#Proxy setup

:wave: Hey @glad topaz,

Thanks for reaching out to us. Please follow the recommended actions below; this will help us be more effective in our support effort and leave more time for building Immich .

References

• Container Logs: docker compose logs docs
• Container Status: docker compose ps docs
• Reverse Proxy: https://immich.app/docs/administration/reverse-proxy

Checklist

1. :blue_square: I have verified I'm on the latest release(note that mobile app releases may take some time).
2. :blue_square: I have read applicable release notes.
3. :blue_square: I have reviewed the FAQs for known issues.
4. :blue_square: I have reviewed Github for known issues.
5. :blue_square: I have tried accessing Immich via local ip (without a custom reverse proxy).
6. :blue_square: I have uploaded the relevant logs, docker compose, and .env files using the buttons below or the /upload command.
7. :blue_square: I have tried an incognito window, disabled extensions, cleared mobile app cache, logged out and back in, different browsers, etc. as applicable

(an item can be marked as "complete" by reacting with the appropriate number)

If this ticket can be closed you can use the /close command, and re-open it later if needed.

https://immich.app/docs/administration/reverse-proxy/

i did nginx and my site cant be reached

I recommend getting a simple nginx page running before you try to proxy immich

there are lots of guides to getting nginx setup

I have this setup but for proxy host ssl i get internal error

@austere silo do you have a more detailed guide

SSL: http only

set a certificate for the page

or create one

is a cloudflare tunnel just as secure

because i got that workiing easy

You won’t be able to upload files > 100 MB

because of the tunnel ?

yes

dang

for the proxy over cloudflare, free is limited at 100mb

so i have to do the reverse proxy for no limit

yes, but if you have no large files, you should be fine

i get internal error everytime i try to do this

wdym

CommandError: Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

at /app/lib/utils.js:16:13
at ChildProcess.exithandler (node:child_process:430:5)
at ChildProcess.emit (node:events:518:28)
at maybeClose (node:internal/child_process:1105:16)

get a cloudflare cert

1 sec

ok

set it to 15 years

should i put immich.hynsor.com for domains too

use *.domain.com and domain.com

ok done

download it and add it to your proxy

this error means, that you were not able to request a certificate from letsencrypt

i add it throuh here correct ?

ye

did you fill out the dns provider and credentials file content correctly there?

which format is it suppose to be

sec

i'd take pem

also make sure to have two seperate files

mydomain.private.pem
mydomain.public.pem

did you save the two seperate things

yes

i only have origin

no private

revoke your cert and create a new one

you should see that

now i do

same error

You made sure to select the "PEM" key format?

yes

wrong order

key = private.pem
cert = public.pem

ok it worked

this shows up now on immich.hynsor.com

where do i allow it in cloudflare

read the page

what different ip

i pointed it to my server ip

is it disallowed?

i dont think so

you need to use your external IP

please be really careful with exposing your services to the internet. It seems like you are not too experienced with self hosting. collect some information first and try out your self hosted stuff locally. when you understand what you are doing, you can expose it. it is important to be aware of the risks of exposing to the web

I understand, thank you for looking out I put my external buy pages are just blank still

just watch a few tutorials and learn why and what you are doing

Alright

and dont just copy paste commands, try to understand them

no sysadmin should ever just copy and paste commands and run them on the system

did you manage to get your page up and running?

No it just stays blank

what does that mean

Nothing loads

Only time it shows something is when I put the ip to internal

cant really help without logs etc

what shows when you open the dev console (f12)

One moment

says nothing

that is the router ip correct ?

https://whatismyipaddress.com/

192.168.x.x is internal

one sec

your external address is given by your internet provider

proxied or no ?

?

this ip is most likely not fix, so something like cloudflare-ddns comes in handy

where is your website hosted

namecheap

but i point my domain to cloudflare

where is immich hosted

on a local pc in your network?

its not hosted

hynsor.com is point to cloudflare

where does immich run?

hynsor.com is your domain

yeah i dont have it hosted

how can you access it then?

idk

is immich running right now?

yes

oh

you were talking about immich

i thought you were talking about immich.hynsor.com

no

its on my raspberry pi

ok

did you forward ports to your raspberry pi?

yes

what port

2283

why 2283?

thats not port forwarding

yeah i cant port forward like you would through router

thats needed to to reverse proxy

no other way ?

the way you connect to the internet is trough your router

also the way the internet can connect to you is trough the router