Skip to content

Add automatic Tailscale Serve integration#27

Merged
gricha merged 3 commits intomainfrom
feature/tailscale-serve
Jan 7, 2026
Merged

Add automatic Tailscale Serve integration#27
gricha merged 3 commits intomainfrom
feature/tailscale-serve

Conversation

@gricha
Copy link
Copy Markdown
Owner

@gricha gricha commented Jan 7, 2026
edited
Loading

Summary

  • Auto-detect Tailscale on agent startup and start tailscale serve for trusted HTTPS
  • Extract identity headers (Tailscale-User-Login, Tailscale-User-Name, Tailscale-User-Profile-Pic) from requests
  • Show all access URLs: localhost, Tailnet HTTP (short name), Tailnet HTTPS (full domain)
  • Graceful fallback with actionable error messages when permissions are missing

Output Examples

With Tailscale Serve enabled:

[agent] Tailscale detected: workstation.fable-interval.ts.net
[agent] Tailscale Serve enabled
[agent] Agent running at http://localhost:7391
[agent] Tailnet: http://workstation:7391
[agent] Tailnet HTTPS: https://workstation.fable-interval.ts.net

Without operator permissions:

[agent] Tailscale detected: workstation.fable-interval.ts.net
[agent] Tailscale Serve requires operator permissions
[agent] To enable: Run: sudo tailscale set --operator=$USER
[agent] Continuing without HTTPS...

Behavior

Scenario What happens
Tailscale not installed Agent starts normally, no Tailscale logs
Tailscale running + HTTPS + operator set Shows all 3 URLs (localhost, Tailnet HTTP, Tailnet HTTPS)
Tailscale running + HTTPS, no operator Logs fix command, falls back to localhost + Tailnet HTTP
Tailscale running, HTTPS not enabled Falls back to localhost + Tailnet HTTP

Documentation

Added docs/docs/configuration/tailscale.md with:

  • Setup instructions
  • Troubleshooting guide
  • Security considerations

Test plan

  • Test on machine without Tailscale (starts normally)
  • Test with Tailscale + no operator (shows fix command)
  • Test with Tailscale + operator set (shows HTTPS URL)
  • Verify HTTPS works via curl

🤖 Generated with Claude Code

gricha and others added 2 commits January 6, 2026 23:01
@gricha @claude
Add automatic Tailscale Serve integration
fdf86ba 
When Tailscale is detected and HTTPS is enabled in the tailnet, the agent
automatically starts `tailscale serve` to provide trusted HTTPS access.

Features:
- Auto-detect Tailscale on agent startup
- Start/stop Tailscale Serve automatically with agent lifecycle
- Extract identity headers (Tailscale-User-Login, etc.) from requests
- Show Tailscale info in `perry info` command
- Graceful fallback when Tailscale is not available

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@gricha @claude
Improve Tailscale error handling and add documentation
1b37f43 
- Return detailed error info from startTailscaleServe (permission_denied vs unknown)
- Show actionable fix message when operator permissions are missing
- Add comprehensive Tailscale configuration documentation
- Graceful fallback continues agent startup without HTTPS

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
sentry[bot]
sentry bot reviewed Jan 7, 2026
View reviewed changes
Comment thread src/agent/run.ts
Comment on lines 267 to 277
});

const shutdown = () => {
const shutdown = async () => {
console.log('[agent] Shutting down...');
if (tailscaleServeActive) {
console.log('[agent] Stopping Tailscale Serve...');
await stopTailscaleServe();
}
chatServer.close();
opencodeServer.close();
terminalServer.close();

This comment was marked as outdated.

Sign in to view

@gricha @claude
Show both Tailnet HTTP and HTTPS URLs
9231a70 
- Display short hostname for HTTP access (http://workstation:7391)
- Display full domain for HTTPS access (https://workstation.fable-interval.ts.net)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@gricha gricha merged commit e73c2c4 into main Jan 7, 2026
6 checks passed
@gricha gricha deleted the feature/tailscale-serve branch January 7, 2026 07:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@sentry sentry[bot] sentry[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gricha