Setting up Tailscale on NixOS

Tailscale is packaged in NixOS, starting at version 19.09.

  1. Enable Tailscale in your NixOS configuration, and apply it:

    services.tailscale.enable = true;
    
  2. Connect your machine to your Tailscale network and authenticate in your browser:

    sudo tailscale up
    
  3. You’re connected! You can find your Tailscale IPv4 address by running:

    tailscale ip -4
    

If the device you added is a server or remotely-accessed device, you may want to consider disabling key expiry to prevent the need to periodically re-authenticate.

Using MagicDNS

To set up MagicDNS, you need to set up the MagicDNS nameserver and search domains in your NixOS configuration:

networking.nameservers = [ "100.100.100.100" "8.8.8.8" "1.1.1.1" ];
networking.search = [ "example.com.beta.tailscale.net" ];

Check the DNS page of the admin console in order to figure out the search domain. It will be next to the “MagicDNS” label.

You need at least one entry other than 100.100.100.100 in the nameservers list. The second DNS server will be used for Tailscale to bootstrap its connection.

Last updated

WireGuard is a registered
trademark of Jason A. Donenfeld.

© 2022 Tailscale Inc.

Privacy & Terms