I’m the bad guy that installed my CA where needed lol but nice!
brvslvrnst
- 0 Posts
- 5 Comments
Joined 4 years ago
Cake day: October 21st, 2020
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
My current backup strategy is BTSync, which while super easy to get going is a pain in the ass to look up old images. Using direct IP on the app works perfectly, and the DNS lookup only works internally anyways.
All that to say that I’m probably going to use it and remove the btsync approach in a couple months.
All the traffic is internal, so I can get away with it 🙃
Really was just interested in what cert generation entailed and did a fun little dive a few years back.
I’ve been using it for about a month, and love it.
My one complaint: self-signed certs on reverse proxies seem to break the android app backup. I’m not sure why, but internal CA seems to make things angry. Its more likely to be a local setup issue than anything in immich, but frustrating to pin down.
Here’s how I generated the CA:
# openssl genrsa -des3 -out my-ca.key 2048 # openssl req -x509 -new -nodes -key my-ca.key -sha256 -days 1825 -out my-ca.pemI’m sure I’ll receive flak for how I went about it, but importing that pem into the “install certificates” bit of the settings works like a charm.