Rendered at 04:42:08 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
AussieWog93 4 hours ago [-]
So many comments here about missing end to end encryption, but seriously - why would anyone want this?
Lets say burglars break in and steal your homelab. Because you don't have e2ee, they can see all the photos you saved of your dead grandmother! Oh no!
Or, in the more likely scenario that something happens to your phone, the lack of e2ee means that even if you lost your keys you didn't lose the only memories that remain of your grandma - you just copy across the .jpgs to a new device.
eddythompson80 2 hours ago [-]
It would make hosting a "Family and/or friends" instance possible.
I do go back and forth on the accessibility tradeoffs of E2EE for average people though. In this scenario, lose or forget your key/password and you lose ALL of your photos which are very important to some people. Losing them is pretty catastrophic. Google Photos or iPhotos really gives people a sense of security about their photos.
ps: It would also make it easier to host cloud instances for Immich without encrypting the file system of a remote server/VPS. Especially when renting servers from small-time sellers, I'm always weary about how much I can really trust their employees access control. I know some level of trust is unavoidable with physical access, but how do they handle those disks during maintenance would also be relevant.
drdexebtjl 1 hours ago [-]
I think the point of E2E encryption is that you could host it with a cloud provider and the provider would not be able to see your data. Kind of like how Proton Drive claims it does not know which files you have.
This would force features like semantic search, face detection, video transcoding and thumbnail generation into the clients instead.
Immich assumes trusting the server to have access to your photos is fine. That is always the case when you’re self-hosting.
And I think that’s reasonable, since most users give that trust to Google and Apple.
TalkingCodeMonk 52 minutes ago [-]
Seriously! How do techies and devs of all people not understand that the cloud is someone else's computer, and that the best way to prevent leaks, exploitation, or abuse of user data is to prevent anyone from being able to decrypt it but the end users themselves.
IMO this is the single greatest problem with the selfhosted community; the idea that E2EE is only necessary for passwords and other highly sensitive PII. It should be standard for anything hosted on someone else's computer.
You might argue it's not neccessary for cat photos, but mistakes happen and you can accidentally upload things you don't intend to. You might argue it's not neccessary for games, ebooks or other copyrighted media, but the cloud provider could scan and delete anything you own that matches a hash of copyrighted material, at any time. You can accidentally paste a password, or other sensitive piece of text, into any text field of any website or application, and have it distributed to computers around the world.
E2EE can mitigate against numerous attack vectors, and reduces the surface area and blast radius of most attacks. That also applies to your own computers, if someone steals your hardware or hacks into your network. It is vital in the age of AI where all of your data could be exploited for training and profit, or used against you. The only data that should not be E2EE is situations where it is technically impossible, or the data is explicitly shared as "public" (e.g. the clearnet).
drdexebtjl 27 minutes ago [-]
I don’t agree E2EE is right for everything, and especially not for a personal photo library.
I don’t want to hold the keys to my photo library on someone else’s computer. I want to actually have all the bits and all the hardware in my house. I want to have access to it even if the Internet ends.
Grombobulous 4 hours ago [-]
I think we can imagine a scenario where not all of our photos are non-sensitive.
I also imagine that a true E2EE architecture means you have more flexibility with cloud storage, managed hosting, and off-site backups.
AussieWog93 4 hours ago [-]
I hear ya, I was being a little bit over the top. But I really do think that for every one user who would turn on e2ee and get some genuine benefit out of it, there would be a dozen that turn it on because "encryption good" and accidentally lose all their data.
Grombobulous 3 hours ago [-]
True, e2ee is pretty scary as far as data loss.
Still, good application design can help mitigate that. Apple does it with their e2ee recovery methods, although Ente does rely on a recovery key that you should print out and put in a safe as well as store in other safe locations.
But also, what I love about the E2EE of Ente is that I can securely use a cloud hosted provider but then my home NAS backups are unencrypted.
The Ente desktop app has a continuous export feature where I just leave the application on my main desktop computer and it constantly backs it up to my home NAS. It also does the local machine learning and video streaming encoding processing on the desktop.
So, if I lose my Ente account, no big deal. I get another one and wipe everything and restore from my NAS backup.
