Tailscale setup
Tailscale is how we recommend exposing a self-hosted Gray to your phone. It’s free for personal use, takes 5 minutes, and gives you a real HTTPS URL that only your devices can reach.
Today, self-hosted Gray requires Tailscale. We plan to support Cloudflare Tunnel, WireGuard, and existing VPNs later, but v1 is Tailscale-only.
On the server
Section titled “On the server”curl -fsSL https://tailscale.com/install.sh | shsudo tailscale upSign in with the account you’ll use on your phone.
On your phone
Section titled “On your phone”Install the Tailscale app. Sign in with the same account.
Enable MagicDNS and HTTPS
Section titled “Enable MagicDNS and HTTPS”In the Tailscale admin console:
- Enable MagicDNS.
- Enable HTTPS Certificates.
Now your server has a https://<host>.<tailnet>.ts.net URL that resolves
on every device in your tailnet — including your phone.
If you used the Ubuntu installer
Section titled “If you used the Ubuntu installer”sudo ./install.sh does all of this for you and prints the final URL.
Connect Gray
Section titled “Connect Gray”Open the native app → Settings → I run my own instance → paste your tailnet URL.
Troubleshooting
Section titled “Troubleshooting”tailscale servefailed — enable HTTPS Certificates and MagicDNS in the admin console, then re-run the printed command.- Port 443 busy — re-run with
--https-port 8443. - Can’t reach from phone — check the Tailscale app is on and signed into the same account. Tap the server in your machine list.