Document Tailscale integration and improve VM setup documentation

## Changes

### Documentation (SETUP_MULTIPASS.md)
- Add comprehensive Tailscale Integration section with setup instructions
- Document requirement for Tailscale auth key in .env file
- Add step-by-step guide for generating and configuring auth keys
- Include troubleshooting section for common Tailscale issues
- Update health check section to include Tailscale connectivity
- Add manual Tailscale configuration instructions for existing VMs
- Document how to disable Tailscale if not needed
- Update Node.js version from v18+ to v20+ to match current setup

### Key Features Documented
1. **Tailscale Auth Key Setup**
   - Generate ephemeral keys from Tailscale admin
   - Configure in .env file (TAILSCALE_AUTH_KEY)
   - Automatic loading by multipass.sh

2. **VM Access via Tailscale**
   - SSH access from any device on tailnet
   - Use Tailscale IPs or hostnames
   - Remote access without port forwarding

3. **Troubleshooting Guide**
   - Auth key expiration/invalid key errors
   - VM not appearing in Tailscale admin
   - Manual configuration commands

4. **Health Checks**
   - Added Tailscale connectivity verification
   - Updated to reflect Docker running (not just installed)
   - Manual health check commands

## Testing
- Successfully tested with 3 VMs (main, develop, feature branch)
- All VMs connected to Tailscale network
- Verified remote access via Tailscale IPs
- Confirmed health checks pass on all VMs

## Related
- Tailscale integration already implemented in tools/multipass.sh
- .env file updated with new auth key (not committed for security)
- VM launcher fully integrated with ./start command

Author: mvalancy

.graphdone-cloud-init.yml

@@ -59,7 +59,7 @@ runcmd:
   # Clone GraphDone repository
   - echo "=== Cloning GraphDone repository ==="
   - chown -R ubuntu:ubuntu /home/ubuntu
-  - su ubuntu -c "git clone -b develop https://github.com/GraphDone/GraphDone-Core.git /home/ubuntu/graphdone"
+  - su ubuntu -c "git clone -b feature/quick-start-graph-creation https://github.com/GraphDone/GraphDone-Core.git /home/ubuntu/graphdone"
   # Setup GraphDone
   - echo '=== Setting up GraphDone ==='
   - su ubuntu -c 'export HOME=/home/ubuntu && cd /home/ubuntu/graphdone && ./start setup'
@@ -76,7 +76,7 @@ runcmd:
   # Final setup
   - echo "=== GraphDone VM Setup Complete ==="
   - echo "GraphDone is installed at /home/ubuntu/graphdone"
-  - echo "To access - multipass shell graphdone-vm-vibrant-phoenix-8602"
+  - echo "To access - multipass shell graphdone-quick-start"
   - echo "Web UI will be available at http://localhost:3127"
   - echo "GraphQL API at http://localhost:4127/graphql"
   - echo "Neo4j Browser at http://localhost:7474"

SETUP_MULTIPASS.md

@@ -47,13 +47,24 @@ This will:
 The VM launcher automatically runs health checks after provisioning to verify:
 
 - ✅ GraphDone code cloned successfully
-- ✅ Node.js installed (v18+)
+- ✅ Node.js installed (v20+)
 - ✅ npm dependencies installed
 - ✅ Playwright browsers installed
-- ✅ Docker installed (optional)
+- ✅ Docker installed and running
+- ✅ Tailscale connected (if enabled)
 
 The health check output is displayed automatically after launch.
 
+You can also run health checks manually on existing VMs:
+
+```bash
+# Run comprehensive health check
+multipass exec <vm-name> -- bash -c 'cd ~/graphdone && npm run test'
+
+# Check Tailscale status
+multipass exec <vm-name> -- tailscale status
+```
+
 ---
 
 ## Complete Usage Guide
@@ -124,6 +135,99 @@ GraphQL API:  http://<vm-ip>:4127/graphql
 Neo4j Browser: http://<vm-ip>:7474
 ```
 
+---
+
+## Tailscale Integration
+
+VMs are automatically connected to your Tailscale network for remote access from any device.
+
+### Setup Tailscale Auth Key
+
+**Required:** You must configure a Tailscale auth key before launching VMs.
+
+1. **Generate an auth key** at https://login.tailscale.com/admin/settings/keys
+   - ✅ Check "Ephemeral" (VMs are temporary)
+   - ✅ Set expiration (90 days recommended)
+   - ✅ Copy the key (starts with `tskey-auth-...`)
+
+2. **Add the key to .env file:**
+   ```bash
+   # Edit .env and add:
+   TAILSCALE_AUTH_KEY=tskey-auth-YOUR_KEY_HERE
+   ```
+
+3. **Verify it's loaded:**
+   ```bash
+   source .env
+   echo $TAILSCALE_AUTH_KEY
+   ```
+
+### Accessing VMs via Tailscale
+
+Once a VM is launched with Tailscale configured:
+
+```bash
+# Get Tailscale IP
+multipass exec <vm-name> -- tailscale ip -4
+
+# SSH via Tailscale (from any device on your tailnet)
+ssh ubuntu@<tailscale-ip>
+
+# Or use the hostname
+ssh ubuntu@<vm-name>.your-tailnet.ts.net
+```
+
+### Tailscale Status Check
+
+```bash
+# Check if Tailscale is connected
+multipass exec <vm-name> -- tailscale status
+
+# Get Tailscale IP
+multipass exec <vm-name> -- tailscale ip -4
+
+# View all devices on your tailnet
+multipass exec <vm-name> -- tailscale status
+```
+
+### Manually Configure Tailscale on Existing VM
+
+If a VM was launched before Tailscale was configured:
+
+```bash
+# Source the .env with your auth key
+source .env
+
+# Configure Tailscale on the VM
+multipass exec <vm-name> -- sudo tailscale up \
+  --authkey="$TAILSCALE_AUTH_KEY" \
+  --accept-routes \
+  --accept-dns=false \
+  --shields-up=false
+```
+
+### Disabling Tailscale
+
+If you don't need Tailscale, disable it in `vm.config.yml`:
+
+```yaml
+tailscale:
+  enabled: false  # Change from true to false
+```
+
+### Troubleshooting Tailscale
+
+**Error: "invalid key: API key ... not valid"**
+- Your Tailscale auth key has expired
+- Generate a new key at https://login.tailscale.com/admin/settings/keys
+- Update `.env` with the new key
+- Relaunch VMs or manually reconfigure existing ones
+
+**VM not showing in Tailscale admin:**
+- Check if Tailscale is running: `multipass exec <vm-name> -- systemctl status tailscaled`
+- Check logs: `multipass exec <vm-name> -- journalctl -u tailscaled -n 50`
+- Verify auth key is set: `source .env && echo $TAILSCALE_AUTH_KEY`
+
 ### Troubleshooting
 
 **VM stuck in "Starting" state:**