I feel like this is the best of all worlds. I get cloud convenience and no real self-hosting burden along with solid ownership of my data.
Perhaps Immich doesn’t bother with e2ee since it’s primarily designed for self-hosting, while for Ente it’s meant to be suitable for both a paid cloud service and self-hosting.
sylens 2 hours ago [-]
Yeah Immich and Ente are going for two different use cases. While Ente can be self hosted, I view it as more of an escape hatch if they ever enshittify vs how I would start off using the service. I like not having to manage ingress for a photos service so my family can use it but others cannot
drdaeman 2 hours ago [-]
I have an use case.
I have a multi-region homelab cluster and I share some photos with my friends in the US and my parents in Russia. I’m auto-uploading full library (basically replacing iCloud/Google Photos) and I can share links to selected photos or albums (a reachable node will be determined by a split-view DNS). All without risks of exposing my full photo archive in case either node gets seized or otherwise compromised.
(Now, this is what I’m trying to do. I set things up, but it’s not really functional at the moment, because Ente is buggy af, and I haven’t yet learned how to rebuild and debug their iOS app.)
gchamonlive 2 hours ago [-]
If they steal your homelab, e2ee doesn't help, it's encryption at rest. E2ee is for rogue devices sniffing the network, which is more or less of a concern depending on your setup. I'd not have unencrypted traffic in my network if I had for instance those shady TV boxes.
drdaeman 2 hours ago [-]
That’s incorrect. E2EE means encrypted data leaves the device, stored encrypted, and server(s) have no keys to decrypt it, only your (or other) client software does.
gchamonlive 1 hours ago [-]
It's encryption both at rest and on transit. At rest there are levels of encryption, at object level or at filesystem level. E2ee for immich would mean the objects are encrypted and transmitting the data is encrypted. If the scenario is the server is stolen, you need encryption at rest. Even at FS level is enough.
AussieWog93 53 minutes ago [-]
Not sure why you're continuing to argue, GP's right.
e2ee means that the encryption keys are stored client-side by the intended recipient. It's not just in transit and in rest.
gchamonlive 40 minutes ago [-]
Freedom of speech
hokumguru 2 hours ago [-]
TLS?
whalesalad 2 hours ago [-]
You solve this by communicating with it via encrypted methods, like HTTPS, and using a storage volume that is encrypted and gets unlocked at boot.
Cider9986 7 hours ago [-]
When I was switching to GrapheneOS from iOS, I decided to self host my photos. I considered Immich, but I settled on Ente because of the encryption. Ente Photos is extremely polished and it's comparable quality to Apple photos.
It's cool they keep the server open and selfhostable instead of only open clients like many e2ee projects do.
I like how you can share an album and anyone can contribute to it without an account. Another cool feature is that you can select photos to lock when you hand your phone to somebody so they can only see the ones you selected without your device unlock.
drdaeman 1 hours ago [-]
> Ente Photos is extremely polished and it's comparable quality to Apple photos.
If only. It can’t even upload photos any reliably (I self-host). I had it simply fail to upload anything for days (it doesn’t provide any diagnostics, gotta figure out how to build and debug it myself), with no apparent reason. That’s despite keeping app in the foreground, on a charger, for hours, with video uploads and ML features all disabled so it was supposed to focus on just the photos. Server side is fine, web-based uploads work without any issues, app just doesn’t. I haven’t figured it out yet.
kristopolous 7 hours ago [-]
for people wondering:
"Ente Photos is a paid service, but we offer 10GB of free storage. You can also >>clone this repository and choose to self-host<<."
Ente Auth is also the best, because it works on any device, including the one you're trying to access (maybe it defeats the purpose of 2FA but sometimes I don't care).
Grombobulous 4 hours ago [-]
I use and like Ente Photos a lot but I’ve never understood the appeal of their other products.
Ente Auth and Locker both seem like limited feature subsets of solutions like 1Password.
Cider9986 5 hours ago [-]
Ente is a cool company, all their products feel polished and I like their marketing mascots.
mock-possum 4 hours ago [-]
I got into Ente because I wanted to create photo upload links on a per-even basis - I can tell all my friends, if you take pics or video tonight, upload it at this URL - and it just works. No app necessary, very simple, very cheap. Then from there, I got the photo backup / archive service because why not.
