←back to thread

Self-hosting my photos with Immich

(michael.stapelberg.ch)
659 points birdculture | 4 comments | 30 Nov 25 09:11 UTC | HN request time: 0.022s | source
Show context
oliyoung ◴[06 Dec 25 03:14 UTC] No.46170280[source]
Docker + Immich + Tailscale is the killer replacement to Google & Apple Photos, it's simply that simple
replies(5): >>46170298 #>>46170557 #>>46170668 #>>46171941 #>>46174672 #
nightski ◴[06 Dec 25 04:23 UTC] No.46170668[source]
I don't get the appeal of Tailscale for simple homelab use. I have OpenVPN and it's trivial. Hit the toggle and I'm connected, no fuss.
replies(4): >>46170685 #>>46170756 #>>46170782 #>>46171825 #
Jnr ◴[06 Dec 25 09:08 UTC] No.46171825[source]
OpenVPN is far from "no fuss", especially when compared to Tailscale.

I like to self host things so I also self host Headscale (private tailnet) and private derp proxy nodes (it is like TURN). Since derp uses https and can run on 443 using SNI I get access to my network also at hotels and other shady places where most of the UDP and TCP traffic is blocked.

Tailscale ACL is also great and requires more work to achieve the same result using OpenVPN.

And Tailscale creates a wireguard mesh which is great since not everything goes through the central server.

You should give it a try.

replies(1): >>46172329 #
sva_ ◴[06 Dec 25 10:57 UTC] No.46172329[source]
Why not just use wireguard directly? The configuration is fairly trivial
replies(3): >>46172412 #>>46172662 #>>46174164 #
1. iAMkenough ◴[06 Dec 25 15:41 UTC] No.46174164[source]
Even more trivial with Tailscale, so why wouldn’t I use Tailscale to configure wireguard for me?
replies(1): >>46185610 #
2. sva_ ◴[07 Dec 25 21:58 UTC] No.46185610[source]
I'm a bit skeptical that I don't have full control of my keys, but it does seem convenient.
replies(1): >>46193459 #
3. Sanzig ◴[08 Dec 25 15:36 UTC] No.46193459[source]
You can have full control over your keys if you want: https://tailscale.com/kb/1226/tailnet-lock
replies(1): >>46211146 #
4. sva_ ◴[09 Dec 25 21:46 UTC] No.46211146{3}[source]
That's pretty cool, thanks for the info! I've been looking into Tailscale the past few days since it actually seems pretty convenient.

I've seen they offer to use Mullvad as an exit node for devices which is very cool. Sadly it seems like for this to work, you have to have them manage your Mullvad keys, which to me kind of defeats the purpose of Mullvad in some ways. But I can see how it makes sense to them from a business-perspective.