c-l/immich-public-proxy
1
0
Fork 0
mirror of https://github.com/alangrainger/immich-public-proxy.git synced 2024-12-28 03:41:58 +00:00
Code Releases Activity
Share your Immich photos and albums in a safe way without exposing your Immich instance to the public.
24 commits 2 branches 27 tags 755 KiB
TypeScript 57.4%
EJS 19%
JavaScript 17.2%
CSS 4%
Dockerfile 2.4%
Find a file
Alan Grainger 0d3d6f4989 Update mobile view
2024-10-29 19:49:21 +01:00
dist Don't return trashed assets 2024-10-29 19:22:18 +01:00
public Update mobile view 2024-10-29 19:49:21 +01:00
src Don't return trashed assets 2024-10-29 19:22:18 +01:00
views Fix responsive viewport 2024-10-29 10:49:54 +01:00
.env.example Add caching 2024-10-29 16:15:34 +01:00
.eslintrc Convert to Typescript 2024-10-28 09:56:11 +01:00
.gitignore Initial commit 2024-10-28 09:08:16 +01:00
docker-compose.yml Update Docker command 2024-10-29 15:57:43 +01:00
LICENSE Add license 2024-10-28 10:26:27 +01:00
package-lock.json Add gallery 2024-10-28 20:47:14 +01:00
package.json Rebuild 2024-10-29 15:55:12 +01:00
README.md Update docs 2024-10-29 16:31:21 +01:00
tsconfig.json Convert to Typescript 2024-10-28 09:56:11 +01:00

README.md

Immich Public Proxy

Immich is a wonderful bit of software, but since it holds all your private photos it's best to keep it fully locked down. This presents a problem when you want to share a photo or a gallery with someone.

Immich Public Proxy provides a barrier of security between the public and Immich, and only allows through requests which you have publicly shared. When it receives a valid request, it talks to Immich locally via API and returns only those shared images.

It exposes no ports, allows no incoming data, and has no API to exploit.

The ideal setup is to have Immich secured privately behind VPN or mTLS, and only allow public access to Immich Public Proxy.

How to install

  1. Clone the repo:
git clone https://github.com/alangrainger/immich-public-proxy.git
  1. Create a .env file to configure the app.
IMMICH_URL=http://localhost:2283
API_KEY="Get this from your Immich Account Settings page"
SERVER_URL=https://shared.example.com
SERVER_PORT=3000
CACHE_AGE=2592000
  • IMMICH_URL is the URL to access Immich in your local network. This is not your public URL.
  • SERVER_URL will be the public URL for accessing this Immich Public Proxy app.
  • CACHE_AGE by default, assets will be cached for 30 days. Set this to 0 to disable caching.
  1. Start the docker container:
docker-compose up -d
  1. Set the "External domain" in your Immich Server Settings to be the same as your SERVER_URL:

Now whenever you share an image or gallery through Immich, it will automatically create the correct public path for you.