# π Tailscale Mesh Network
## Overview
All homelab locations are connected via Tailscale, creating a secure mesh VPN that allows seamless access between sites regardless of NAT or firewall configurations.
**Total Devices: 24 Headscale nodes** across 4 physical locations + cloud + mobile devices.
**Control Server:** Headscale (self-hosted) on Calypso β `headscale.vish.gg`
**MagicDNS:** `*.tail.vish.gg` (resolved by AdGuard, not native MagicDNS)
**DERP Relays:** Home (Calypso), Atlantis, Seattle VPS
---
## π Complete Device Inventory
### π’ Online Nodes (verified 2026-03-21 from Headscale)
#### Exit Nodes
| Device | Tailscale IP | Type | Location | Notes |
|--------|--------------|------|----------|-------|
| **atlantis** | 100.83.230.112 | Synology NAS | Concord | Exit node, Primary NAS |
| **calypso** | 100.103.48.78 | Synology NAS | Concord | Exit node, Headscale host |
| **setillo** | 100.125.0.20 | Synology NAS | Tucson | Exit node, off-site backup |
| **seattle** | 100.82.197.124 | Cloud VPS | Seattle | Exit node, Contabo |
| **vish-concord-nuc** | 100.72.55.21 | Intel NUC | Concord (Backup ISP) | Exit node |
| **homeassistant** | 100.112.186.90 | HA Green | Concord | Exit node (via GL-MT3000) |
| **gl-be3600** | 100.105.59.123 | GL.iNet Router | Concord | Exit node, subnet 192.168.8.0/24 |
#### Servers & VMs
| Device | Tailscale IP | Type | Location | Notes |
|--------|--------------|------|----------|-------|
| **homelab** | 100.67.40.126 | Proxmox VM | Concord | Primary VM β monitoring, tools, NetBox, Semaphore |
| **matrix-ubuntu** | 100.85.21.51 | Atlantis VM | Concord | NPM, Mastodon, Matrix, Mattermost |
| **pve** | 100.87.12.28 | Proxmox Host | Concord | VM hypervisor |
| **truenas-scale** | 100.75.252.64 | TrueNAS Scale | Concord | Guava, 10GbE, ZFS |
| **jellyfish** | 100.69.121.120 | RPi 5 | Concord | PhotoPrism, 4TB LUKS NVMe |
| **shinku-ryuu** | 100.98.93.15 | Windows | Concord | Desktop workstation, 10GbE |
| **moon** | 100.64.0.6 | Linux | Honolulu | Sibling's PC (aka bluecrownpassionflower) |
| **pi-5** | 100.77.151.40 | RPi 5 | Concord | Uptime Kuma, monitoring |
#### Network Devices
| Device | Tailscale IP | Type | Location | Notes |
|--------|--------------|------|----------|-------|
| **gl-mt3000** | 100.126.243.15 | GL.iNet Router | Concord | HA subnet 192.168.12.0/24 |
| **headscale-test** | 100.64.0.1 | Linux | Concord | Headscale test node |
#### Mobile
| Device | Tailscale IP | Type | Status |
|--------|--------------|------|--------|
| **iphone16-pro-max** | 100.79.252.108 | iOS | Online |
### π€ Offline Nodes
| Device | Tailscale IP | Type | Notes |
|--------|--------------|------|-------|
| **gl-be3600** | 100.105.59.123 | GL.iNet Router | Frequently offline |
| **ipad-pro** | 100.68.71.48 | iOS | iPad Pro |
| **mah-pc** | 100.64.0.4 | Windows | Concord (Backup ISP), sibling's PC |
| **mastodon-rocky** | 100.64.0.3 | Linux | Legacy, decommissioned |
| **olares** | 100.64.0.5 | Linux | Olares K8s node (host Tailscale conflicts with K8s pod) |
| **uqiyoe** | 100.124.91.52 | Windows | Laptop |
| **vishdebian** | 100.64.0.2 | Linux | Legacy Debian VM |
---
## πΈοΈ Mesh Topology (Mermaid)
```mermaid
graph TB
subgraph Tailscale["π Headscale Mesh Network (24 Nodes)"]
subgraph Concord_Primary["π Concord Primary - 25Gbps Fiber"]
subgraph NAS_Cluster["π¦ NAS + VMs"]
A_ATL["ποΈ atlantis
100.83.230.112
β‘ EXIT NODE"]
A_MATRIX["π§ matrix-ubuntu
100.85.21.51
VM on Atlantis"]
end
A_CAL["ποΈ calypso
100.103.48.78
β‘ EXIT NODE
Headscale host"]
A_GUAVA["π» guava
100.75.252.64
TrueNAS Scale"]
A_DESKTOP["π₯οΈ shinku-ryuu
100.98.93.15"]
A_PVE["π₯οΈ pve
100.87.12.28"]
A_JELLY["π jellyfish
100.69.121.120"]
A_HA["π homeassistant
100.112.186.90
β‘ EXIT NODE
(via GL-MT3000)"]
A_PI["π₯§ pi-5
100.77.151.40"]
A_GL_MT["π‘ gl-mt3000
100.126.243.15
