Hi selfhosting community :)

I am hosting some services on a NixOS box (Immich, Nextcloud and some others). So far I had no problem reaching my services, just via tailscale when I am not at home.

But now I wanted to branch out and get a little fancy with https setup and a domain, so I can share my services with friends. I followed this guide and got a domain at cloudflare. However I ran into some problems.

The relevant setup:

spoiler

Nextcloud:

services.nextcloud = {
  enable = true;
  hostName = "nextcloud.<mydomain>.com";
  https = true;
};

Nginx:

services.nginx = {
  enable = true;
  virtualHosts = {
    "nextcloud.<mydomain>.com" = {
      forceSSL = true;
      useACMEHost = "<mydomain>.com";
    };
    "immich.<mydomain>.com" = {
      forceSSL = true;
      useACMEHost = "<mydomain>.com";
      locations."/".proxyPass = "http://127.0.0.1:2283/";
    };
    "immich.<machine>.<tailnet>.net" = {
      locations."/".proxyPass = "http://127.0.0.1:2283/";
    };
  };
};

ACME

security.acme = {
  acceptTerms = true;   
  defaults.email = "my@mail.com";
  certs."<mydomain>.com" = { 
    domain = "*.<mydomain>.com";
    group = "nginx";
    dnsProvider = "cloudflare";
    dnsPropagationCheck = true;
    credentialsFile = config.sops.secrets.cloudflare.path;
  }; 
};

My situation now is the following:

  • I can reach eg. Immich by going to http://<machine>.<tailnet>.net:2283 (https is not working here).
  • I can not reach Immich by the domains I have setup in my Nginx configuration. So “immich.<machine>.<tailnet>.net” & “immich.<mydomain>.com” give a “Server not found” error. I tried both 127.0.0.1 and the tailscale IP of the server in the proxyPass section.

Does one of you network wizards know where the problem lies? Or how would I go about troubleshooting the issue?

  • baduhaiEnglish
    2·
    19 hours ago

    Yes, in order to access my domain on my local network, I have my pihole instance point the domain to my server’s local IP.