Settings: Tailscale
Tailscale VPN integration for mesh networking and host discovery
What you see
URL: /settings (Tailscale tab)
The Tailscale tab configures PodWarden's integration with your Tailscale network. When connected, PodWarden can automatically discover hosts on your tailnet and use Tailscale IPs for SSH connections and cluster communication.
Fields
| Field | Description |
|---|---|
| API key | Your Tailscale API key (starts with tskey-api-). Used to query the Tailscale API for device listings |
| Tailnet name | The name of your Tailscale network (e.g. example.com or your tailnet's organization name) |
| Auth key | A Tailscale auth key (starts with tskey-auth-) for automatically registering new devices to your tailnet during provisioning |
Available actions
| Action | What it does |
|---|---|
| Save | Persists the Tailscale configuration |
How Tailscale integration works
Once configured, Tailscale enables two features:
-
Host discovery -- The Discover button on the Hosts page queries the Tailscale API for all devices on your tailnet. New devices are added to PodWarden's inventory automatically with their Tailscale IP addresses.
-
Mesh networking -- Hosts communicate over the Tailscale mesh network instead of requiring public IPs or complex VPN configurations. PodWarden uses Tailscale IPs for SSH connections and K3s cluster networking.
Notes
- The API key needs read access to the Tailscale API. Generate one at Tailscale Admin Console.
- The auth key is optional. It is only needed if you want PodWarden to automatically add provisioned hosts to your tailnet.
- All credentials are stored encrypted in the PodWarden database.
Related docs
- Hosts -- Host discovery uses Tailscale
- Networking guide -- Mesh networking and connectivity types
- Settings -- System -- Previous settings tab
- Settings -- Hub -- Next settings tab