subnet 192.168.12.0/24"]
A_GL_BE["π‘ gl-be3600
100.105.59.123
β‘ EXIT NODE
subnet 192.168.8.0/24"]
subgraph Proxmox_VMs["Proxmox VMs"]
A_HLB["homelab
100.67.40.126"]
end
end
subgraph Concord_Backup["π Concord Backup - 2Gbps"]
B_NUC["π₯οΈ vish-concord-nuc
100.72.55.21
β‘ EXIT NODE"]
B_PI_K["π₯§ pi-5-kevin
100.123.246.75"]
B_MAH["π» mah-pc
100.64.0.4"]
end
subgraph Tucson["π΅ Tucson, AZ"]
T_SET["ποΈ setillo
100.125.0.20
β‘ EXIT NODE"]
end
subgraph Honolulu["πΊ Honolulu, HI"]
H_MOON["π» moon
100.64.0.6
(aka bluecrownpassionflower)"]
end
subgraph Seattle["π² Seattle (Cloud)"]
S_SEA["βοΈ seattle
100.82.197.124
β‘ EXIT NODE"]
end
subgraph Mobile["π± Mobile Devices"]
M_IPHONE["π± iphone16"]
M_PIXEL["π± pixel-10-pro"]
M_IPAD["π± ipad-pro"]
M_TAB["π± samsung-tablet"]
M_KLAP["π» kevinlaptop"]
end
end
%% VM relationships
A_ATL -->|"Hosts VM"| A_MATRIX
A_PVE -->|"Hosts VM"| A_HLB
%% Primary mesh connections
A_ATL <-->|"10GbE LAN"| A_CAL
A_ATL <-->|"10GbE LAN"| A_GUAVA
A_ATL <-->|"10GbE LAN"| A_DESKTOP
%% Cross-location Tailscale
A_ATL <-.->|"Tailscale"| T_SET
A_ATL <-.->|"Tailscale"| S_SEA
A_ATL <-.->|"Tailscale"| B_NUC
%% GL router subnets
A_GL_MT -->|"subnet route"| A_HA
%% Honolulu local
H_MOON <-.->|"Tailscale"| A_ATL
classDef nas fill:#3498db,stroke:#333,stroke-width:2px,color:#fff
classDef exit fill:#e74c3c,stroke:#333,stroke-width:2px,color:#fff
classDef compute fill:#9b59b6,stroke:#333,stroke-width:2px,color:#fff
classDef mobile fill:#1abc9c,stroke:#333,stroke-width:2px,color:#fff
classDef network fill:#f39c12,stroke:#333,stroke-width:2px,color:#fff
class A_ATL,A_CAL,T_SET nas
class S_SEA,B_NUC,A_HA exit
class A_GUAVA,A_DESKTOP,A_PVE,A_HLB,A_MATRIX,A_JELLY compute
class M_IPHONE,M_PIXEL,M_IPAD,M_TAB,M_KLAP mobile
class A_GL_MT,A_GL_BE network
```
---
## π ASCII Tailscale Network Map
```
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β HEADSCALE MESH NETWORK (self-hosted Tailscale control server) β
β 24 Nodes β’ 7 Exit Nodes β’ 4 Locations β’ Full Mesh β
β Control: headscale.vish.gg (Calypso) β
β DERP Relays: Home (Calypso), Atlantis, Seattle VPS β
β DNS: AdGuard resolves *.tail.vish.gg β Tailscale IPs β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βββββββββββββββββββ
β TAILSCALE β
β COORDINATION β
β (DERP Relays) β
ββββββββββ¬βββββββββ
β
βββββββββββββββββββββββββββββββββββββββββΌββββββββββββββββββββββββββββββββββββββββ
β β β
βΌ βΌ βΌ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β π CONCORD, CA - PRIMARY (25Gbps Fiber) β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β 10GbE BACKBONE (TP-Link TL-SX1008) β β
β β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β
β β β β
β β βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ β β
β β β β‘ ATLANTIS β β β‘ CALYPSO β β GUAVA β β β
β β β 100.83.230.112 β β 100.103.48.78 β β 100.75.252.64 β β β
β β β DS1823xs+ β β DS723+ β β Physical Host β β β
β β β EXIT NODE β β EXIT NODE β β β β β
β β β β β β β β β β
β β β βββββββββββββββ β β β β β β β
β β β βmatrix-ubuntuβ β β β β β β β
β β β β100.85.21.51 β β β β β β β β
β β β βMastodon/ β β β β β β β β
β β β βMatrix/MM β β β β β β β β
β β β βββββββββββββββ β β β β β β β
β β βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ β β
β β β β
β β βββββββββββββββββββ β β
β β β SHINKU-RYUU β Desktop Workstation β β
β β β 100.98.93.15 β β β
β β βββββββββββββββββββ β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β 2.5GbE / 1GbE DEVICES β β
β β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β
β β βββββββββββββββ βββββββββββββββ βββββββββββββββ βββββββββββββββ ββββββββββββββ β β
β β β PVE β β JELLYFISH β ββ‘HOMEASSIST β β PI-5 β β HOMELAB VM β β β
β β β100.87.12.28 β β100.69.121.120β β100.112.186.90β β100.77.151.40β β100.67.40.126β β β
β β β Proxmox β β Server β β EXIT NODE β β RPi 5 β β (on PVE) β β β
β β β β β β βvia GL-MT3000β β β β β β β
