I spent all day today trying to get the routing to work correctly between Tailscale, Nginx and Adguard.
Basically I wanted to be able to be able to use **http://immich.network ** to route to 192.168.1.2:9000
I wanted to share the steps I took so people don’t have to go through what I did.
First a few things Local Server IP: 192.168.1.2
- I installed Ngnix and Adguard, in a Docker Containers, and gave Adguard IPs 3000, 3001 instead of 80 and 443 because Ngnix took it.
- I went to my router and made it use the DNS: 192.168.1.2
- I configured Proxy Host in Ngnix … immich.network => 192.168.1.2:9000
- I configured DNS rewrite in Adguard … *.network => 192.168.1.2
At this point I was able to use http://immich.network finally. I installed Tailscale to be able to access when I’m outside but http://immich.network didn’t work.
These helped me https://tailscale.com/kb/1019/subnets + https://tailscale.com/kb/1054/dns?q=global+nameserver
- I created a subnet… tailscale up --advertise-routes=192.168.1.0/24
- I approved it on Tailscale login
At this point I was able to access home server using its local IP 192.168.1.2 but I couldn’t get http://immich.network to work.
- I created a nameserver dns with split DNS but I used my local ip… 192.168.1.2 => network
Finally everything is working… I have a feeling that I’m doing it wrong but I’m too tired and it’s finally working.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CA (SSL) Certificate Authority DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web HTTPS HTTP over SSL IP Internet Protocol SSL Secure Sockets Layer, for transparent encryption VPN Virtual Private Network VPS Virtual Private Server (opposed to shared hosting) XMPP Extensible Messaging and Presence Protocol (‘Jabber’) for open instant messaging nginx Popular HTTP server
10 acronyms in this thread; the most compressed thread commented on today has 3 acronyms.
[Thread #719 for this sub, first seen 28th Apr 2024, 06:25] [FAQ] [Full list] [Contact] [Source code]
I also host all my stuff on 192.168.1.2. It’s just my gaming pc with a bunch of services for piracy but it’s good enough until I can build a proper server in the future.
Mine isn’t a proper server, it’s just an old desktop
Hello again.
I’ve gone through your steps outlined in this post now for LAN. I’ve made my own network name .crypt and added *.crypt to Adguard and pointed it at the IP address of Nginx.
I’ve then gone and mapped my local services in Nginx. So radarr.crypt sonarr.crypt plex.crypt etc and mapped them to ports.
Now what I enjoyed was that I had to map Adguard to forward to Nginx, but in Nginx I can use the IP address of anything on my network, not just on the host.
So it’s map Adguard in DNS rewrites to Nginx IP, then map the IP:ports in Proxy Hosts in Nginx.
Now when I use my Tailscale exit node (that I have from Home Assistant) I can use those addresses outside the house.
I have noticed it only works for the .crypt domains, and not .local despite being set up as well. I guess because .local is a special address it is harder to map to Tailscale.
Anyway, it’s working for me after following what you’ve done, I just did less in Tailscale because of the exit node
This exactly what I’m trying to do, get valid https certificates via a domain name on cloudflare. I have nginx proxy manager running and working to serve a couple of sites like home assistant. The problem I’m having is how do I get valid certificates for my internal services via npm but only be able to access them inside my lan not the internet?
I’m running immich on a Debian machine at home. Anyone can point me to a detailed tutorial on how to achieve this including SSL and with no payments or subscriptions needed?
Just follow my steps to achieve this, and the ssl comes after. For SSL follow this https://www.youtube.com/watch?v=qlcVx-k-02E
I just click the “install” button on Yunohost 🤷
I’ve just looked this up. So is Yunohost supposed to replace Proxmox or can I install it as a service in Proxmox? Will it run in Docker?
I’d have a go at installing it if my 10 year old wasn’t saving democracy on my PC at the mo (playing Helldivers 2) there’s no way I can prize him off that just to tinker with and ultimately uninstall, another service for a few hours. I got shit to do today.
No, Proxmox is a hypervisor. This is just a server management tool.
You can install on a Debian 11 VM, absolutely.
I used chatgpt to create the exact steps, commands and configurations I needed for my setup and achieved this the seemingly cheatful way. I used nginx and certbot. Worked like a charm. Congrats!
I used chatgpt to create the exact steps, commands and configurations I needed for my setup and achieved this the seemingly cheatful way. I used nginx and certbot. Worked like a charm. Congrats!
It’s impressive that you was able to get it to help you correctly. It usually just spew things i need to fix that’s why I didn’t ask him, thank you for the tip.
Btw did you use a custom local domain name or did you use an actual domain ?
Thanks, it took some prompts but it worked in the end! I used a few subdomains of an actual domain I use for email…
I just finished the SSL today, but have you gotten Syncthing GUI to work though? I can’t seem to get it to work with the domain for some reason.
Don’t mean to necrobump. But I have Syncthing GUI working over a very similar setup. Let me know if you still need help setting it up.
No, sorry I haven’t tried it with Syncthing. Mainly using it for immich, seafile, a matrix server, some arr apps and a status monitor called dashdot. Would be useful for syncthing though, never thought of trying it - I’ll give it a shot over the weekend and let you know how it goes!
Thank you, looking forward to hearing from you
