I have been using Immich on my home server for a while now. My family and I use the Immich app on our phone to backup all of the photos which works great on Android and iOS. The only problem was that you couldn’t access the photos from outside the local internet. This was quite a bummer because even if all the photos exist locally on the device you can’t use the great Immich features like ai face recognition or image search because the database sits on the home server. It took a while to find a solution but

Tailscale

Tailscale is a service that allows you to VPN into local networks from outside to access local devices. So instead of using a VPN for example to get a french IP address to circumvent local media restrictions you VPN into your home internet. Immich even mentions this as a method for remote access here.

I like that the Tailscale client application is open source but the control server is sadly not. There is a open source control server which I host on my server called Headscale. It works without any issues untill now. If you don’t want to go through the hassle of setting up the server on your own there is a free tier for Tailscale.

But Tailscale is only the first part of the solution. One of the problems with Tailscale is that it does not use the same IP address when VPNing as when you are on your local home network. That means that your Immich instance which gets called on 192.168.0.34:2283 for example will not be reachable through the same address on Tailscale. Thailscale will use a number in the range of 100.x.y.z. You can use Immich via this address in the browser and then adding the Immich port but the phone app will not work anymore.

There is an option in the app to automaticly switch URLs of the Immich server. This means that when you are on your home network it will use the local IP address to your home server. But as soon as you are not on the network anymore it will switch to your public IP address which you can set in the app.

This is a nice feature but I wanted to have a simpler setup. On top of that I would like to use other services on my home server from outside but these usually don’t have the URL switcher feature. That’s why I decided to use this approach using a local DNS server and Tailscales magic DNS.

Local DNS Server

Setting up a local DNS server is very easy. You need to set up dnsmasq, set the DNS server of your router to your home server and then it’s as simple as editing the /etc/hosts file. You set a domain and the IP address it redirects to and then each time you type this URL on your local internet it will redirect you to the IP address which was set. This means that you can redirect domains to your home server. You can set whatever domain you want, just remember that if you set a used domain you will not be able to visit that site.

What I did is set a domain that points to your home server, this makes it easier to ssh into the server too. Then

• Point immich.my-home-server-url.com to home server IP
• NGXN reverse proxy that link to Immich (port 2283)
• In Tailscale point immich.my-home-server-url.com to your home server node

Now every time you enter this URL you will be redirected to Immich. When using Tailscale it will override your DNS request and will point you to the node that you set.

To be continued …

This way I can keep using the same domain, whether I’m home or out.