β β βββββββββββββββ βββββββββββββββ βββββββββββββββ βββββββββββββββ ββββββββββββββ β β
β β βββββββββββββββββββββββ βββββββββββββββββββββββ β β
β β β β‘ GL-BE3600 β β GL-MT3000 β β β
β β β 100.105.59.123 β β 100.126.243.15 β β β
β β β EXIT NODE β β HA subnet router β β β
β β β 192.168.8.0/24 β β 192.168.12.0/24 β β β
β β βββββββββββββββββββββββ βββββββββββββββββββββββ β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β π CONCORD BACKUP ISP (2Gbps/500Mbps) β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β βββββββββββββββββββββββ βββββββββββββββββββββββ βββββββββββββββββββββββ β
β β β‘ VISH-CONCORD-NUC β β PI-5-KEVIN β β MAH-PC β β
β β 100.72.55.21 β β 100.123.246.75 β β 100.64.0.4 β β
β β Intel NUC β β RPi 5 β β Windows PC β β
β β EXIT NODE β β β β Sibling's PC β β
β βββββββββββββββββββββββ βββββββββββββββββββββββ βββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββ β β β β β β β β β β β β β TAILSCALE MESH β β β β β β β β β β β β β ββΊ
βββββββββββββββββββββββββββββ βββββββββββββββββββββββββββββ βββββββββββββββββββββββββββββ
β π΅ TUCSON, AZ β β πΊ HONOLULU, HI β β π² SEATTLE (CLOUD) β
β ββββββββββββββββββββββββββ β ββββββββββββββββββββββββββ β ββββββββββββββββββββββββββ
β β β β β β
β βββββββββββββββββββββββ β β βββββββββββββββββββββββ β β βββββββββββββββββββββββ β
β β β‘ SETILLO β β β β MOON (bluecrownpassion) β β β β β‘ SEATTLE β β
β β 100.125.0.20 β β β β 100.64.0.6 β online β β β β 100.82.197.124 β β
β β DS223j NAS β β β β β β β β Contabo VPS β β
β β EXIT NODE β β β βββββββββββββββββββββββ β β β EXIT NODE β β
β β Off-site Backup β β β β β βββββββββββββββββββββββ β
β βββββββββββββββββββββββ β β β β β
β β β β βββββββββββββββββββββββββββββ
βββββββββββββββββββββββββββββ βββββββββββββββββββββββββββββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β π± MOBILE DEVICES β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β β π± iphone16 β β π± pixel-10 β β π± ipad-pro β β π± samsung β β π» kevinlap β β
β β100.79.252.108β β100.122.119.40β β100.68.71.48 β β100.72.118.117β β100.89.160.65 β β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β EXIT NODE SUMMARY (6 Total) β
β ββββββββββββββββββββββββββ β
β β’ atlantis (100.83.230.112) - Primary exit, Concord 25Gbps β
β β’ calypso (100.103.48.78) - Secondary exit, Concord 25Gbps (Headscale host) β
β β’ setillo (100.125.0.20) - Tucson exit, DS223j off-site NAS β
β β’ seattle (100.82.197.124) - Cloud exit, Contabo VPS Seattle β
β β’ vish-concord-nuc (100.72.55.21) - Backup ISP exit, Concord 2Gbps β
β β’ homeassistant (100.112.186.90) - Home automation exit (via GL-MT3000 subnet) β
β β’ gl-be3600 (100.105.59.123) - GL.iNet router exit, subnet 192.168.8.0/24 β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
```
---
## π₯οΈ Matrix-Ubuntu VM Details
This VM runs on **Atlantis** (Synology DS1823xs+ via Virtual Machine Manager):
| Specification | Value |
|---------------|-------|
| **Hostname** | matrix-ubuntu |
| **Tailscale IP** | 100.85.21.51 |
| **LAN IP** | 192.168.0.154 |
| **OS** | Ubuntu 24.04.3 LTS |
| **CPU** | 4 cores (AMD Ryzen Embedded V1780B) |
| **RAM** | 8GB (7.7GB usable) |
| **Storage** | 100GB (87GB available) |
| **SSH Port** | 65533 |
### Services Running
| Service | Domain | Status |
|---------|--------|--------|
| **Nginx Proxy Manager** | npm.vish.gg (:81) | β
Running (reverse proxy for all domains) |
| Mastodon | mastodon.vish.gg | β
Running |
| Mattermost | mm.crista.love | β
Running |
| Matrix (Synapse) | mx.vish.gg | β
Running |
| LiveKit | livekit.mx.vish.gg | β
Running |
| PostgreSQL | - | β
Running |
| Redis | - | β
Running |
---
## π Related Diagrams
- [Network Topology](network-topology.md) - Physical network layout
- [Service Architecture](service-architecture.md) - How services connect
- [Location Overview](location-overview.md) - Geographic distribution