They really are pretty much just what they appear to be. Im a fan.
WillDaSilva 4 hours ago [-]
For what it's worth, Immich supports this too. You can create an album (for each event), create a shared link, allow public anonymous uploads for the shared link, and then give the link to everyone at the event, and ask them to upload their photos. It can be done from any web browser.
cevn 3 hours ago [-]
I would love to know if there's a way to secure this though. I'm not prepared to have people constantly trying to login to my immich instance so it's only accessible via VPN
sylens 2 hours ago [-]
You can use something like Immich Public Proxy to only expose the /share path of your server and keep the main /api path that has everything else behind VPN
oliyoung 6 hours ago [-]
Immich is such a no-brainer replacement for Apple Photos or Google Photos, combined with VPN like Tailscale, it's almost a drop in replacement
ivanjermakov 5 hours ago [-]
Beware that migrating back from Immich to iCloud/Google is not something Immich cares about. There is no "download all" anywhere, best way is to go to the server and get raw files from there.
They’re literally on a disk drive I can physically touch. I think I can figure out a migration strategy for that.
Panda4 5 hours ago [-]
A download button would be great but the files are already stored on the device you can copy them with a usb or go on the device and upload it directly.
willcmcc 5 hours ago [-]
what do you mean download all? its your server over your files. If you want them, go get them! Or just point google / apple / whatever upload at your library directory.
saintfire 59 minutes ago [-]
Maybe I'm missing something but the linked discussion has a link to a closed issue that links a PR that added the feature you say is missing.
There’s no download all in apple photos either unless they added it
buildbot 2 hours ago [-]
CMD-A then export all X unmodified originals works fine
Terretta 4 hours ago [-]
And yet, the same is true for Apple photos about ease of export:
If you set the pref to keep originals locally, they're all on your drive, in original form, as well as the derived versions including caches of raw to jpeg, resolutions, and edited versions.
That said, Apple Photos does let you export even if only in cloud. Open the library, select all, and File > Export ... > Export Unmodified Originals.
It pauses for a second or two on my quarter million images, but is then happy to comply.
chillfox 5 hours ago [-]
I only wish it would support nested albums (or albums in folders) so it could be an easy replacement for lightroom cloud as well.
I have all of my photos organized like this: `events -> year/month - holiday -> (album_1, ...)`. and: `home town -> year -> (album_1, ...)`. Photos will be in multiple albums, and there will be edits as well. And I need to track the picked/rejected state as well (and filter on it).
Only reason I haven't moved over to Immich yet is because I am struggling to map my photo organization onto it's way of doing things in a way that's nice. So far my attempts have been unwieldy.
l11r 4 hours ago [-]
Are there any side effects of leaving Immich public? I think people overestimate the risks. Just update your stuff regularly, follow simple rules, and set up something like CrowdSec. I know it's simpler to just use Tailscale and similar tools, but recently I see the trend that people don't even consider otherwise.
EvanAnderson 3 hours ago [-]
I'd throw it behind Wireguard, personally. Belt and suspenders.
(I keep meaning to look at it and keep kicking it down the road.)
Panda4 5 hours ago [-]
Is there any side effects of leaving the phone connected to Tailscale VPN all day?
ctippett 1 hours ago [-]
I have a static route configured on my home's gateway that enables any device on my network to access Tailscale. I have Tailscale turned on my iPhone pretty much all the time anyway, but even if I didn't I'd still be able to access services I have hosted that are only accessible on my tailnet.
Grombobulous 3 hours ago [-]
If you are okay with internet exposure on some level, Cloudflare Tunnel is a really fantastic product:
It’s obviously not a magical security layer that eliminates all issues related to public Internet exposure, but in my opinion it is good enough for the average home user.
Oh good callout, I had only tried it for not-giant-upload services.
cevn 3 hours ago [-]
I remember having problems using tailscale vpn 24/7 and pihole on my home network with the phone pointed at the 192.168 address for DNS. Pages would take 5s to resolve and start loading.
Unfortunately, Pihole was less important than Tailscale and I have to put up with mobile ads.
thatsJustBadUX 43 minutes ago [-]
If you're on Android and don't like mobile ads [Morphe](https://morphe.software/) might be worth a look.
