Enable auto-sync of photos only when connected to a specific Wi-Fi network
Hi,
I’d like to ask if it’s possible to introduce (or configure) an option for automatic photo synchronization only when connected to a dedicated Wi-Fi network.
In my case, I have my Immich server available only in my local home network. Auto-sync currently tries to run on any available Wi-Fi, but when I’m not on my home network the process fails with an error (it can’t find my Immich instance). That’s why it would be really useful if syncing could be limited to a specific Wi-Fi SSID.
Is this feature already available, or would it be possible to implement it?
If not, are there any known workarounds?
Thanks in advance!
17 Replies
:wave: Hey @dzik,
Thanks for reaching out to us. Please carefully read this message and follow the recommended actions. This will help us be more effective in our support effort and leave more time for building Immich :immich:.
References
- Container Logs:
docker compose logs docs
- Container Status: docker ps -a docs
- Reverse Proxy: https://immich.app/docs/administration/reverse-proxy
- Code Formatting https://support.discord.com/hc/en-us/articles/210298617-Markdown-Text-101-Chat-Formatting-Bold-Italic-Underline#h_01GY0DAKGXDEHE263BCAYEGFJA
Checklist
I have...
1. :ballot_box_with_check: verified I'm on the latest release(note that mobile app releases may take some time).
2. :ballot_box_with_check: read applicable release notes.
3. :ballot_box_with_check: reviewed the FAQs for known issues.
4. :ballot_box_with_check: reviewed Github for known issues.
5. :ballot_box_with_check: tried accessing Immich via local ip (without a custom reverse proxy).
6. :ballot_box_with_check: uploaded the relevant information (see below).
7. :ballot_box_with_check: tried an incognito window, disabled extensions, cleared mobile app cache, logged out and back in, different browsers, etc. as applicable
(an item can be marked as "complete" by reacting with the appropriate number)
Information
In order to be able to effectively help you, we need you to provide clear information to show what the problem is. The exact details needed vary per case, but here is a list of things to consider:
- Your docker-compose.yml and .env files.
- Logs from all the containers and their status (see above).
- All the troubleshooting steps you've tried so far.
- Any recent changes you've made to Immich or your system.
- Details about your system (both software/OS and hardware).
- Details about your storage (filesystems, type of disks, output of commands like fdisk -l and df -h).
- The version of the Immich server, mobile app, and other relevant pieces.
- Any other information that you think might be relevant.
Please paste files and logs with proper code formatting, and especially avoid blurry screenshots.
Without the right information we can't work out what the problem is. Help us help you ;)
If this ticket can be closed you can use the /close command, and re-open it later if needed.
Successfully submitted, a tag has been added to inform contributors. :white_check_mark:So your immich instance is not accessible over the Internet I assume?
exactly - immich runs only in my local network without external access
Yeah, I had the same issue. Added mTLS and have certificate auth now which secures it towards the Internet.
I assume you want this for your phone, right?
In the Immich app, you can go to
Settings -> Network -> Automatic URL switching.
In my case, I can access Immich remotely, but when I'm on my home network, I want Immich to access via the direct IP.I do not want to share my immich via network. It is in local network with access via Wireguard or Openvpn - but I do not use VPN all the time so the problem is when I use i.e hotel's wifi or mobile data and immich try to connect to immich...
could you explain more? thx in advance
This is currently not possible, no
I have my Immich instance exposed to the Internet, but require the device accessing it to have a valid certificate to access it (mTLS). Immich supports this. In addition I have Authentik in front so that I have more security for access. Immich supports OpenID. This I feel is sufficient to have it exposed if that is your issue for not exposing Immich online. Personally I use Traefik as a reverese proxy.
Sounds like you've done one of the two things I were debating of doing. Opening a port at home for Traefik. I ended up adding a Cloudflare tunnel and using mTLS securing that instead. How long have you been running Traefik / mTLS?
Traefik since v1 and mTLS for 1,5y or so.
Before that I used Traefik with whitelists. Love mTLS. Very handy
Nice. Do you monitor potential intrusion attempts in some way
Yeah, I’m running opnsense with zenarmor in front of my unifi udm se. In addition running crowdsec with fw bouncer, unifi bouncer, traefik bouncer and opnsense bouncer
opening up port 443 just seems so scary imho (why I went with a cloudflare tunnel instead)
This in addition to thw fw on the udm se
Yeah, but I figure my setup is secure enough
crowdsec is nice, but it's a bit of work to get your setup going 🙂 And does require some maintanance then 🙂
Yeah, it sounds like you're secure enough. As long as you keep it up to date
I think that's honestly my biggest worry. I know that I have very limited amount of time, so I might just miss a zero day and be exposed in some attack
Yes, but mostly it is easy enough to run once you get it running. Little I can do about zero days. I use my services a lot so cost/benefit for me is ok. A lot of other setups are way less secure than mine.
You should get crowdsec running.
With a cloudflare tunnel I don't really need to worry about zero days, at least not in the same sense. Since hopefully CL will take care of those. Since those tunnels also bypass my traefik setup I don't need it for that. That being said, I should have it for any internal traffic.
And... I need to learn to read. It's not supported on iPhones at all