Hello all, The first thing I setup to self-host was NextCloud, and I followed instructions and built the stack directly on the host computer. It’s hosted on port 80, and I created a Cloudflare tunnel from “cloud.mydomain.com” which points to http://192.168.1.111 and everything works perfectly. I can access the site from wherever, and everything felt great. Now for the thing I really want, an Immich server.
I followed the instructions and set up Immich in a docker container. Everything seems to be working great, I can access it from within my network and backup photos just like I was hoping. Within the same Cloudflare tunnel, I tried to add a new Public Hostname. I want “photos.mydomain.com” to point to the same host but on port 2283. I added the public hostname and pointed it to http://192.168.1.111:2283, but whenever I point a browser there I get the “502 Bad Gateway” error from cloudflare.
I assume this is a Cloudflare configuration issue, but I’m not 100% sure. Do I need to do anyting special with docker if I intend to access it through Cloudflare? I THINK docker is set up correctly because I am able to access the Immich from a different computer on my local network. I thought using Cloudflare made it so that I don’t to worry about setting up a reverse proxy. Is that maybe not true?
Or does Immich need something specific to tell it to accept traffic outside of my network? I remember having to set up NextCloud with “trusted domains” but when that wasn’t correct, I got an error message from NextCloud, not from Cloudflare.
Any help would be appreciated. I’ve poked around a bunch and I’m pretty sure I can’t solve this on my own.
Thanks. I was hoping (but not sure) that cloudflare would act as a proxy by sending the traffic to the port I wanted, and that would sort things out (since it’s all running off of one machine). Still, maybe setting up Nginx is the way to go. I’ll have to put that a little ways down the to do list.
Thanks for reaching out, I appreciate it.
Well, in my setup I use both, Cloudflare point to my proxy manager, so there is a dual proxy in a way. but the users always hit cloudflare first and never my own proxy, so I can use CF security feature as well (blocking other country, ip, known bad actors etc)