KomoD 4 hours ago [-]
Could impact battery usage, possibly?
But the way I do access Immich externally is not with Tailscale directly on my phone but involves exposing a caddy instance, running on a $1 VPS, to the internet.
If requests include a specific very long header (which I randomly made up), it then forwards those requests to my real Immich instance, which runs on my NAS. Headers can be configured within the mobile app. It has worked really well for me so far.
rmunn 2 hours ago [-]
Here's some data. Well, technically anecdata, I suppose.
My phone has been powered on but inactive all night; I charged it to 80% before going to bed, then unplugged it and left it where I can reach it from my bed, as is my habit. (I'm in an Asian timezone, in case you hadn't guessed, so it's morning for me while it's evening in America right now). Its battery is now at 73%. The Android battery report says 6% battery usage from Kindle (makes sense, I started reading a book when I woke up), 0.7% from Signal (haven't sent any messages yet today but have received a few), and 0.3% from Tailscale.
So when you're not using the Tailscale network actively, you'll hardly notice the battery drain.
enoint 1 hours ago [-]
On an older iPhone, my Settings shows 3% going toward Tailscale.
dawnerd 3 hours ago [-]
I leave my phone connected 24/7 and don’t notice any downsides. Only have to disable it on some networks when traveling to make awful captive portals work.
kpozin 5 hours ago [-]
If Tailscale is on, I can't concurrently run a DNS-blocking local VPN, so I see ads in mobile Chrome.
Put a Pihole container on your homelab which you have the Tailscale exit node on and then set it as the forced Tailnet DNS.
ls612 5 hours ago [-]
No lots of people including myself do this for homelab access purposes it just works (tm).
phikappa 11 hours ago [-]
There's a lot of things I spent a ton of time setting up, use once, and then never again. Tons of things that are easy to set up, and provide small benefits every day for a long time. Immich has got to be the thing that I've spent ages setting up, use extremely infrequently but the one time a year I use it I'm so happy I did. Great software.
nickthegreek 9 hours ago [-]
Man, I wish my experience was as nice. I used the proxmox lxc for it and after a 2 months of organizing I had some corruption and didn't have the fortitude to get through the debugging. It might have been related to a big version migration if I remember correctly. It turned me off the stack. The upgrading wasn't as turnkey as I wanted it to be and I dont think the case is different today.
I just want to be able to organize my folders outside of some dumb library system and immich at the time fought that as well.
ravenstine 7 hours ago [-]
I'm not sure I will ever upgrade Immich again. When I upgraded to the next minor version (I forget which off the top of my head), the data migration corrupted my database such that no images would be served. Fortunately I had the old database backed up, so I restored it, rolled back to the older version of Immich, and things were back to normal. I like Immich, but this is not good for software that's beyond the first major version, and also handles archiving people's personal data.
drdexebtjl 6 hours ago [-]
> Fortunately I had the old database backed up
You say this as if it wasn’t Immich itself that backed up the database automatically next to your image files.
I think they’re one of the best self-hosted services when it comes to backup/restore — enabling it by default — and when it comes to migrations — no breaking changes in minor versions after 1.0.
Did you report this issue so I could try and reproduce it?
stavros 6 hours ago [-]
I had an issue where my thumbnails were borked somehow, so I deleted them all. However, I didn't delete the database entries, so they never got regenerated.
I ended up doing that manually, but it's great to see that is now a first class citizen in 3.0.0. I love Immich.
Saris 6 hours ago [-]
In proxmox restoring a backup is really easy, I'm surprised you didn't do that!
senectus1 5 hours ago [-]
if you have a PBS its just incredibly simple.
altran1502 7 hours ago [-]
[dead]
prudhvis 10 hours ago [-]
[dead]
MohamedMabrouk 9 hours ago [-]
Immich is an amazing software. I use it regularly as an alternative along side Google photos. I keep in it large videos that I wouldn't upload normally to Google photos + the snappy experience at home vs Cloud-Bades solution.
psadauskas 6 hours ago [-]
Has the ios photo sync gotten better? I've got 20k photos on my phone, and last I tried it filled up the storage on my phone with the originals, and never completed the process, even after leaving my phone open, unlocked, and the immich app running in the foreground for several days, on the same local network as the server.
