Running AI workloads across multiple machines without a proper network is chaos. Tailscale turned our 3-machine setup into something that feels like a single system.
The setup
- BB1: Windows 11 desktop, main dev machine
- Patriot: Pop!_OS ThinkPad, always-on relay and command node
- Patriot mini: Pop!_OS secondary node
The goal: any machine can reach any other machine securely, without port forwarding, without a VPN server to maintain, and without exposing anything to the public internet.
Why Tailscale
Tailscale is WireGuard with a control plane. WireGuard is the fastest, most secure VPN protocol available. Tailscale adds device auth, key management, and a coordination server so you don't have to run your own. The result is a zero-config mesh where every device gets a stable IP (100.x.x.x) and can reach every other device directly.
Setup steps
- 1.Install Tailscale on each machine (Windows, Linux — same process)
- 2.Run "tailscale up" and authenticate each device to the same account
- 3.That's it. Seriously.
Every machine now has a stable Tailscale IP. BB1 is 100.86.148.80. Patriot is 100.100.226.47. They can ping each other, SSH to each other, and stream data between each other without any router config.
What we built on top
Once the mesh was up, we added:
- staros_forwarder.py: A lightweight Python service that streams session events from each machine to Patriot's SQLite database
- PatriotOS dashboard: Flask app on Patriot that aggregates all machine activity into one view
- Auto-start on boot: systemd service on Linux, Task Scheduler on Windows
Claude Code on BB1 can now SSH into Patriot and run commands, read logs, and push updates — all over the Tailscale mesh, all authenticated, all encrypted.
The gotcha
Tailscale auto-starts on Linux with systemd. On Windows, you need to configure it to start before login, not after — otherwise the mesh is down until you log in. Set it as a Windows Service, not a startup app.
Result
Our AI lab went from "3 machines that need manual coordination" to "one logical system with a single address space." The operational overhead dropped significantly. Highly recommended for anyone running multi-machine AI workflows.