this post was submitted on 28 Apr 2024
285 points (98.0% liked)

Selfhosted

40006 readers
538 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I spent all day today trying to get the routing to work correctly between Tailscale, Nginx and Adguard.

Basically I wanted to be able to be able to use **http://immich.network ** to route to 192.168.1.2:9000

I wanted to share the steps I took so people don't have to go through what I did.

First a few things Local Server IP: 192.168.1.2

  1. I installed Ngnix and Adguard, in a Docker Containers, and gave Adguard IPs 3000, 3001 instead of 80 and 443 because Ngnix took it.
  2. I went to my router and made it use the DNS: 192.168.1.2
  3. I configured Proxy Host in Ngnix ..... immich.network => 192.168.1.2:9000
  4. I configured DNS rewrite in Adguard .... *.network => 192.168.1.2

At this point I was able to use http://immich.network finally. I installed Tailscale to be able to access when I'm outside but http://immich.network didn't work.

These helped me https://tailscale.com/kb/1019/subnets + https://tailscale.com/kb/1054/dns?q=global+nameserver

  1. I created a subnet..... tailscale up --advertise-routes=192.168.1.0/24
  2. I approved it on Tailscale login

At this point I was able to access home server using its local IP 192.168.1.2 but I couldn't get http://immich.network to work.

  1. I created a nameserver dns with split DNS but I used my local ip.. 192.168.1.2 => network

Finally everything is working.. I have a feeling that I'm doing it wrong but I'm too tired and it's finally working.

you are viewing a single comment's thread
view the rest of the comments
[–] Mir@programming.dev 12 points 6 months ago* (last edited 6 months ago) (8 children)

Thank you for the* so much wanted advice, it's one of the reasons I actually posted this, to get advices on how to do things better.

I've been trying to do that for a specific service running (firefly) but I can't figure out what to do exactly, about the domain name, Is there a way to do that without one?

[–] Lifebandit666@feddit.uk 5 points 6 months ago (5 children)

You can get pretty cheap domain names if you google around. I managed to get mine for £35 for a number of years (3 I think, I was high when I set it up) and got a .com name out of that.

You could look into DuckDNS. I know I used them many moons ago for Home Assistant but can't quite remember what the capabilities were, I just remember it was free and a bit rubbish. But as a stopgap it works.

Try that for a bit until you have a few quid spare, then get yourself a domain name paid for a while.

[–] toffi@feddit.de 4 points 6 months ago (3 children)

I used dynv6.com to get a free subdomain e. g. [name].dynv6.net and then a swag docker to do the reverse proxy subfolder->dockerport matching. Trafic in my home network is http and the swag ports are the only one exposed to the public. When I find the time I'll do in depth setup guide including the ipv6 setup problems.

[–] Mir@programming.dev 2 points 6 months ago (1 children)

ok I just did that and my problem is that I wanted to access my services with a custom domain like .homes

Now I need to access them for x.y.duckdns.org

[–] Lifebandit666@feddit.uk 0 points 6 months ago* (last edited 6 months ago) (1 children)

Have a look into Heimdall or Homarr. Much easier, don't need to worry about addresses at all. Single set up and add Tailscale exit node for external access.

I've been fiddling with it again today and (using Homarr) my only services that don't work when I access through Tailscale are the ones I use names for (are.local, server.local, etc) and I can access them when I use the IP:port so when I get home I'll just change them to IP:port on Homarr and I'll be all good

[–] Mir@programming.dev 1 points 6 months ago

Yea I'm using Homarr, I've just finished setting everything up. The only problem I have right now is that I can't access Syncthing GUI through the domain.

load more comments (1 replies)
load more comments (2 replies)
load more comments (4 replies)