25 KiB
25 KiB
🔗 Tailscale Mesh Network
Overview
All homelab locations are connected via Tailscale, creating a secure mesh VPN that allows seamless access between sites regardless of NAT or firewall configurations.
Total Devices: 28 Headscale nodes across 4 physical locations + cloud + mobile devices.
Control Server: Headscale (self-hosted) on Calypso — headscale.vish.gg
MagicDNS: *.tail.vish.gg (resolved by AdGuard, not native MagicDNS)
DERP Relays: Atlantis (derp-atl.vish.gg), Seattle VPS (derp-sea.vish.gg)
📊 Complete Device Inventory
🟢 Online Nodes (verified 2026-04-18 from Headscale)
Exit Nodes
| Device | Tailscale IP | Type | Location | Notes |
|---|---|---|---|---|
| atlantis | 100.83.230.112 | Synology NAS | Concord | Exit node, Primary NAS |
| calypso | 100.103.48.78 | Synology NAS | Concord | Exit node, Headscale host |
| setillo | 100.125.0.20 | Synology NAS | Tucson | Exit node, off-site backup |
| seattle | 100.82.197.124 | Cloud VPS | Seattle | Exit node, Contabo |
| vish-concord-nuc | 100.72.55.21 | Intel NUC | Concord (Backup ISP) | Exit node |
| homeassistant | 100.112.186.90 | HA Green | Concord | Exit node (via GL-MT3600BE subnet) |
| gl-mt3600be | 100.64.0.10 | GL.iNet Beryl 7 | Remote | Exit node + subnet router 192.168.12.0/24 (replaces GL-MT3000, 2026-04-16) |
| gl-mt3000 | 100.126.243.15 | GL.iNet Beryl AX | Travel | Travel router (exit-node only), repeater behind GL-MT3600BE; LAN 192.168.99.0/24 |
| gl-be3600 | 100.105.59.123 | GL.iNet Slate 7 | Travel | Travel router (exit-node only); intermittently online |
Servers & VMs
| Device | Tailscale IP | Type | Location | Notes |
|---|---|---|---|---|
| homelab | 100.67.40.126 | Proxmox VM | Concord | Primary VM — monitoring, tools, NetBox, Semaphore, Dashboard |
| matrix-ubuntu | 100.85.21.51 | Atlantis VM | Concord | NPM, Matrix, Mastodon, LiveKit, CrowdSec (4 vCPU, 16GB RAM, 1TB disk) |
| pve | 100.87.12.28 | Proxmox Host | Concord | VM hypervisor |
| truenas-scale | 100.75.252.64 | TrueNAS Scale | Concord | Guava, 10GbE, ZFS |
| jellyfish | 100.69.121.120 | Remote workstation | Remote | Behind GL-MT3600BE; LAN backup + photo workflows |
| shinku-ryuu | 100.98.93.15 | Windows | Concord | Desktop workstation, 10GbE |
| moon | 100.64.0.6 | Linux | Honolulu | Sibling's PC (192.168.12.223 behind GL-MT3600BE) |
| pi-5 | 100.77.151.40 | RPi 5 | Concord | Uptime Kuma, monitoring |
Network Devices
| Device | Tailscale IP | Type | Location | Notes |
|---|---|---|---|---|
| headscale-test | 100.64.0.1 | Linux | Concord | Headscale test node |
Mobile
| Device | Tailscale IP | Type | Status |
|---|---|---|---|
| iphone16-pro-max | 100.79.252.108 | iOS | Online |
💤 Offline Nodes
| Device | Tailscale IP | Type | Notes |
|---|---|---|---|
| ipad-pro | 100.68.71.48 | iOS | iPad Pro |
| mah-pc | 100.64.0.4 | Windows | Concord (Backup ISP), sibling's PC |
| mastodon-rocky | 100.64.0.3 | Linux | Legacy, decommissioned |
| olares | 100.64.0.5 | Linux | Olares K8s node (host Tailscale conflicts with K8s pod) |
| uqiyoe | 100.124.91.52 | Windows | Laptop |
| vishdebian | 100.64.0.2 | Linux | Legacy Debian VM |
| pixel-10-pro | 100.64.0.7 | Android | Phone |
| samsung-galaxy-tab-s9 | 100.64.0.8 | Android | Tablet |
| kevins-laptop | 100.64.0.9 | Laptop | Kevin's laptop |
