Skip to content

Blog

Hosting local https app

Using Caddy for easy self-signed internal certs

Install Caddy on your server.

https://caddyserver.com/docs/install

Edit the Caddy file

sudo nano /etc/caddy/Caddyfile

You'll need to use a different port for https that maps to the Immich port, 2283.

Add the following setting 2282 to use https.

https://192.168.4.173:2282 {
    reverse_proxy http://127.0.0.1:2283
    tls internal
}

You can also do the same with 127.0.0.1:

https://127.0.0.1:2282 {
    reverse_proxy http://127.0.0.1:2283
    tls internal
}

restart the Caddy service

sudo systemctl restart caddy

Trusting the self signed cert

Even though you have an encrypted https connection, the your browser will not recognized the self signed cert as being trusted which can be annoying. To tell your computer to trust your cert do the following

Linux

Copy the Caddy cert to the trusted certs store and update certificates

sudo cp ~/.local/share/caddy/pki/authorities/local/root.crt /usr/local/share/ca-certificates/caddy.crt
sudo update-ca-certificates

You may want to copy the cert to your home location to move it wherever else you need to move it

sudo cp /var/lib/caddy/.local/share/caddy/pki/authorities/local/root.crt ~/caddy-root.crt

Windows

  1. Open the Microsoft Management Console (MMC) Press Win + R to open the Run dialog box. Type mmc and press Enter. This will open the Microsoft Management Console.
  2. Add the Certificates Snap-in In the MMC window, click on File in the top-left corner. Select Add/Remove Snap-in. From the list of available snap-ins, choose Certificates and click Add. Choose Computer account and click Next. Select Local computer and click Finish. Click OK to close the snap-in window.
  3. Import the Certificate In the left-hand panel of MMC, expand Certificates (Local Computer). Right-click on Trusted Root Certification Authorities, then select All Tasks → Import. The Certificate Import Wizard will appear. Click Next. Browse to the location of your .crt file (e.g., the root.crt file from Caddy) and select it. Click Next, then choose Place all certificates in the following store and ensure Trusted Root Certification Authorities is selected. Click Next and then Finish to complete the import process. A confirmation message will appear, stating that the import was successful.
  4. Verify the Certificate Import In the MMC window, under Trusted Root Certification Authorities → Certificates, you should now see your Caddy root certificate listed there. You can double-click the certificate to view its details and ensure it is correctly imported.

Creating an Immich.local URL

I only got this working on the Ubuntu virtual machine itself. For some reason, other devices would not recognize immich.local.

Create a caddy block

immich.local {
    reverse_proxy http://127.0.0.1:2283
    tls internal
}

Install avahi

sudo apt install avahi-daemon

to check avahi advertisement

avahi-browse -a

or 

avahi-browse -art

Install avahi-utils

sudo apt install avahi-utils

then I ran 

avahi-publish -a immich.local -R 192.168.4.173

This got it running locally, but not to other devices on the network.

  • in SQL
  • 1 min read

MS SQL Installation

Just a note to self, that when installing the developer edition of MS SQL, TCP is not enabled, by default, so you cannot connect to the instance via the port, 1433, until you open Sql Server Configuration Manager, find SQL Server Network Configuration and enable TCP/IP. You can now connect.

  • in Linux
  • 1 min read

Sudo Two-Factor Authentication

Two factor authentication for Sudo access gives you an awesome security enhancement so that a hacker still will not be able to use sudo, i.e. admin privileges, even if they have discovered your password.

  • in Flutter
  • 4 min read

Fireship.io tutorial

These are notes I ook on the flutter fireship io tutorial.

To create new project

flutter create --org com.wildetechsolutions myapp

To check flutters compatibility with all build modes, run

flutter doctor --verbose

Using Ubuntu Snap Store

Download Immich Distribution. When finished it will run on port 80, i.e. localhost. The persisted locations are found in

/var/snap/immich-distribution/common

i.e. you'll see the pgsql and upload folder here.

To see the snap variables run

snap get immich-distribution

Using Umbrel

Installing UmbrelOS in VM

Using OracleVM, set up a new machine as usual. You will need to manually select Linux and Oracle Linux (64-bit) and also be sure to Enable EFI.

After installing the medium to the disk the machine will turn off. Change the boot order ot only include the hard disk. Go to storage and click on the installation disk. There is an option to eject the disk on the far right.

You can then navigate to umbrel.local in the browser.