deddit.petersanchez.com

can I funnel more than one service at a time using tailscale?
from Blxter@lemmy.zip to selfhosted@lemmy.world on 18 Oct 20:38
https://lemmy.zip/post/24739205

I would like to be able to give people an URL and have them be able to access my service.

Example I have overseerr currently funneled so when the go to url pcname.tail$$$$$.ts.net they are greeted with overseerr. But if I funneled another service at pcname.tail$$$$$.ts.net/immich for example it does nothing just blank loading but the url knows it should be Immich or another service (I can put the url pcname.tail$$$$$.ts.net/immich in the immich app and have it work). I have tried reversing them so I believe I can not set paths after .net..

Am I doing something wrong or is this not supported?

#selfhosted

threaded - newest

just_another_person@lemmy.world on 18 Oct 20:42 next collapse

I’m not super sure what you’re asking. I think you have some networking concepts confused with application routing, which in the case of a reverse proxy like this depends on how the forward host is passing requests.

Blxter@lemmy.zip on 18 Oct 21:25 collapse

Sorry. I just mean to ask if I can use tailscale and funnel multiple ports in order to give access to a couple different selfhosted applications. I am not sure what application routing is. I am still not sure I explaining it well enough.

just_another_person@lemmy.world on 18 Oct 21:33 next collapse

Tailscale doesn’t work on a port by port basis, it works by tunneling traffic from one IP net segment to another. I’m not sure what specifically Tailscale has out in front to work as a proxy for your connection, but the transport itself isn’t blocking ports or anything.

Oisteink@lemmy.world on 18 Oct 22:51 collapse

It can be done but I’d advice to rather set up a reverse proxy and funnel that. Then set up your reverse proxy accordingly.

Issue with the funnel is that its reverse proxy is a bit limited in rewriting. So if your service has a native url of 127.0.0.1:8000/service1 then you serve it under /service1

If you have several services that expects to be served at root you might find it difficult to do this way. Some services might have “url/path” option in config for this purpose. In that case you enter the url you want to use for your service and it will behave.

Blxter@lemmy.zip on 18 Oct 23:44 collapse

Ok thanks I will check to see if they have a url/path option.

Do you have a suggestion on a service to set up my own reverse proxy?

Oisteink@lemmy.world on 19 Oct 01:04 collapse

I like caddy for flexibility and ease with handle_parh. I believe there was some example on the tailscale website for a tcp caddy proxy.

Some sites cant be rewritten and have to be served on their expected path. Like some http file will refer to a css or something with absolute path.

Also you can get chatgpt or similar help you and ask it to explain whats being done and why. Just be stern and let it know what you’re using for software + versions. They know a lot of old shit too these LLMs

Oisteink@lemmy.world on 19 Oct 01:06 collapse

Perhaps you can rewrite but that would have to include both ways + html source.

Best bet is serve at what path it prefers or can be configured to

user224@lemmy.sdf.org on 18 Oct 21:03 next collapse

I too have no idea what this is about. I never used tailscale, and I have no idea what immich is.

But perhaps your problem is that the app expects to be on the root? Perhaps that could be a problem. Can you instead do another sub-domain level like immich.pcname.tail$$$$$.ts.net? Or does the app (immich) allow you to set URL root?

Anyway, seems that may indeed be the issue, and also that tailscale cannot do those sub-domains as I thought based on the discussion I found. It seems this is the same issue: github.com/immich-app/immich/discussions/1679

And someone probably has a solution: gist.github.com/…/4b2b22b2198636b0a91c7c142ec11b3…

Again, I have no idea what Immich even is in the first place, Tailscale, I just know it exists. Consider me about as useful as AI, I just did some googling, with only prior info being that I had to set base URL in both kiwix-serve and Navidrome for them to work properly under a directory or whatever the part after slash is called.

ArtikBanana@lemmy.dbzer0.com on 19 Oct 00:09 collapse

Since you already got some replies, a bit of a different approach would be to set those services up using Docker and having Tailscale as a sidecar to each one of those.
You will then be able to access each one as a seperate device. immich.*.ts.net etc.

Blxter@lemmy.zip on 19 Oct 02:33 collapse

Did some looking at sidecar and it looks similar to another one I have called glueton for qbit. Immich and others are Allready running in docker so if I ‘sidecar’ tailscale to the container then as you said it could be immich.*.it’s.net right? Sounds good thanks for input.

ArtikBanana@lemmy.dbzer0.com on 19 Oct 10:21 collapse

Yup.
Tailscale has some documentation about it, and also a bunch of examples (And apparently one specific to Immich).

Blxter@lemmy.zip on 19 Oct 12:09 collapse

Nice thanks I looked at other examples but didn’t see one for immich thanks again for help I think this will be the route I take until later looking into caddy.
Thank you