Specific to windows then?
Edit: sorry, apparently not specific lol the CVE is specific to windows
Specific to windows then?
Edit: sorry, apparently not specific lol the CVE is specific to windows
Yupp! Set up folders, enable on multiple computers; baby, you got a stew going
BT Sync no longer in vogue here? That’s what I’ve used to both sync and distribute certain things. Used to use it for my image backup until immich came along and stole my heart. Still use it for phone backups
vault101 was retired a few years ago and migrated to vault111
Here’s how I generated the CA:
# openssl genrsa -des3 -out my-ca.key 2048
# openssl req -x509 -new -nodes -key my-ca.key -sha256 -days 1825 -out my-ca.pem
I’m sure I’ll receive flak for how I went about it, but importing that pem into the “install certificates” bit of the settings works like a charm.
I’m the bad guy that installed my CA where needed lol but nice!
My current backup strategy is BTSync, which while super easy to get going is a pain in the ass to look up old images. Using direct IP on the app works perfectly, and the DNS lookup only works internally anyways.
All that to say that I’m probably going to use it and remove the btsync approach in a couple months.
All the traffic is internal, so I can get away with it 🙃
Really was just interested in what cert generation entailed and did a fun little dive a few years back.
I’ve been using it for about a month, and love it.
My one complaint: self-signed certs on reverse proxies seem to break the android app backup. I’m not sure why, but internal CA seems to make things angry. Its more likely to be a local setup issue than anything in immich, but frustrating to pin down.
My approach was to set it all up internally, create a wireguard VPN accesspoint and only open that up. That way I don’t have as much to worry as much within the network (still use generated passwords for things) and able to access it anywhere.
Granted, you asked about opening up to the www. I’d suggest buying a domain through cloudfront, setting up an nginx instance that proxies traffic (think nextcloud.mydomain.com), and have it only accept connections from cloudfront servers.
That allows you SSL termination, pretty good bot coverage, and a nice domain name to share as needed.
Might just be the media I was using, but every caption language loaded on screen and couldn’t be turned off after the update lol it was quite the book on screen