Just exposed Immich via a remote and reverse proxy using Caddy and tailscale tunnel. I’m securing Immich using OAuth.
I don’t have very nerdy friends so not many people appreciate this.
Just exposed Immich via a remote and reverse proxy using Caddy and tailscale tunnel. I’m securing Immich using OAuth.
I don’t have very nerdy friends so not many people appreciate this.
This is very short sighted. I can think of dozens of things to put on the open internet that aren’t inherently public. The majority are things for sharing with multiple people you want to have logins for. As long as the exposed endpoints are secure, there’s no inherent problem.
And yet you’ve not provided one example, hmmmm
Seriously?
Plex, Jellyfin, VaultWarden, AdGuard, Home Assistant, GameVault, any flavor of pastebin, any flavor of wiki, and the list goes on.
If you’re feeling spicy throw whatever the hell you want onto a reverse proxy and put it behind a zero trust login.
The idea that opening up anything at all through to the open internet is “dumb” is antiquated. Are there likely concerns that need to be addressed? Absolutely. But don’t make blanket statements about virtually nothing belonging on the open internet.
None of those have to be public and can all be accessed with WireGuard. You just proved my point, moron
Why don’t we just throw Lemmy behind wireguard while we’re at it.
Literally anything can go behind a VPN. Doesn’t mean much at all. And the majority of those are commonly left on the open internet for friends and family, which would be annoying af to set up with WireGuard.
I have enough issues dealing with VPN issues in my professional life, I don’t want to have to deal with them in my personal life as well.