Hello all, The first thing I setup to self-host was NextCloud, and I followed instructions and built the stack myself. It’s hosted on port 80, and I created a Cloudflare tunnel from “cloud.mydomain.com” which points to 192.168.1.111 and everything works perfectly. I can access the site from wherever, and everything felt great. Now for the thing I really want, an Immich server.
I followed the instructions and set up Immich in a docker container. Everything seems to be working great, I can access it from within my network and backup photos just like I was hoping. Within the same Cloudflare tunnel, I tried to add a new Public Hostname. I want “photos.mydomain.com” to point to the same host but on port 2283. I added the public hostname and pointed it to 192.168.1.111:2283, but whenever I point a browser there I get the “502 Bad Gateway” error from cloudflare.
I assume this is a Cloudflare configuration issue, but I’m not 100% sure. Do I need to do anyting special with docker if I intend to access it through Cloudflare? I THINK docker is set up correctly because I am able to access the Immich from a different computer on my local network. I thought using Cloudflare made it so that I don’t to worry about setting up a reverse proxy. Is that maybe not true?
Or does Immich need something specific to tell it to accept traffic outside of my network? I remember having to set up NextCloud with “trusted domains” but when that wasn’t correct, I got an error message from NextCloud, not from Cloudflare.
Any help would be appreciated. I’ve poked around a bunch and I’m pretty sure I can’t solve this on my own.
saint@group.lt 11 months ago
first you should check logs of cloudflare tunnel - most likely it cannot access your docker network. if you are using cloudflare container - it should use same network as a Immich instance.
in short: find the tunnel log and see what is happening there.
jrubal1462@mander.xyz 11 months ago
The logs just say
2023-12-16T03:32:18Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 192.168.1.111:2283…
Assuming it is the problem of Docker containers not being able to talk to each other, I added the option
–network=“bridge”
to the docker command that launches the cloudflare tunnel. Then in the docker-compose file for Immich, I added the linenetwork_mode: bridge
to each service. No dice. I think next I’ll try installing the cloudflare tunnel as a service directly on that computer.Thanks for taking the time to help out, I appreciate it.
jrubal1462@mander.xyz 11 months ago
Hey! Running the cloudflare tunnel through systemd right on the machine worked wonders! Thanks! Probably not the most secure way, but at least I know I can play with networks at a later date. For now it appears to be up and running. Thanks a bunch!