I know they were working on it, but haven't kept up, I just want to know if it works better now and I should try again.
Lukas_Skywalker 6 hours ago [-]
I have synced ~9000 photos from my phone in february. That worked pretty well. I was done in about 10 hours. I don't remember whether the originals were downloaded, or whether they were deleted automatically afterwards. Felt like a smooth process though.
eptcyka 5 hours ago [-]
Large file uploads are non-resumable. That is, if you have any videos at a decent bitrate and resolution, you need to be able to upload the whole file in a single session. iOS doesn't make this easy to do via background uploads. I uploaded everything by keeping the app open overnight.
gunapologist99 6 hours ago [-]
Likely more of an IOS issue than Immich issue. Apple doesn't care for apps that make it easier to exit iCloud.
azuanrb 5 hours ago [-]
No, it’s an Immich issue. Not OP, but I was already using Synology Photos. Synology finished syncing my library in two days, while Immich was still syncing after more than a week. I decided it wasn’t worth it after that experience.
Larrikin 5 hours ago [-]
Why are you syncing from your phone instead of your Synology then? Can't you sync from your NAS then just have pictures uploaded as you take them? iOS has a lot of restrictions compared to Android so two days really doesn't feel like a meaningful difference from a week.
Grombobulous 3 hours ago [-]
I’m not an Immich or Synology user but essentially the mobile apps end up replicating your whole structure a little better, at least when I did the iCloud library to Ente import.
I could have done a data download from Apple but essentially leaving the Ente app open and choosing my albums to back up was a “set it and forget it” process.
3 hours ago [-]
brewtide 7 hours ago [-]
Does anyone have any pointers on the best way to import roughly 14 Google takeout chunks into immich?
I've downloaded all the chunks once, only to find them corrupted due to... Their 50gb size and using a browser in theory. One also cannot seem to use wget or alternatives because of the auth / session cookies required via Google takeout.
I've yet to even broach the aspect of importing each giant bundle into immich because I've not had success in even grabbing the takeout files correctly, but would LOVE pointers on the best way of importing the roughly 700gb into the database without it ALL going wrong.
I've had great success with immich running in docker for the past year or so, although I have yet to upgrade to the newest version. Google photos backups have been disabled on my phone for a year or so, but I yet to haul in all of the past years.
Also, anyone know if I can get immich to upload the photos without... Running immich once in a while? Would be great if it just automatically sent them to "my cloud".
Great software.
luke_s 1 hours ago [-]
I went through the same path as you - I think I even landed up with 14 takeout files as well!
Its a bit of a trial, but quite doable. Its likely that things have improved since I did it about 6 months ago.
*Getting the files from takeout*
I tried downloading the files onto my laptop via a browser, and then copying them over to my NAS, but quickly gave up. The best approach is to download them directly to the NAS. As you pointed out auth/cookies is an issue. There are multiple ways of solving the issue, but for me I found the best way was to use chromes dev console network view to identify the network request for each file, then right click on it and select "Copy cURL". SSH into my nas and use that command to download the file. There is a bit more info on how to do this here:
This took a bit of tweaking to get the right set of command line args that worked well for what I wanted it to do. I also found immich errored out a few times during the import. Fortunately immich-go can just pick up the import where it left of, so I kept re-running it until everything was imported.
*Cleaning it all up*
If you just want a huge flat dump of your files your probably good. In my case there were various things I wasn't quite happy about. The default handling of stacking edited images with the originals in albums wasn't what I was after. I wanted to replicate sharing of albums with immich users to match what I had in google photos. For all this kind of cleanup work, I found it quite helpful to work with an AI agent. Give it an API key for your server + the url and get it to help you write cleanup scripts.
cbrews 6 hours ago [-]
If you can get all the images into a filesystem (on a NAS or similar server share), you can use the External Libraries feature in Immich (https://docs.immich.app/features/libraries/). This allows it to crunch through the media files via an async import job (a bit more reliable than having to directly upload via the web api).
In my setup, I exclusively use the external libraries feature, pointed at a read-only share from my NAS mounted onto my Immich server. (The external libraries are set to resynchronize to the database every few hours). This means I can manage all my media assets myself without worrying about Immich accidentally corrupting them, and if I eventually move off Immich, I just have a single folder of media files organized by date to port around.
