https://rikosjett.com/topics/homelab/Recent content in Homelab on rikosjettHugoenSat, 07 Mar 2026 00:00:00 +0100https://rikosjett.com/blog/exposing-immich-over-tailscale-with-a-companion-container/Sat, 07 Mar 2026 00:00:00 +0100https://rikosjett.com/blog/exposing-immich-over-tailscale-with-a-companion-container/<p>I already had <a href="https://immich.app">Immich</a> running on a <a href="https://docs.immich.app/install/synology/">Synology NAS</a>, with the <a href="https://tailscale.com">Tailscale</a> package installed on the NAS itself. Accessing Immich meant hitting the NAS IP and port. It's functional, but not great. I wanted a proper subdomain, HTTPS, and no port in the URL.</p> <p>My idea was to run a Tailscale container alongside Immich, use <code>ts serve</code> to terminate HTTPS and proxy traffic, and not touch the existing Immich setup at all.</p> <h3 id="the-tailscale-container">The Tailscale container</h3> <p>Create a new directory for the stack, e.g. <code>/volume1/docker/IMMICH-TAILSCALE/</code>, and create the sub-directories <code>state</code> and <code>config</code>. You should also prepare some files on your computer, that you will upload before running the stack.</p>