Immich•9mo ago•

195 replies

Subdomain for Immich using Tailscale and Nginx

so my registrar is squarespace; i added

photos.mydomain.com

photos.mydomain.com

hostname.tailnet.ts.net

hostname.tailnet.ts.net

(can't expose this computer without tailscale atm)
then on the computer i ran

tailscale funnel --https=443 localhost:80

tailscale funnel --https=443 localhost:80

and in nginx

# /etc/nginx/conf.d/immich.conf
server {
  listen 80;
  server_name photos.mydomain.com;

  location / {
    proxy_pass http://localhost:2283/;
    include /etc/nginx/conf.d/proxy_headers.conf;
  }
}

server {
  listen 80;
  server_name power-tools.mydomain.com;

  location / {
    proxy_pass http://localhost:8001/;
    include /etc/nginx/conf.d/proxy_headers.conf;
  }
}

# /etc/nginx/conf.d/immich.conf
server {
  listen 80;
  server_name photos.mydomain.com;

  location / {
    proxy_pass http://localhost:2283/;
    include /etc/nginx/conf.d/proxy_headers.conf;
  }
}

server {
  listen 80;
  server_name power-tools.mydomain.com;

  location / {
    proxy_pass http://localhost:8001/;
    include /etc/nginx/conf.d/proxy_headers.conf;
  }
}

# /etc/nginx/conf.d/proxy_headers.conf;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

# /etc/nginx/conf.d/proxy_headers.conf;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

if i visit

hostname.tailnet.ts.net

hostname.tailnet.ts.net

, it takes me to immich and works properly
if i visit

photos.mydomain.com

photos.mydomain.com

, it says connection closed
if i visit

http://hostname.tailnet.ts.net:80

http://hostname.tailnet.ts.net:80

, it redirects me to

photos.mydomain.com

photos.mydomain.com

curl -v http://photos.mydomain.com

curl -v http://photos.mydomain.com

seems to pass okay,

curl -v https://photos.mydomain.com

curl -v https://photos.mydomain.com

says this

* Connected to photos.mydomain.com (0000:0000:0::000) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to photos.mydomain.com:443 
* Closing connection
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to photos.mydomain.com:443

* Connected to photos.mydomain.com (0000:0000:0::000) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to photos.mydomain.com:443 
* Closing connection
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to photos.mydomain.com:443

so chatgpt is telling me that to fix this i would either have to use cloudflare/a VPS or suck it up basically
is there any way y'all can think of that would let me use multiple subdomains on my domain to access Immich and the tools just with Squarespace, Nginx, Tailscale, and maybe making a cert? or is it just not possible

Subdomain for Immich using Tailscale and Nginx

so my registrar is squarespace; i added

photos.mydomain.com

photos.mydomain.com

hostname.tailnet.ts.net

hostname.tailnet.ts.net

(can't expose this computer without tailscale atm)
then on the computer i ran

tailscale funnel --https=443 localhost:80

tailscale funnel --https=443 localhost:80

and in nginx

# /etc/nginx/conf.d/immich.conf
server {
  listen 80;
  server_name photos.mydomain.com;

  location / {
    proxy_pass http://localhost:2283/;
    include /etc/nginx/conf.d/proxy_headers.conf;
  }
}

server {
  listen 80;
  server_name power-tools.mydomain.com;

  location / {
    proxy_pass http://localhost:8001/;
    include /etc/nginx/conf.d/proxy_headers.conf;
  }
}

# /etc/nginx/conf.d/immich.conf
server {
  listen 80;
  server_name photos.mydomain.com;

  location / {
    proxy_pass http://localhost:2283/;
    include /etc/nginx/conf.d/proxy_headers.conf;
  }
}

server {
  listen 80;
  server_name power-tools.mydomain.com;

  location / {
    proxy_pass http://localhost:8001/;
    include /etc/nginx/conf.d/proxy_headers.conf;
  }
}

# /etc/nginx/conf.d/proxy_headers.conf;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

# /etc/nginx/conf.d/proxy_headers.conf;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

if i visit

hostname.tailnet.ts.net

hostname.tailnet.ts.net

, it takes me to immich and works properly
if i visit

photos.mydomain.com

photos.mydomain.com

, it says connection closed
if i visit

http://hostname.tailnet.ts.net:80

http://hostname.tailnet.ts.net:80

, it redirects me to

photos.mydomain.com

photos.mydomain.com

curl -v http://photos.mydomain.com

curl -v http://photos.mydomain.com

seems to pass okay,

curl -v https://photos.mydomain.com

curl -v https://photos.mydomain.com

says this

* Connected to photos.mydomain.com (0000:0000:0::000) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to photos.mydomain.com:443 
* Closing connection
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to photos.mydomain.com:443

* Connected to photos.mydomain.com (0000:0000:0::000) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to photos.mydomain.com:443 
* Closing connection
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to photos.mydomain.com:443

Subdomain for Immich using Tailscale and Nginx

Similar Threads

Subdomain for Immich using Tailscale and Nginx

Similar Threads

Similar Threads

Similar Threads