The only downside is that I don't directly upload any media files directly to Immich, but that's okay. I have Syncopoli sync files from my phones (on a scheduled cadence) to an intermediary server which organizes and cleans exif data from media files before dropping it into its permanent home on my NAS share. No manual steps to get photos from my phone to my Immich instance!
hamdingers 5 hours ago [-]
This is a good usage pattern if you're absolutely married to the file structure you have and/or want to keep using the files where they are.
Not really applicable if what you have is a google takeout dump. Better in that case to import all the photos and let immich handle them moving forward using a tool like https://github.com/simulot/immich-go
eightys3v3n 5 hours ago [-]
Likely not the best approach:
I had ~200GiB. I selected below 10k files at a time to upload in the web UI (selected all 2014, then 2015). It was fine. More than that many and the UI became unusable.
External Libraries seem like a good option.
They have also recently improved the background import in the Android app so I have heard so that might be worth a try.
altran1502 7 hours ago [-]
You can use this tool to get them into Immich, it will parse all the metadata and recreate albums as you have in GPhotos https://github.com/simulot/immich-go
exhilaration 5 hours ago [-]
Oh wow, it recreates the Google Photos albums? That's the first time I've heard of a tool doing that. I've spent a ton of time organizing my Google Photos albums, that's a big reason I stay with it.
etnoy 7 hours ago [-]
immich-go has what you need
conception 6 hours ago [-]
Just a quick note that native windows extract is 32bit and dies on archives gt 4gb. Use 7zip or something to extract in case you happen to be using that one.
thenews 5 hours ago [-]
Immich is amazing, been using it as a backup since my phone is always full
mopsi 9 hours ago [-]
Does Immich support read-only source folders yet? I'd like to keep the original files intact, but allow Immich to index them.
zyberzero 9 hours ago [-]
Yes, at least for a year. There is a ”external library” feature, I think that does what you want.
mopsi 9 hours ago [-]
Thank you! That was not available the last time I checked.
bo0tzz 8 hours ago [-]
It's been available for nearly three years
etnoy 7 hours ago [-]
Yes, using external libraries. It's been a feature for several years. Make it read-only by mounting docker compose read only
kQq9oHeAz6wLLS 5 hours ago [-]
I got annoyed with Immich and external storage, because in order for every user to have their own facial recognition data on a large set of photos, you have to add the folder as external storage for each user, which means image previews for each user, even though the source image is the same. So if you have 3 users, you use up 3 times the space for the same thumbnail image.
It got to where I had 20% of my space was just thumbnails for each user, even though it was one set of images in the external storage.
Maybe that's changed recently.
slipperybeluga 6 hours ago [-]
[dead]
morgan814 4 hours ago [-]
[dead]
DavideNL 9 hours ago [-]
I don't want yet another self hosted service to manage (update, backups, possible hardware failures, energy costs, ups, etc.).
Unfortunately Immich is not end-to-end encrypted. If that would have be the case i'd use https://pixelunion.eu/
Seems like a great app though. So... i'm still pondering what to do :-)
mcsniff 9 hours ago [-]
Okay? So don't use it, use a managed service like Google Photos, Apple Photos, Dropbox, etc where your photos and files might be arbitrarily removed or your access to them limited while they are scanned for disavowed content.
You can also just use a secure transport layer (like WireGuard or a VPN) instead of relying on every project to implement end-to-end encryption.
FabCH 7 hours ago [-]
What do you mean Immich is not end-to-end encrypted? You control both ends, you can encrypt it any way you want…
olejorgenb 6 hours ago [-]
They said they only want to control one of the ends
FabCH 5 hours ago [-]
Fair enough, but the Immich provider they link to also uses SSL and claims to encrypt at rest.
It they don’t consider that e2e encrypted, literally nothing is then…
NikxDa 5 hours ago [-]
Encryption at rest means they have the key. End to end means they don‘t. Huge difference!
