This might be overkill but I run an xrdp and just remote into it from any device. Tablet phone laptop etc with an rdp app. If you need it on the go you would also want something like tailscale or WireGuard as a vpn to access the computer while away from home

I don’t use Immich, but if you open a feature request I’d suggest asking for open street maps, which offers a self hosted tile service https://www.maptiler.com/server/

GitHub has the option of emailing you on releases etc. by email.

Glad we got to the root issue! As others have said this is a learning process and you picked one of the more complicated ones to start with. Once this is done e everything else will start to feel much easier!

If you are on the raspberry pi with a physical screen/keyboard and mouse you can also try accessing with the ip address “localhost:80” and see if there’s a connection that way as well.

We can get the port list another way. From the terminal on the raspberry pi run the command “nmap localhost”. Let us know what that shows, but I would expect to see either 80, 443, or both.

As a side note, if you did not give the nextcloud container a certificate when you made it, you cannot use https:// on the browser, as it has no way to talk using that security mechanism. It is only capable in that case of using http:// and port 80. You will need to disable forced https to access the site (this is fine on the local network if every device is trusted, and only encrypted vpn service in like zerotier is used imo). This might be your problem here, especially if you are seeing both ports listed as open on the pi.

You would be given a safety risk warning page by your browser if you did the self signed certificate that you’d need to tell it to connect anyway, so that likely isn’t the issue. Looking at ports, how are you trying to connect to the server? If you did not assign a certificate at all, you would want to use port 80, port 443 if you did install a certificate.

For instance, my Nextcloud is on ip 192.168.50.30 With that in mind I would be using:

No certificate: http://192.168.50.30:80 Certificate: https://192.168.50.30:443

Does this look like what you are typing in?

As two additional questions, what is the output of “docker container ls” typed into the terminal? And what operating system did you install on the pi, was it raspbian?

At a glance your first issue is finding the correct ip address, you should only have one local ip address to access it with (inside your home network).

To find your local ip, type “ip a” into the terminal, and look for the address under “eth0“ for a wired connection, or “wlan0” for wireless. This will allow you to connect using the ip and port while on your home network to test the connection and make sure it works right.

After that, I highly recommend the vpn option, it will simplify connecting to it while not at home without creating security issues like setting it up with a domain. I personally use zerotier, that guide will help you get it set up on the raspberry pi. Not the last bit about a “managed ip.” That will be the address to tell your phone to connect too once you have the vpn set up on the phone as well.

This appears to be correct. See:

EncoderAppPath was simply not present at all in encoding.xml! There was only the display value: <EncoderAppPathDisplay /> My own installation was completely fixed by adding <EncoderAppPath>/usr/local/bin/ffmpeg</EncoderAppPath>

From the page

There’s a similar software called zerotier that only routes traffic you want across. You select an IP range (for instance 10.144..) and it gives your computer a new address. For my main computer let’s say it’s 10.144.168.128. The only traffic routed over the vpn is traffic addressed to that address. You can append the port to web traffic like https://10.144.168.128:8010/zm/index.php (zoneminder used as an example) and it would use the vpn for that connection but nothing else.

Docker on its own won’t think to look at that interface unless you tie it to it. Assuming you want to listen to both interfaces an external watchdog would be the call. You’d set the watchdog to look for iptables issues and then run commands if it went down (ie to restart iptables and then restart your containers).

Second the key-password combo. It keeps the keys you have on the flash drive but adds a password component that thieves would need to figure out as well. Just make sure to pick a good password!

It’s free with their account using their services for up to 25 nodes. It uses direct connections where possible so your information goes straight from one device to the other without having to self host their program.

On FreeBSD the config is located in “/usr/local/www/nextcloud/config/config.php”, I’m unsure about Linux I haven’t set it up for that. But, in the config you will see a marker for “trusted domains,” I’ve set mine up for local DNS, zero-tier and local IP setup and it looks like this:

`‘trusted_domains’ =>

array (

0 => 'fileserver.home.lan:9000',

1 => '192.168.50.30:9000',

2 => '10.144.117.148:9000',

3 => '10.1.1.7',

4 => 'fileserver.home.lan',

5 => '192.168.50.30',

), `

Edit: You can see here more info on the config file. Per that documentation on Linux it should be under “/var/www/nextcloud/config/config.php”

Also of note, for internal IP addresses you should set the server to a static IP on your router, that’s how I know my server will always be 192.168.50.30. If you’re using home internet (not a VPS or business line) you’re pretty much guaranteed to have a dynamic IP for public facing connections. For that I like noip.com because they have an app that will auto-update this so you can use the free domain name without needing to know the IP address that will change every few days. Duckdns also does this if memory serves though I think they just had a bash script you ran for this.

Find in your install the config.php it will listed trusted domains (or ips) and you can add as many as you want. I’ll find my config file here in a bit and paste that part of it as an example

Yes it can

It can be an ip address, if you have a static ip. If you’re planning to host this on the open internet and have a dynamic ip (home internet is most likely for this), or static and don’t want to pay for a top level domain you can use a service like noip.com for a free address like “test.ddns.net”

You can also change this after the initial setup in Nextcloud’s config.php as well as as additional domain names/ip addresses that can reach the server.

Agreed. It’s not a safety issue it just won’t use the full drives capacity until they replace the other smaller drives

If you utilize logins something like fail2ban would be a good addition, as well as something for anti-malware/hacking/injection prevention etc. when I had a public Nextcloud I had Apache set up with mod-security with the owasp rule set loaded.

The biggest risks of hosting something public at home besides ddos attacks is scripts that get regularly run against any open port they can find on the internet that if successful could encrypt your data for ransomware etc. I personally realized this was all just for me and the wife and running the services through a vpn (ZeroTier was fantastically easy to set up) removed most of the risk while letting us access remotely

Edit: ddos protection would also be adviseable I think cloudflare might have that built in though

When we lived in Missouri the power went out twice ish a year, sometimes more. Amazing how fragile that stuff is when nobody invests in the infrastructure for the town.