| moon (status) | 100.64.0.6 | — | Currently online; may toggle |
🕸️ Mesh Topology (Mermaid)
graph TB
subgraph Tailscale["🔐 Headscale Mesh Network (28 Nodes)"]
subgraph Concord_Primary["🏠 Concord Primary - 25Gbps Fiber"]
subgraph NAS_Cluster["📦 NAS + VMs"]
A_ATL["🗄️ atlantis<br/>100.83.230.112<br/>⚡ EXIT NODE"]
A_MATRIX["🐧 matrix-ubuntu<br/>100.85.21.51<br/>VM on Atlantis"]
end
A_CAL["🗄️ calypso<br/>100.103.48.78<br/>⚡ EXIT NODE<br/>Headscale host"]
A_GUAVA["💻 guava<br/>100.75.252.64<br/>TrueNAS Scale"]
A_DESKTOP["🖥️ shinku-ryuu<br/>100.98.93.15"]
A_PVE["🖥️ pve<br/>100.87.12.28"]
A_JELLY["🐟 jellyfish<br/>100.69.121.120"]
A_HA["🏠 homeassistant<br/>100.112.186.90<br/>⚡ EXIT NODE<br/>(via GL-MT3600BE)"]
A_PI["🥧 pi-5<br/>100.77.151.40"]
A_GL_BERYL7["📡 gl-mt3600be (Beryl 7)<br/>100.64.0.10<br/>⚡ EXIT NODE<br/>subnet 192.168.12.0/24"]
A_GL_BE["📡 gl-be3600 (Slate 7)<br/>100.105.59.123<br/>⚡ EXIT NODE<br/>travel router"]
A_GL_MT3000["📡 gl-mt3000 (Beryl AX)<br/>100.126.243.15<br/>⚡ EXIT NODE<br/>travel router (repeater on Beryl 7)"]
subgraph Proxmox_VMs["Proxmox VMs"]
A_HLB["homelab<br/>100.67.40.126"]
end
end
subgraph Concord_Backup["🏠 Concord Backup - 2Gbps"]
B_NUC["🖥️ vish-concord-nuc<br/>100.72.55.21<br/>⚡ EXIT NODE"]
B_PI_K["🥧 pi-5-kevin<br/>100.123.246.75"]
B_MAH["💻 mah-pc<br/>100.64.0.4"]
end
subgraph Tucson["🌵 Tucson, AZ"]
T_SET["🗄️ setillo<br/>100.125.0.20<br/>⚡ EXIT NODE"]
end
subgraph Honolulu["🌺 Honolulu, HI"]
H_MOON["💻 moon<br/>100.64.0.6<br/>(aka bluecrownpassionflower)"]
end
subgraph Seattle["🌲 Seattle (Cloud)"]
S_SEA["☁️ seattle<br/>100.82.197.124<br/>⚡ EXIT NODE"]
end
subgraph Mobile["📱 Mobile Devices"]
M_IPHONE["📱 iphone16"]
M_PIXEL["📱 pixel-10-pro"]
M_IPAD["📱 ipad-pro"]
M_TAB["📱 samsung-tablet"]
M_KLAP["💻 kevinlaptop"]
end
end
%% VM relationships
A_ATL -->|"Hosts VM"| A_MATRIX
A_PVE -->|"Hosts VM"| A_HLB
%% Primary mesh connections
A_ATL <-->|"10GbE LAN"| A_CAL
A_ATL <-->|"10GbE LAN"| A_GUAVA
A_ATL <-->|"10GbE LAN"| A_DESKTOP
%% Cross-location Tailscale
A_ATL <-.->|"Tailscale"| T_SET
A_ATL <-.->|"Tailscale"| S_SEA
A_ATL <-.->|"Tailscale"| B_NUC
%% GL router subnets
A_GL_BERYL7 -->|"subnet route"| A_HA
%% Honolulu local
H_MOON <-.->|"Tailscale"| A_ATL
classDef nas fill:#3498db,stroke:#333,stroke-width:2px,color:#fff
classDef exit fill:#e74c3c,stroke:#333,stroke-width:2px,color:#fff
classDef compute fill:#9b59b6,stroke:#333,stroke-width:2px,color:#fff
classDef mobile fill:#1abc9c,stroke:#333,stroke-width:2px,color:#fff
classDef network fill:#f39c12,stroke:#333,stroke-width:2px,color:#fff
class A_ATL,A_CAL,T_SET nas
class S_SEA,B_NUC,A_HA exit
class A_GUAVA,A_DESKTOP,A_PVE,A_HLB,A_MATRIX,A_JELLY compute
class M_IPHONE,M_PIXEL,M_IPAD,M_TAB,M_KLAP mobile
class A_GL_BERYL7,A_GL_BE network
📝 ASCII Tailscale Network Map
╔══════════════════════════════════════════════════════════════════════════════════════════╗
║ HEADSCALE MESH NETWORK (self-hosted Tailscale control server) ║
║ 28 Nodes • 7 Exit Nodes • 4 Locations • Full Mesh ║
║ Control: headscale.vish.gg (Calypso) ║
║ DERP Relays: Atlantis (derp-atl), Seattle VPS (derp-sea) ║
║ DNS: AdGuard resolves *.tail.vish.gg → Tailscale IPs ║
╚══════════════════════════════════════════════════════════════════════════════════════════╝
┌─────────────────┐
│ TAILSCALE │