Grombobulous 3 hours ago [-]
If you don’t want self-hosted and you want E2EE, Ente Photos is the best solution on the market that I have found.
gonzalohm 8 hours ago [-]
So if you don't want a self hosted service there are tons of cloud providers. Google photos, iCloud, etc. Some people don't want to pay a monthly fee to store their photos or don't want to risk losing something with sentimental value just because a company decides to ban you
brokensegue 6 hours ago [-]
it's really not much to manage assuming you are already doing backups. you ~ pay the energy cost either way.
BeetleB 6 hours ago [-]
Lessons from using self hosted image services years ago:
- Upgrade breaks things. Need to restore from DB, install previous version, etc.
- Need to update frequently (i.e. if I wait 2 years, the upgrade script doesn't work).
- Discovering a corruption months/years later. Some data just lost by that point.
- Backward incompatible changes
Of course, if you need the features, by all means use it. I just want to back up my photos and use FolderSync daily. I have a separate workflow for pruning. As long as FolderSync (or some similar app) exists, I know this flow will work 10 years from now (heck, I've been using it for almost as long). No time spent worrying about upgrading, etc.
hamdingers 5 hours ago [-]
> Lessons from using self hosted image services years ago:
Alternate title: "Outdated lessons I haven't re-evaluated"
BeetleB 4 hours ago [-]
Are you saying there are never backward incompatible changes?
Are you saying there's no need to back up the underlying DB?
Are you saying I can keep an insurance running for, say, three years and it'll be trivial to upgrade after that?
hamdingers 3 hours ago [-]
I'm saying your contribution is outdated and irrelevant, and my primary intention in commenting is to label it as such for any passers-by who might think you're talking about the current state Immich.
That sad, I'm happy to answer your questions. I've run Immich in docker for 3 years with automatic updates through watchtower. Updates are frequent but require no effort from me and have never broken anything, nor is there an "update script" to fail. Nor have I encountered "corruption" at any point. I do back up the database and my photo library.
I'm glad you're happy with your solution, you can share it without disparaging other solutions you're unfamiliar with.
BeetleB 53 minutes ago [-]
I'm glad you're happy with it, and perhaps Immich will continue to remain secure. 3 years is comforting.
I will note that the last solution I used was fine for over a decade before it broke (and eventually the project died). For much of the time I was using it, it was the primary open source self hosting solution.
So one of my criteria is: "If the project dies, can I maintain it?" Obviously, I can't use that approach for everything (limited skills and time) - I do use NextCloud, for instance (which, BTW, is fairly painful for some of the reasons I listed above). But wherever I can (and wherever it's important), it's best to develop your own stack.
Best to think in the long term. But yes, for sure, there are down sides to my approach.
amelius 6 hours ago [-]
> I don't want yet another self hosted service to manage
Isn't system administration a solved problem now with LLMs? At least for these simple problem domains?
tamimio 6 hours ago [-]
You can have immich on truenas that has the whole pool encrypted, same goes with opencloud for other docs/files. Plus all nas backup features, I think it’s a better approach than dealing with each app encryption.
Edit: regarding cloud based backup, besides the usual privacy and security concerns, you can’t guarantee the fixed price, you might subscribe now and pay for a year, next year you have the typical “oops, operation cost are high we have to raise the prices or shutdown” blog post and now you’re stuck again, download, find another, upload, etc.
jrm4 9 hours ago [-]
VPN (or other) Tunnel.
That's the objective answer. There's no mystery here. That's exactly how you get what you want and it's not too hard. Not trying to dunk on you or anyone one but this is an easily solved problem, and I think I want to highlight it like this to make sure everyone understands.
Anything web/internet/network service thing, you can add this on. This composability is important to remember in software, this even goes back to "The Unix Way" type stuff.
ravenstine 7 hours ago [-]
It's also a kind of funny thing how HN has the attitude of "never implement your own encrypted anything" but then demand their apps build in e2e encryption. It may be one abstraction higher, but it's still fundamentally the same problem. With the unfortunate exception of web browsers, if I'm going to use something that performs encryption, then I want encryption to be the only job it has.
PhilipRoman 6 hours ago [-]
How are VPNs related to end-to-end encryption?
nicce 6 hours ago [-]
Their primary purpose is usually encrypt the connection between different endpoints… by creating virtual private networks…
tamimio 6 hours ago [-]
I believe OP meant at rest encryption, meaning, just because someone had an access to your physical drive doesn’t mean they can browse your pics.
slipperybeluga 6 hours ago [-]
[dead]
Jhsto 9 hours ago [-]
You can use https://ente.com/ (it's open-source). It also makes the seemingly much better decision of storing photos in S3.
