Just use the Synology NAS as NFS share. Mount the NFS share on your server with 256GB RAM and use it as bind volume mounts for immich.
Otherwise, run immich in the server only ans properly backup all volumes to the Synology NAS regularly. Use a backup solution that notifies you if something bricks.
homepagemirotalkmonkeytypegramps webexcalidrawmealieimmichgiteawg-easyhome assistantvaultwardenYou can find many more examples in my public repo with many compose examples:
Tor exit node. Too much legal stuff.
Various options:
Ensure to choose wisely. Especially regarding power consumption and hardware encoding capabilities (Looping at you jellyfin).
Otherwise, some summarized infos here:
https://blog.lrvt.de/homelab-server-recommendation/
BTW: I do not recommend running a Tor exit node.
Otherwise, with no logs or real details there is nothing I can help with. Maybe start by telling us your compose file and used reverse proxy + error logs.
I have a compose example of the older mealie. May have a try:
https://github.com/Haxxnet/Compose-Examples/blob/main/examples/mealie/docker-compose.yml
Immich - Google photo alternative.
You can freely select photos into an album and then invite users to the album. All your photos remain to your user account and sharing happens via manually created albums. Want to leave one specific picture out? Sure, just do not add it to the shared album.
Proxmox > Ubuntu VM > Docker
I bind mount my NAS via /etc/fstab and store all docker bind volumes there. Essy like that.
Same. Then I just tried and documented the process:
Nice thanks!
True, it does.
However, the mobile does not work with it properly or? Just the web app.
From what I understand, those services would allow to only allow Traefik to redirect the user to the appropriate service if correctly authenticated, is that correct?
Exactly. In Traefik, this is often called a forwardAuth middleware. Only if you are authenticated against Authelia/Authentik, Traefik will obtain the go to proxy the user request to the actual proxy service.
Also, using either Authentik or Authelia, user can use SSO to register/login ? How can I control who can register?
Yes but it depends on the proxied application. Some do not support OAuth/OIDC/SAML and whatever. Then, you have to authenticate against Authelia/Authentik and a second time at the service via username and password usually. Some apps however support it. Then you can setup the app and Authelia/Authentik for SSO. If done, only a single login against Authelia/Authentik is required and you’ll be automatically logged into the app. No second login necessary. Authelia/Authentik will handle it. Whether a user can register or not depends on the app and how it is setup. Portainer e.g. can allow SSO user registering but also deny it. If denied, you’d have to create the users first manually in Portainer with the same email address as in Authentik. Then the user can login.
For instance I use immich to backup my pictures, so in the immich mobile app server settings I have : immich.mydomain.com, how would that works out if I use either Authentik or Authelia?
Unfortunately, Immich does not support OAuth/OIDC/SAML yet. Therefore, you are left with authenticating against Authelia/Authentik and then as well against immich via your user credentials. As correctly assumed, this requires a web browser to obtain the Authelia/Authentik login screen. For the immich mobile app, this is not possible.
There is some discussion on GitHub here about this topic:
https://github.com/immich-app/immich/discussions/3118
I’ve also implemented Authentik with Traefik. May read here:
What about Bitwarden Unified for selfhosters?
Maybe Plane or YouTrack
Duplicati