Portainer
Portainer runs on the tools VPS (100.81.122.65:9000). A Portainer agent runs on the web VPS (port 9001, bound to the Tailscale interface).
Access
Portainer UI: http://100.81.122.65:9000 — Tailscale access required.
Dashboard integration
The Portainer API at 100.81.122.65:9000 is reachable from the tools VPS but not from the web VPS’s Docker containers (different Tailscale node, bridge network isolation). The dashboard uses a fallback strategy:
- Try Portainer REST API (
PORTAINER_URL+PORTAINER_TOKEN) - If unreachable → fall back to Docker socket (
/var/run/docker.sock)
This means the Portainer widget and page show real container data via the socket fallback even when the Portainer API is unavailable.
Configuration
PORTAINER_URL=http://100.81.122.65:9000PORTAINER_TOKEN=<portainer_api_token>Generate the API token: Portainer UI → User settings → Access tokens.
Known limitation
Container actions (start/stop/restart) via the dashboard use the Docker socket directly on the web VPS — they only affect containers on that host. Cross-host container management requires the Portainer UI directly.