connect-tailscalelisted

# Connect computer(s) to a VPS over Tailscale > GLOBAL reference. When you wire up a real machine, draft a tailored user skill > (`~/.mindpalace/skills/tailscale-<machine>.md`, `derived_from: connect-tailscale`) with the > actual Tailscale IPs, hostnames, and which dirs are shared. File the VPS + each machine in > `infra/` and log it. Tailscale = a WireGuard mesh. Every machine that joins the tailnet gets a stable `100.x` IP and can reach the others directly — **no public ports opened** (all dial outbound). Ideal for: letting people send files to the VPS, pulling files back, or hooking a **company central server** to the VPS. ## 1. Install (each machine + the VPS) - Linux/VPS: `curl -fsSL https://tailscale.com/install.sh | sh` - macOS: `brew install --cask tailscale` (standalone, **not** the App Store build — you need the CLI) - Windows: installer from tailscale.com/download ## 2. Join the tailnet (one account owns it; others are invited/shared) - `sudo tailscale up` (Linux) or open the app (mac) → authenticate in the browser (Google/GitHub). - Headless VPS: `tailscale up` prints a login URL — open it, approve the device. - Confirm: `tailscale status` lists every node + its `100.x` IP. - **Disable key expiry** for always-on nodes (admin console → Machines → ⋯ → Disable key expiry) so the link never drops. ## 3. Two-way access (ssh + rsync over the tailnet) - A → B: `ssh <user>@<B-tailscale-ip>` (the target must have its SSH server / Remote Login on). - macOS target: