I spent all day today trying to get the routing to work correctly between Tailscale, Nginx and Adguard.

Basically I wanted to be able to be able to use **http://immich.network ** to route to 192.168.1.2:9000

I wanted to share the steps I took so people don’t have to go through what I did.

First a few things Local Server IP: 192.168.1.2

  1. I installed Ngnix and Adguard, in a Docker Containers, and gave Adguard IPs 3000, 3001 instead of 80 and 443 because Ngnix took it.
  2. I went to my router and made it use the DNS: 192.168.1.2
  3. I configured Proxy Host in Ngnix … immich.network => 192.168.1.2:9000
  4. I configured DNS rewrite in Adguard … *.network => 192.168.1.2

At this point I was able to use http://immich.network finally. I installed Tailscale to be able to access when I’m outside but http://immich.network didn’t work.

These helped me https://tailscale.com/kb/1019/subnets + https://tailscale.com/kb/1054/dns?q=global+nameserver

  1. I created a subnet… tailscale up --advertise-routes=192.168.1.0/24
  2. I approved it on Tailscale login

At this point I was able to access home server using its local IP 192.168.1.2 but I couldn’t get http://immich.network to work.

  1. I created a nameserver dns with split DNS but I used my local ip… 192.168.1.2 => network

Finally everything is working… I have a feeling that I’m doing it wrong but I’m too tired and it’s finally working.

  • MirOP
    link
    fedilink
    English
    arrow-up
    2
    ·
    7 months ago

    ok I just did that and my problem is that I wanted to access my services with a custom domain like .homes

    Now I need to access them for x.y.duckdns.org

    • LifeBandit666@feddit.uk
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      7 months ago

      Have a look into Heimdall or Homarr. Much easier, don’t need to worry about addresses at all. Single set up and add Tailscale exit node for external access.

      I’ve been fiddling with it again today and (using Homarr) my only services that don’t work when I access through Tailscale are the ones I use names for (are.local, server.local, etc) and I can access them when I use the IP:port so when I get home I’ll just change them to IP:port on Homarr and I’ll be all good

      • MirOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Yea I’m using Homarr, I’ve just finished setting everything up. The only problem I have right now is that I can’t access Syncthing GUI through the domain.