on Linux, macOS, Windows, iOS, Android, and even NAS devices.
Exit nodes & routing: You can route all traffic through one device (like a home server) or advertise subnet routes.
MagicDNS: Provides human‑friendly names for devices instead of IP addresses.

🚀 Docker Installation Steps

Update your system
sudo apt update && sudo apt upgrade -y

Install Docker

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

Install Docker Compose
sudo apt install docker-compose-plugin
Add your user to the Docker group
sudo usermod -aG docker $USER
Enable Docker at boot
sudo systemctl enable docker
Reboot
sudo reboot
Test Docker
docker run hello-world

📁 Setup Tailscale

Go to Tailscale's website and create an account. Then setup your docker directories.

	mkdir ~/docker
	mkdir ~/docker/tailscale

🧾 Docker Compose File

In ~/docker/tailscale create docker-compose.yml

	services:
	  tailscale:
	    image: tailscale/tailscale:latest
	    container_name: tailscale
	    network_mode: host
	    privileged: true
	    volumes:
	      - ./tailscale:/var/lib/tailscale
	    environment:
	      - TS_STATE_DIR=/var/lib/tailscale
	    command: tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/var/run/tailscale/tailscaled.sock &
		     tailscale up --accept-dns=true --accept-routes=true
	    restart: unless-stopped

▶️ Start Tailscale

From within ~/docker/tailscale run:

docker compose up -d

Now run docker exec -it tailscale tailscale up That will give you a link to browse to to register the Pi with Tailscale.

📜 View Logs

docker logs tailscale

Check the status

docker exec -it tailscale tailscale status

You should see your Pi listed.

🌐 Access Web Interface

Go to Tailscale's website. You should see your Pi listed.

If you find my content useful, please consider supporting this page:

☕ Buy Me a Coffee