│ COORDINATION │
│ (DERP Relays) │
└────────┬────────┘
│
┌───────────────────────────────────────┼───────────────────────────────────────┐
│ │ │
▼ ▼ ▼
┌────────────────────────────────────────────────────────────────────────────────────────┐
│ 🏠 CONCORD, CA - PRIMARY (25Gbps Fiber) │
│ ══════════════════════════════════════════════════════════════════════════════════════│
│ │
│ ┌─────────────────────────────────────────────────────────────────────────────────┐ │
│ │ 10GbE BACKBONE (TP-Link TL-SX1008) │ │
│ │ ────────────────────────────────────────────────────────────────────────────── │ │
│ │ │ │
│ │ ┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐ │ │
│ │ │ ⚡ ATLANTIS │ │ ⚡ CALYPSO │ │ GUAVA │ │ │
│ │ │ 100.83.230.112 │ │ 100.103.48.78 │ │ 100.75.252.64 │ │ │
│ │ │ DS1823xs+ │ │ DS723+ │ │ Physical Host │ │ │
│ │ │ EXIT NODE │ │ EXIT NODE │ │ │ │ │
│ │ │ │ │ │ │ │ │ │
│ │ │ ┌─────────────┐ │ │ │ │ │ │ │
│ │ │ │matrix-ubuntu│ │ │ │ │ │ │ │
│ │ │ │100.85.21.51 │ │ │ │ │ │ │ │
│ │ │ │Mastodon/ │ │ │ │ │ │ │ │
│ │ │ │Matrix/MM │ │ │ │ │ │ │ │
│ │ │ └─────────────┘ │ │ │ │ │ │ │
│ │ └─────────────────┘ └─────────────────┘ └─────────────────┘ │ │
│ │ │ │
│ │ ┌─────────────────┐ │ │
│ │ │ SHINKU-RYUU │ Desktop Workstation │ │
│ │ │ 100.98.93.15 │ │ │
│ │ └─────────────────┘ │ │
│ └─────────────────────────────────────────────────────────────────────────────────┘ │
│ │
│ ┌─────────────────────────────────────────────────────────────────────────────────┐ │
│ │ 2.5GbE / 1GbE DEVICES │ │
│ │ ────────────────────────────────────────────────────────────────────────────── │ │
│ │ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌────────────┐ │ │
│ │ │ PVE │ │ JELLYFISH │ │⚡HOMEASSIST │ │ PI-5 │ │ HOMELAB VM │ │ │
│ │ │100.87.12.28 │ │100.69.121.120│ │100.112.186.90│ │100.77.151.40│ │100.67.40.126│ │ │
│ │ │ Proxmox │ │ Server │ │ EXIT NODE │ │ RPi 5 │ │ (on PVE) │ │ │
│ │ │ │ │ │ │via Beryl 7 │ │ │ │ │ │ │
│ │ └─────────────┘ └─────────────┘ └─────────────┘ └─────────────┘ └────────────┘ │ │
│ │ ┌─────────────────────┐ ┌─────────────────────┐ ┌─────────────────────┐ │ │
│ │ │ ⚡ GL-MT3600BE │ │ ⚡ GL-BE3600 │ │ ⚡ GL-MT3000 │ │ │
│ │ │ 100.64.0.10 (Beryl 7)│ │ 100.105.59.123 │ │ 100.126.243.15 │ │ │
│ │ │ EXIT NODE + subnet │ │ EXIT NODE │ │ EXIT NODE │ │ │
│ │ │ 192.168.12.0/24 │ │ travel router │ │ travel (on Beryl 7) │ │ │
│ │ └─────────────────────┘ └─────────────────────┘ └─────────────────────┘ │ │
│ └─────────────────────────────────────────────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────────────────────────────────────┐
│ 🏠 CONCORD BACKUP ISP (2Gbps/500Mbps) │
│ ══════════════════════════════════════════════════════════════════════════════════════│
│ ┌─────────────────────┐ ┌─────────────────────┐ ┌─────────────────────┐ │
│ │ ⚡ VISH-CONCORD-NUC │ │ PI-5-KEVIN │ │ MAH-PC │ │
│ │ 100.72.55.21 │ │ 100.123.246.75 │ │ 100.64.0.4 │ │
│ │ Intel NUC │ │ RPi 5 │ │ Windows PC │ │
│ │ EXIT NODE │ │ │ │ Sibling's PC │ │
│ └─────────────────────┘ └─────────────────────┘ └─────────────────────┘ │
└────────────────────────────────────────────────────────────────────────────────────────┘
◄─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ TAILSCALE MESH ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─►
