Was looking into Docker volume backups just yesterday so this is perfect timing!
TedZanzibar
joined 1 year ago
Yes please, I might revisit it with a fresh pair of eyes.
Thanks for the suggestion. I spent a good hour or two trying to make Wireguard work for me last night but failed. If I set it to only apply to Immich, nothing else would have Internet access at all. Likewise if I set the peer IP range to just my LAN subnet.
After pulling my hair out for a while I gave up and uninstalled.
Hmm I must be doing something wrong then because it doesn't work for me.
If it was just me, or if Tailscale wasn't such an insatiable battery leech then I'd absolutely do that but the wife (and kids) acceptance factor plays a big role, and they're never going to accept having to toggle a separate service on and off to get to their photos.
Maybe I'm being overly paranoid but I work in IT and see the daily, near constant barrage of port scans and login attempts to our VPN service and it has an effect!
Very useful insights, thanks.
I do currently have external stuff running via a Cloudflare tunnel (which is why I need DNS based LE certs for the internal proxy) but I don't know if it's setup correctly (beyond doing basic reverse proxying) and the admin backend for it feels like massive overkill for a home setup. Plus with Immich I run into the issue of a) dire warnings about it being in active dev and potentially insecure and b) filesize limits making away-from-home backups difficult.
I could well be over thinking the whole thing.
Yeah I'm running a Cloudflare tunnel for external access (which is why I need DNS based LE certs), but that's another thing that I don't really know what it's doing beyond basic reverse proxying.
I have a country-based whitelist for where my Immich instance can be accessed from but I find the Zero Trust admin backend to be massive overkill for my needs, and it doesn't help that they've recently moved everything around so none of the guides out there point to the right places anymore!
Ah, that's useful thanks!
it will either be underpowered or power hungry.
Or both!
My inner monologue is an asshole that literally never shuts up unless I'm asleep. If I'm not actively thinking about something and conversing with him or keeping him otherwise distracted, he's singing a snippet of the last catchy song he heard, over and over, until a new one takes its place. Sometimes it's the same song for days on end.
This looks neat, will definitely give it a go, cheers!
Thanks, I'll muse over this when I next get the chance!