Keep DNS up to date for internal apps

Hi :wave:

I would like to host an internal app inside of tailscale. I started with a prototype to see if it’s possible in the required way. I run a node app on connected to our tailscale network.
That works, great now I can use the ip to connect to the site, next thing I did is add a public DNS record from to the ip address of the app that is only usable when inside the VPN.
Works! Now I can connect to the domain. Adding https also works :partying_face:.
Now the only thing is left, how do I keep the DNS up to date in case I redeploy the app, because Tailscale will give the new app a new IP so every time I deploy I would have to update the DNS record somehow. Is there an easier way to do things?

You can use MagicDNS and our HTTPS system. This is still being tested, but has significant adoption.

If you look under Feature Previews: Tailscale
You can turn on HTTPS

And turn on and configure MagicDNS here Tailscale

Then you have an internal DNS for that host that is based on the hostname, and you can use tailscale cert to get LetsEncrypt SSL certificates for that name.

My internal domain alias is so my computer named sherlock would be reachable at

More information here: Enabling HTTPS · Tailscale

I looked at it but it’s not really what I was looking for because it only works on “random domains”, I would like to use our own domain for this but I think another answer gave me an idea for this (Static IP for exit node), thanks!