It's a wrapper around Wireguard that lets you use common SSO providers (Apple ID, Google, etc) to manage access.
It also handles looking up the IP address of your "nodes" through their servers, so you don't need to host a domain/dns to find the WAN IP of your home network when you're external to it (this is assuming you don't pay for a fixed IP).
Most people put an instance of it on a home server or NAS, and then they can use the very well designed and easy to use iOS/mac/etc client to access their home network when away.
You can route all traffic through it, so basically your device operates as if you're on your home network.
You can accomplish all of this stuff (setting up a VPN to your home network, DNS lookup to your home network) without Tailscale, but it makes it so much easier.
TS makes it super easy to use a VPC I have in the US as my VPN exit while I live in other parts of the world. Apps that work on phones, computers, and my AppleTV are big pluses over Wireguard which I have also used.
I was still completely mystified until your last sentence. And now I'm just mostly mystified. I, too, keep hearing Tailscale Tailscale Tailscale from HN commenters but have no idea why I'd need it. For anything I need to access on (or from) my home network I just use a VPN I've hosted in my home for the last decade or so.
If you've already got a VPN solution your happy with, Tailscale probably adds very little value for you. It's just basically the easiest / most user friendly way to setup a VPN to your home network.
It can do way more than just being a VPN-to-home, but that's how most users use the free part.
It's still valuable. You can access your server with your own VPN set up, but what if you want to share a server to a friend or a family member (examples includes VaultWarden/Bitwarden, Plex, Jellyfin)?
If this is on Tailscale, you can just ask people to install tailscale client and login using one of the IdP, then ask them to accept the node you shared to them, and they can immediately access the server.
The alternative would be 1) sending VPN configs over and maybe also configure their VPN client for them, or 2) expose the service on the Internet protected by some OAuth proxy which really only works for web apps. Neither is easy/trivial.
I'd guess a plurality of people are only sharing Plex with family members, and nothing else. If you only care about sharing Plex, you don't need Tailscale to give a family member access, assuming you have Plex Pass, since Plex does a proxy as you describe.
It also handles looking up the IP address of your "nodes" through their servers, so you don't need to host a domain/dns to find the WAN IP of your home network when you're external to it (this is assuming you don't pay for a fixed IP).
Most people put an instance of it on a home server or NAS, and then they can use the very well designed and easy to use iOS/mac/etc client to access their home network when away.
You can route all traffic through it, so basically your device operates as if you're on your home network.
You can accomplish all of this stuff (setting up a VPN to your home network, DNS lookup to your home network) without Tailscale, but it makes it so much easier.