Add tags to Tailscale Machines

Add tags to Tailscale Machines

On Tailscale, after adding some machines to the dashboard, by default, there are no tags attached to your machines.

Tailscale machine with no tags

With tags, you can know exactly what each of your machine's purposes or more like identity, such as tags :

  • production
  • development
  • countries or region
  • work or home
  • etc

Example :

The difference between tailscale connected machines with tags and no tags

Add ACL Tags

So, in case you want to add tags to your tailscale machines on the dashboard, you can follow these steps :

  1. Login to your tailscale dashboard.
  2. Navigate to the Access Controls menu.
  3. Add tagOwners ACL right after ssh block
	"tagOwners": {
		"tag:prod":       [""],
		"tag:dev":        [""],
		"tag:cli":        [""]

Click save.

Applying tags

To apply tags, you can do it on the dashboard by clicking the Edit ACL tags on each machine and then choosing desired tags.

add tags to each connected machine.

or you can edit ACL tags on CLI (SSH) by readvertise it with your new tags.

sudo tailscale up --advertise-tags=tag:server,tag:development

and then you need to re-authenticate as stated on CLI.

This tutorial actually has been written on their documentation :

Server role accounts using ACL tags
Learn how ACL tags let you assign an identity to a device and use that identity as part of an ACL to restrict access.

And this post more like a personal note to myself,  because on the first i didn't follow the documentation and faced this problem 💤 :

root@snakeman:~# sudo tailscale up --advertise-tags=tag:cyberpanel,tag:production,tag:jp

To authenticate, visit:

backend error: requested tags [tag:cyberpanel tag:production tag:jp] are invalid or not permitted

which I should add ACL Tags first on Tailscale's dashboard : Access Control menu 😁

If you don't know about what Tailscale before, you may read my another post or Tailscale official website.

Thanks for reading!