介绍
# Tailscale Skill
使用 CLI 进行本地操作,并使用 API 进行全网(tailnet)管理的混合技能。
## 设置
API 配置(可选,用于全网操作):`~/.clawdbot/credentials/tailscale/config.json`
```json { "apiKey": "tskey-api-k...", "tailnet": "-" } ```
从以下位置获取您的 API 密钥:Tailscale Admin Console → Settings → Keys → Generate API Key
`tailnet` 可以是 `-`(自动检测)、您的组织名称或电子邮件域名。
---
## 本地操作 (CLI)
这些操作仅在当前计算机上有效。
### 状态与诊断
```bash # Current status (peers, connection state) tailscale status tailscale status --json | jq '.Peer | to_entries[] | {name: .value.HostName, ip: .value.TailscaleIPs[0], online: .value.Online}'
# Network diagnostics (NAT type, DERP, UDP) tailscale netcheck tailscale netcheck --format=json
# Get this machine's Tailscale IP tailscale ip -4
# Identify a Tailscale IP tailscale whois 100.x.x.x ```
### 连接性
```bash # Ping a peer (shows direct vs relay) tailscale ping <hostname-or-ip>
# Connect/disconnect tailscale up tailscale down
# Use an exit node tailscale up --exit-node=<node-name> tailscale exit-node list tailscale exit-node suggest ```
### 文件传输 (Taildrop)
```bash # Send files to a device tailscale file cp myfile.txt <device-name>:
# Receive files (moves from inbox to directory) tailscale file get ~/Downloads tailscale file get --wait ~/Downloads # blocks until file arrives ```
### 暴露服务
```bash # Share locally within tailnet (private) tailscale serve 3000 tailscale serve https://localhost:8080
# Share publicly to internet tailscale funnel 8080
# Check what's being served tailscale serve status tailscale funnel status ```
### SSH
```bash # SSH via Tailscale (uses MagicDNS) tailscale ssh user@hostname
# Enable SSH server on this machine tailscale up --ssh ```
---
## 全网操作 (API)
这些操作管理您的整个 tailnet。需要 API 密钥。
### 列出所有设备
```bash ./scripts/ts-api.sh devices
# With details ./scripts/ts-api.sh devices --verbose ```
### 设备详情
```bash ./scripts/ts-api.sh device <device-id-or-name> ```
### 检查在线状态
```bash # Quick online check for all devices ./scripts/ts-api.sh online ```
### 授权/删除设备
```bash ./scripts/ts-api.sh authorize <device-id> ./scripts/ts-api.sh delete <device-id> ```
### 设备标签与路由
```bash ./scripts/ts-api.sh tags <device-id> tag:server,tag:prod ./scripts/ts-api.sh routes <device-id> ```
### 认证密钥
```bash # Create a reusable auth key ./scripts/ts-api.sh create-key --reusable --tags tag:server
# Create ephemeral key (device auto-removes when offline) ./scripts/ts-api.sh create-key --ephemeral
# List keys ./scripts/ts-api.sh keys ```
### DNS 管理
```bash ./scripts/ts-api.sh dns # Show DNS config ./scripts/ts-api.sh dns-nameservers # List nameservers ./scripts/ts-api.sh magic-dns on|off # Toggle MagicDNS ```
### ACL
```bash ./scripts/ts-api.sh acl # Get current ACL ./scripts/ts-api.sh acl-validate <file> # Validate ACL file ```
---
## 常见用例
**“现在谁在线?”** ```bash ./scripts/ts-api.sh online ```
**“把这个文件发送到我的手机”** ```bash tailscale file cp document.pdf my-phone: ```
**“公开暴露我的开发服务器”** ```bash tailscale funnel 3000 ```
**“为新服务器创建一个密钥”** ```bash ./scripts/ts-api.sh create-key --reusable --tags tag:server --expiry 7d ```
**“连接是直连还是中继?”** ```bash tailscale ping my-server ```