Hi selfhosting community :)
I am hosting some services on a NixOS box (Immich, Nextcloud and some others). So far I had no problem reaching my services, just via tailscale when I am not at home.
But now I wanted to branch out and get a little fancy with https setup and a domain, so I can share my services with friends. I followed this guide and got a domain at cloudflare. However I ran into some problems.
The relevant setup:
spoiler
Nextcloud:
services.nextcloud = { enable = true; hostName = “nextcloud.<mydomain>.com”; https = true; };
Nginx:
services.nginx = { enable = true; virtualHosts = { “nextcloud.<mydomain>.com” = { forceSSL = true; useACMEHost = “<mydomain>.com”; }; “immich.<mydomain>.com” = { forceSSL = true; useACMEHost = “<mydomain>.com”; locations.“/”.proxyPass = “http://127.0.0.1:2283”; }; “immich.<machine>.<tailnet>.net” = { locations.“/”.proxyPass = “http://127.0.0.1:2283”; }; }; };
ACME
security.acme = { acceptTerms = true; defaults.email = “my@mail.com”; certs.“<mydomain>.com” = { domain = “*.<mydomain>.com”; group = “nginx”; dnsProvider = “cloudflare”; dnsPropagationCheck = true; credentialsFile = config.sops.secrets.cloudflare.path; }; };
My situation now is the following:
- I can reach eg. Immich by going to http://<machine>.<tailnet>.net:2283 (https is not working here).
- I can not reach Immich by the domains I have setup in my Nginx configuration. So “immich.<machine>.<tailnet>.net” & “immich.<mydomain>.com” give a “Server not found” error. I tried both 127.0.0.1 and the tailscale IP of the server in the proxyPass section.
Does one of you network wizards know where the problem lies? Or how would I go about troubleshooting the issue?
marci@lemmy.world 5 days ago
I found that the cname record seemed to be the problem. Here someone had the same issue. After changing now to a wildcard A record pointing to the tailscale ip, it all magically works. Thanks for all the answers!