I spent all day today trying to get the routing to work correctly between Tailscale, Nginx and Adguard.
Basically I wanted to be able to be able to use **http://immich.network ** to route to 192.168.1.2:9000
I wanted to share the steps I took so people don’t have to go through what I did.
First a few things Local Server IP: 192.168.1.2
- I installed Ngnix and Adguard, in a Docker Containers, and gave Adguard IPs 3000, 3001 instead of 80 and 443 because Ngnix took it.
- I went to my router and made it use the DNS: 192.168.1.2
- I configured Proxy Host in Ngnix … immich.network => 192.168.1.2:9000
- I configured DNS rewrite in Adguard … *.network => 192.168.1.2
At this point I was able to use http://immich.network finally. I installed Tailscale to be able to access when I’m outside but http://immich.network didn’t work.
These helped me https://tailscale.com/kb/1019/subnets + https://tailscale.com/kb/1054/dns?q=global+nameserver
- I created a subnet… tailscale up --advertise-routes=192.168.1.0/24
- I approved it on Tailscale login
At this point I was able to access home server using its local IP 192.168.1.2 but I couldn’t get http://immich.network to work.
- I created a nameserver dns with split DNS but I used my local ip… 192.168.1.2 => network
Finally everything is working… I have a feeling that I’m doing it wrong but I’m too tired and it’s finally working.
This exactly what I’m trying to do, get valid https certificates via a domain name on cloudflare. I have nginx proxy manager running and working to serve a couple of sites like home assistant. The problem I’m having is how do I get valid certificates for my internal services via npm but only be able to access them inside my lan not the internet?
https://www.youtube.com/watch?v=qlcVx-k-02E This really helped me
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=qlcVx-k-02E
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.