this post was submitted on 18 Oct 2024
6 points (68.8% liked)

Selfhosted

40173 readers
892 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I would like to be able to give people an URL and have them be able to access my service.

Example I have overseerr currently funneled so when the go to url pcname.tail$$$$$.ts.net they are greeted with overseerr. But if I funneled another service at pcname.tail$$$$$.ts.net/immich for example it does nothing just blank loading but the url knows it should be Immich or another service (I can put the url pcname.tail$$$$$.ts.net/immich in the immich app and have it work). I have tried reversing them so I believe I can not set paths after .net..

Am I doing something wrong or is this not supported?

top 14 comments
sorted by: hot top controversial new old
[–] [email protected] 4 points 4 weeks ago* (last edited 4 weeks ago) (1 children)

Since you already got some replies, a bit of a different approach would be to set those services up using Docker and having Tailscale as a sidecar to each one of those.
You will then be able to access each one as a seperate device. immich.*.ts.net etc.

[–] [email protected] 1 points 4 weeks ago (1 children)

Did some looking at sidecar and it looks similar to another one I have called glueton for qbit. Immich and others are Allready running in docker so if I 'sidecar' tailscale to the container then as you said it could be immich.*.it's.net right? Sounds good thanks for input.

[–] [email protected] 2 points 3 weeks ago (2 children)

Yup.
Tailscale has some documentation about it, and also a bunch of examples (And apparently one specific to Immich).

[–] [email protected] 2 points 1 week ago (1 children)

Just wanted to say thanks again got this set up a couple days ago and works like a charm the tailscale documentaion is actually really good at explaining to a newbie like me.

[–] [email protected] 3 points 1 week ago

Neat! Glad to hear
Yeah they've done a good job with their documentation.
I was tempted by it several times already to try some features I didn't even consider using.

[–] [email protected] 2 points 3 weeks ago

Nice thanks I looked at other examples but didn't see one for immich thanks again for help I think this will be the route I take until later looking into caddy.
Thank you

[–] [email protected] -1 points 4 weeks ago* (last edited 4 weeks ago)

I too have no idea what this is about. I never used tailscale, and I have no idea what immich is.

But perhaps your problem is that the app expects to be on the root? Perhaps that could be a problem. Can you instead do another sub-domain level like immich.pcname.tail$$$$$.ts.net? Or does the app (immich) allow you to set URL root?

Anyway, seems that may indeed be the issue, and also that tailscale cannot do those sub-domains as I thought based on the discussion I found. It seems this is the same issue: https://github.com/immich-app/immich/discussions/1679

And someone probably has a solution: https://gist.github.com/aveexy/4b2b22b2198636b0a91c7c142ec11b37

Again, I have no idea what Immich even is in the first place, Tailscale, I just know it exists. Consider me about as useful as AI, I just did some googling, with only prior info being that I had to set base URL in both kiwix-serve and Navidrome for them to work properly under a directory or whatever the part after slash is called.

[–] [email protected] 6 points 4 weeks ago (1 children)

I'm not super sure what you're asking. I think you have some networking concepts confused with application routing, which in the case of a reverse proxy like this depends on how the forward host is passing requests.

[–] [email protected] 1 points 4 weeks ago (2 children)

Sorry. I just mean to ask if I can use tailscale and funnel multiple ports in order to give access to a couple different selfhosted applications. I am not sure what application routing is. I am still not sure I explaining it well enough.

[–] [email protected] 5 points 4 weeks ago* (last edited 4 weeks ago) (1 children)

It can be done but I’d advice to rather set up a reverse proxy and funnel that. Then set up your reverse proxy accordingly.

Issue with the funnel is that its reverse proxy is a bit limited in rewriting. So if your service has a native url of 127.0.0.1:8000/service1 then you serve it under /service1

If you have several services that expects to be served at root you might find it difficult to do this way. Some services might have “url/path” option in config for this purpose. In that case you enter the url you want to use for your service and it will behave.

[–] [email protected] 2 points 4 weeks ago (1 children)

Ok thanks I will check to see if they have a url/path option.

Do you have a suggestion on a service to set up my own reverse proxy?

[–] [email protected] 3 points 4 weeks ago (1 children)

I like caddy for flexibility and ease with handle_parh. I believe there was some example on the tailscale website for a tcp caddy proxy.

Some sites cant be rewritten and have to be served on their expected path. Like some http file will refer to a css or something with absolute path.

Also you can get chatgpt or similar help you and ask it to explain whats being done and why. Just be stern and let it know what you’re using for software + versions. They know a lot of old shit too these LLMs

[–] [email protected] 1 points 4 weeks ago

Perhaps you can rewrite but that would have to include both ways + html source.

Best bet is serve at what path it prefers or can be configured to

[–] [email protected] 1 points 4 weeks ago

Tailscale doesn't work on a port by port basis, it works by tunneling traffic from one IP net segment to another. I'm not sure what specifically Tailscale has out in front to work as a proxy for your connection, but the transport itself isn't blocking ports or anything.