Dumb question: my bitwarden browser plugin doesn’t work properly of my Vaultwarden doesn’t run https. Right now I’m exposing it under subdomain with self-cert in nginx proxy manager. Could I switch over to using my Headscale with “tailscale serve”? Does this work and can I use it https in that way?
Comment on Guidance for Noob? (Synching vs Nextcloud, Immich, Tailscale)
dan@upvote.au 4 days ago
Tailscale is great. You should use it. Most of their code is open-source. Their coordination server is closed-source, however there’s a self-hostable open-source reimplemention called Headscale if you want a fully-open-source Tailscale stack.
Immich doesn’t rely on Tailscale; you can use any VPN. They don’t recommend exposing it to the public internet at the moment though, which is why you’d use a VPN.
For the drives, I’d recommend ZFS instead of Ext4 or NTFS. ZFS can detect corruption using checksum, which neither Ext4 nor NTFS can do. NTFS also isn’t recommended unless you’re running Windows Server.
hoshikarakitaridia@lemmy.world 3 days ago
dan@upvote.au 3 days ago
Tailscale serve might work; I haven’t tried it so I don’t know what it’s capable of.
Usually I’d recommend getting a real domain name and use Let’s Encrypt. .com domains are around $10/year but some TLDs are even cheaper. If you don’t mind which TLD you use, go to tld-list.com and sort by renewal price.
suzune@ani.social 3 days ago
A domain with DNS access costs around 2€ a year. Just buy your own and generate certificates with Acme.
Nighed@feddit.uk 3 days ago
On the public Immich bit, they have docs on how to setup a reverse proxy correctly. No security warnings.
That sounds like a thumbs up to me?
dan@upvote.au 3 days ago
Interesting! They used to have a warning about it. I guess they removed it at some point. It’s referenced in this discussion for example: github.com/immich-app/immich/discussions/13008
Nighed@feddit.uk 3 days ago
That pretty much says: safe when stable. (Which it is now) Makes some sense.
Mine is public, so I hope it’s safe (ish)