tailscale-funnel

Expose local port to internet

$ tailscale funnel [443]

$ tailscale funnel --set-path /api localhost:8080

$ tailscale funnel off

$ tailscale funnel status

tailscale funnel [options] target

tailscale funnel exposes local services to the public internet through your Tailscale node. Unlike tailscale serve which only makes services available within your tailnet, Funnel creates a publicly accessible HTTPS endpoint that anyone on the internet can reach.
Tailscale automatically provisions and manages TLS certificates for the endpoint, so traffic is encrypted without manual certificate setup. Services can be mapped to specific URL paths using --set-path, allowing multiple local services to be exposed under different routes. The off subcommand disables the funnel, and status shows the current configuration.

--set-path path

URL path for service.

Run in background.

Disable funnel.

Show funnel status.

Exposes services to the public internet. Use with caution.

tailscale(1), tailscale-serve(1)