[tailscale]

Installing tailscale add-on

Settings → Add-ons → Add-on store → Search tailscale → install

Logging into a [tailscale] virtual network

Open web UI → connect (login/authenticate with your [tailscale] account)

Right now, you will have a homeassistant machine in your tailnet console. Add you can access your homeassistant using the [tailscale] ip and/or domain with a 8123 port through an HTTP connection (default) in the devices whose connected with your tailnet. While if you want to visit your homeassistant through an HTTPS connection and from devices without installed [tailscale] vpn client, you have to dive more deep.

Enabling HTTPS

Add the following lines in your configuration.yaml:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 127.0.0.1

Reload configuration.yaml: Developer tools → Restart → Quick reload

Settings → Add-ons → Tailscale → Configuration → Show unused optional configureation options → Share Home Assistant with Serve or Funnel → choose serve → save → Restart the add-on

Navigate to your tailnet DNS page of the admin console:

Enable MagicDNS under MagicDNS section if not already enabled
Enable HTTPS under HTTPS Certificates section

Now, you can access homeassistant using the full domain through an HTTPS and WITHOUT a port number in the devices connected to tailnet.

While, if you want to access using the tailnet ip, you have to using the HTTP connection with the 8123 port.

Configing Tailscale Funnel

Add a Funnel node attribute following the guide.

Open the Node attributes on the Access controls page of the admin console.
Add node attribute, then choose targets and attributes.

And go back to Share Home Assistant with Serve or Funnel on configuration page of tailscale add-on. Choose funnel, save, and restart the add-on.

Now, you can access homeassistant using the full domain through an HTTPS and WITHOUT a port number in any devices whether it did or didn’t connect your tailnet.