Sorry, I didn’t get a notification for your reply until this morning.

Thanks for the offer, I’d be happy for any notes or advice :)

I managed to get Navidrome and Immich set up last night through subdomains, like music.domain.com and photos.domain.com, using the existing Cloudflare tunnel. They seem to be working properly, but I’m going to check them when I’m out later to make sure that nothing was cached rather than being served live.

One thing I want to look at in the future is local domain names, so music.local etc. and possibly set up certificates to get rid of any warnings about insecure sites. I might switch from AdGuard to PiHole to help with that.

Something that might make you laugh, I got stuck for an hour or so last night trying to connect to Navidrome through the domain name. I could get to the login page, but couldn’t get it to accept my credentials. Substreamer wouldn’t log in either. I looked through pages and pages of search results, forum posts, and manuals, but couldn’t find an answer. Just before I gave up, I copied the address from Firefox to try in another browser, and realised that I’d forgotten the s in https 😫

Please don’t apologise, you and the other commenters have been a massive help :)

It’s sod’s law though, I was supposed to have two pretty much free days yesterday and today, and they’ve turned out to be two of the busiest days I’ve had for a long time. Networking is one of my blind spots, I can never quite get my head around it, so gave myself two days to try to get up to speed and seem to have jinxed myself :D

I’m going to spend an hour or two now playing around with Cloudflare and Navidrome and see if I can get a better grip on it all.

Thanks again for the help :)

That’s great thanks :)

The fact that it can be always on is really helpful, there’s less chance of her forgetting to use it then.

Tailscale only responds to the range of connections that it’s in charge of, so it doesn’t interfere with connecting to normal internet, etc.

This is the other thing that I was concerned about, that everything else would be diverted. Someone else said that it can selectively route apps, and that’s put my mind at ease. I don’t know why, but anything to do with networking gets me mixed up >.<

Thanks for your help, I’m going to have a play with some settings :D

Ah, that’s cool. I’ll give it a try once I’ve had some sleep, it’s been a long day. Thanks for the help :)

I’m a bit dubious about running Tailscale on the family’s devices, as they’re not particularly techy, and will forget to launch it if it isn’t running for whatever reason, and then I get the blame.

Wouldn’t all traffic go through it when it’s running too, or can you select which apps now? They’d mostly be using Android devices.

I thought that Sunshine and Moonlight were for screen sharing? I’ve only ever seen them used for gaming.

I’m still a bit confused with all of this so I might be getting things completely wrong. I thought that I needed to get certificates for anything that I wanted to make public with an URL, and that’s where I thought Caddy came in, but a few of the other replies have said that I can use the Cloudflare tunnel and let them sort out the encryption. That seems like it should be easier for me, as I’ve dealt with it already.

IPv6 isn’t available through my ISP as far as I can tell, they only enable it locally through their router at the moment.

I just replied to your other comment before I saw this one, but I’ll post the reply here too for anyone who’s following the thread :)

The main thing I’m still not sure of is Tailscale. I don’t know if I can just put my services behind an URL for my wife to add to her devices, as she’s unlikely to remember to run Tailscale before she listens to her music, for example.

Sorry, I’ve just replied to another comment before I saw yours. I didn’t realise that Cloudflare could deal with encryption on its own, I thought you needed something like Caddy to get certificates. I found out after seeing the other comment that one of my services running through the Cloudflare tunnel is encrypted, but I couldn’t get it to work in the past. I’m not sure what’s changed, but I’m going to give it a proper look once I’ve had some sleep.

There’s something about the networking side of things that just throws me, and I struggle to get my head around it. If I can get things running through Cloudflare, I’ll be very happy :)

Sorry, I’ve just replied to another comment before I saw yours. I didn’t realise that Cloudflare could deal with encryption on its own, I thought you needed something like Caddy to get certificates. I found out after seeing the other comment that one of my services running through the Cloudflare tunnel is encrypted, but I couldn’t get it to work in the past. I’m not sure what’s changed, but I’m going to give it a proper look once I’ve had some sleep.

There’s something about the networking side of things that just throws me, and I struggle to get my head around it. If I can get things running through Cloudflare, I’ll be very happy :)

Huh, I didn’t know that! I’ve had the Cloudflare tunnel running for quite a while now, and tried getting something set up on https a few years ago, but couldn’t get it to work. I’ve just checked my Ombi service and it is encrypted. I don’t know what’s changed, but I’m going to have another look, thanks :)

Sorry about the slow reply.

This is where I get confused with Tailscale. Doesn’t everything then go through Tailscale, like when you run a VPN? Ideally I just want to be able to connect with a link and save that in the remote app / program, and also avoid having my wife forget to start Tailscale and shout at me >.<

Sorry about the slow reply. Don’t I need to be running Tailscale on the remote device then though? Ideally I want to be able to put a link into whichever app / program and be able to share that link with my wife and kid

Holy shit, I think I love your parents 🤣

I mostly agree, but some small communities, many years ago, would go by oldest, continuing from where you left off last time. That was fantastic for the sort of place where you wanted to read everything for whatever reason. If that could be put in on a community basis, it would be great :)