┌───────────────────────────┐ ┌───────────────────────────┐ ┌───────────────────────────┐
│ 🌵 TUCSON, AZ │ │ 🌺 HONOLULU, HI │ │ 🌲 SEATTLE (CLOUD) │
│ ═════════════════════════│ │ ═════════════════════════│ │ ═════════════════════════│
│ │ │ │ │ │
│ ┌─────────────────────┐ │ │ ┌─────────────────────┐ │ │ ┌─────────────────────┐ │
│ │ ⚡ SETILLO │ │ │ │ MOON (bluecrownpassion) │ │ │ │ ⚡ SEATTLE │ │
│ │ 100.125.0.20 │ │ │ │ 100.64.0.6 — online │ │ │ │ 100.82.197.124 │ │
│ │ DS223j NAS │ │ │ │ │ │ │ │ Contabo VPS │ │
│ │ EXIT NODE │ │ │ └─────────────────────┘ │ │ │ EXIT NODE │ │
│ │ Off-site Backup │ │ │ │ │ └─────────────────────┘ │
│ └─────────────────────┘ │ │ │ │ │
│ │ │ │ └───────────────────────────┘
└───────────────────────────┘ └───────────────────────────┘
┌────────────────────────────────────────────────────────────────────────────────────────┐
│ 📱 MOBILE DEVICES │
│ ══════════════════════════════════════════════════════════════════════════════════════│
│ │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ 📱 iphone16 │ │ 📱 pixel-10 │ │ 📱 ipad-pro │ │ 📱 samsung │ │ 💻 kevinlap │ │
│ │100.79.252.108│ │100.122.119.40│ │100.68.71.48 │ │100.72.118.117│ │100.89.160.65 │ │
│ └──────────────┘ └──────────────┘ └──────────────┘ └──────────────┘ └──────────────┘ │
│ │
└────────────────────────────────────────────────────────────────────────────────────────┘
╔════════════════════════════════════════════════════════════════════════════════════════╗
║ EXIT NODE SUMMARY (9 Total) ║
║ ══════════════════════════ ║
║ • atlantis (100.83.230.112) - Primary exit, Concord 25Gbps ║
║ • calypso (100.103.48.78) - Secondary exit, Concord 25Gbps (Headscale host) ║
║ • setillo (100.125.0.20) - Tucson exit, DS223j off-site NAS ║
║ • seattle (100.82.197.124) - Cloud exit, Contabo VPS Seattle ║
║ • vish-concord-nuc (100.72.55.21) - Backup ISP exit, Concord 2Gbps ║
║ • homeassistant (100.112.186.90) - Home automation exit (via GL-MT3600BE subnet) ║
║ • gl-mt3600be (100.64.0.10) - GL.iNet Beryl 7, subnet 192.168.12.0/24 + exit ║
║ • gl-be3600 (100.105.59.123) - GL.iNet Slate 7, travel router (exit-node only) ║
║ • gl-mt3000 (100.126.243.15) - GL.iNet Beryl AX, travel router (exit-node only) ║
╚════════════════════════════════════════════════════════════════════════════════════════╝
🖥️ Matrix-Ubuntu VM Details
This VM runs on Atlantis (Synology DS1823xs+ via Virtual Machine Manager):
| Specification | Value |
|---|---|
| Hostname | matrix-ubuntu |
| Tailscale IP | 100.85.21.51 |
| LAN IP | 192.168.0.154 |
| OS | Ubuntu 24.04 LTS |
| CPU | 4 vCPU (AMD Ryzen Embedded V1780B) |
| RAM | 16 GB |
| Storage | 1 TB (~1005 GB LV) |
| SSH Port | 22 (via Tailscale or ssh matrix-ubuntu) |
Services Running
| Service | Domain | Status |
|---|---|---|
| Nginx Proxy Manager | npm.vish.gg (:81) | ✅ Running (reverse proxy for all domains, Let's Encrypt wildcards) |
| CrowdSec | — | ✅ Running (nftables bouncer) |
| Mastodon | mastodon.vish.gg | ✅ Running |
| Matrix (Synapse) | mx.vish.gg | ✅ Running |
| LiveKit | livekit.mx.vish.gg | ✅ Running (WebRTC SFU, UDP 50000-50100) |
| PostgreSQL, Redis | - | ✅ Running (shared) |
🔗 Related Diagrams
- Network Topology - Physical network layout
- Service Architecture - How services connect
- Location Overview - Geographic distribution