I spent all day today trying to get the routing to work correctly between Tailscale, Nginx and Adguard.

Basically I wanted to be able to be able to use **http://immich.network ** to route to 192.168.1.2:9000

I wanted to share the steps I took so people don’t have to go through what I did.

First a few things Local Server IP: 192.168.1.2

  1. I installed Ngnix and Adguard, in a Docker Containers, and gave Adguard IPs 3000, 3001 instead of 80 and 443 because Ngnix took it.
  2. I went to my router and made it use the DNS: 192.168.1.2
  3. I configured Proxy Host in Ngnix … immich.network => 192.168.1.2:9000
  4. I configured DNS rewrite in Adguard … *.network => 192.168.1.2

At this point I was able to use http://immich.network finally. I installed Tailscale to be able to access when I’m outside but http://immich.network didn’t work.

These helped me https://tailscale.com/kb/1019/subnets + https://tailscale.com/kb/1054/dns?q=global+nameserver

  1. I created a subnet… tailscale up --advertise-routes=192.168.1.0/24
  2. I approved it on Tailscale login

At this point I was able to access home server using its local IP 192.168.1.2 but I couldn’t get http://immich.network to work.

  1. I created a nameserver dns with split DNS but I used my local ip… 192.168.1.2 => network

Finally everything is working… I have a feeling that I’m doing it wrong but I’m too tired and it’s finally working.

  • dutchkimble@lemy.lol
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    3
    ·
    7 months ago

    I used chatgpt to create the exact steps, commands and configurations I needed for my setup and achieved this the seemingly cheatful way. I used nginx and certbot. Worked like a charm. Congrats!

    • MirOP
      link
      fedilink
      English
      arrow-up
      6
      ·
      7 months ago

      I used chatgpt to create the exact steps, commands and configurations I needed for my setup and achieved this the seemingly cheatful way. I used nginx and certbot. Worked like a charm. Congrats!

      It’s impressive that you was able to get it to help you correctly. It usually just spew things i need to fix that’s why I didn’t ask him, thank you for the tip.

      Btw did you use a custom local domain name or did you use an actual domain ?

      • dutchkimble@lemy.lol
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Thanks, it took some prompts but it worked in the end! I used a few subdomains of an actual domain I use for email…

        • MirOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 months ago

          I just finished the SSL today, but have you gotten Syncthing GUI to work though? I can’t seem to get it to work with the domain for some reason.

          • dutchkimble@lemy.lol
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            7 months ago

            No, sorry I haven’t tried it with Syncthing. Mainly using it for immich, seafile, a matrix server, some arr apps and a status monitor called dashdot. Would be useful for syncthing though, never thought of trying it - I’ll give it a shot over the weekend and let you know how it goes!

            • MirOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              7 months ago

              Thank you, looking forward to hearing from you

            • MirOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              4 months ago

              It took me a week suffering to get syncthing to work but it finally did. Thank you