For self-hosting, “S3” usually just means “S3-compatible.” Although maybe that’s exactly what you meant.
gonzalohm 8 hours ago [-]
The point of Immich is self hosting. Using AWS defeats that purpose
jasonvorhe 7 hours ago [-]
S3 has many open implementations you can self host. Some are quite lean even. Unless you need really complex IAM stuff it's a solid and rather simple experience to run it.
MoonWalk 5 hours ago [-]
This is a good point. I'd rather have something with the S3 option, so I can serve the pages from my house but the images from a speedier source.
gonzalohm 7 hours ago [-]
Yeah but Immich provides a lot more features than just storage
fragmede 8 hours ago [-]
Perfect is the enemy of the good. While there's an ideal case where you're hosting it on a box in your house, that's not for everybody. So while hosting it on AWS doesn't remove every dependency on big tech, at least it's not a full on Google hosted SaaS product.
gonzalohm 7 hours ago [-]
I think "perfect is the enemy of good" is actually an argument against AWS integration. Using S3 as a backend is a lot more complex than using local storage so it would take a lot more time to implement, that's why local storage is good enough
Lets say burglars break in and steal your homelab. Because you don't have e2ee, they can see all the photos you saved of your dead grandmother! Oh no!
Or, in the more likely scenario that something happens to your phone, the lack of e2ee means that even if you lost your keys you didn't lose the only memories that remain of your grandma - you just copy across the .jpgs to a new device.
I do go back and forth on the accessibility tradeoffs of E2EE for average people though. In this scenario, lose or forget your key/password and you lose ALL of your photos which are very important to some people. Losing them is pretty catastrophic. Google Photos or iPhotos really gives people a sense of security about their photos.
ps: It would also make it easier to host cloud instances for Immich without encrypting the file system of a remote server/VPS. Especially when renting servers from small-time sellers, I'm always weary about how much I can really trust their employees access control. I know some level of trust is unavoidable with physical access, but how do they handle those disks during maintenance would also be relevant.
This would force features like semantic search, face detection, video transcoding and thumbnail generation into the clients instead.
Immich assumes trusting the server to have access to your photos is fine. That is always the case when you’re self-hosting.
And I think that’s reasonable, since most users give that trust to Google and Apple.
IMO this is the single greatest problem with the selfhosted community; the idea that E2EE is only necessary for passwords and other highly sensitive PII. It should be standard for anything hosted on someone else's computer.
You might argue it's not neccessary for cat photos, but mistakes happen and you can accidentally upload things you don't intend to. You might argue it's not neccessary for games, ebooks or other copyrighted media, but the cloud provider could scan and delete anything you own that matches a hash of copyrighted material, at any time. You can accidentally paste a password, or other sensitive piece of text, into any text field of any website or application, and have it distributed to computers around the world.
E2EE can mitigate against numerous attack vectors, and reduces the surface area and blast radius of most attacks. That also applies to your own computers, if someone steals your hardware or hacks into your network. It is vital in the age of AI where all of your data could be exploited for training and profit, or used against you. The only data that should not be E2EE is situations where it is technically impossible, or the data is explicitly shared as "public" (e.g. the clearnet).
I don’t want to hold the keys to my photo library on someone else’s computer. I want to actually have all the bits and all the hardware in my house. I want to have access to it even if the Internet ends.
I also imagine that a true E2EE architecture means you have more flexibility with cloud storage, managed hosting, and off-site backups.
Still, good application design can help mitigate that. Apple does it with their e2ee recovery methods, although Ente does rely on a recovery key that you should print out and put in a safe as well as store in other safe locations.
But also, what I love about the E2EE of Ente is that I can securely use a cloud hosted provider but then my home NAS backups are unencrypted.
The Ente desktop app has a continuous export feature where I just leave the application on my main desktop computer and it constantly backs it up to my home NAS. It also does the local machine learning and video streaming encoding processing on the desktop.
So, if I lose my Ente account, no big deal. I get another one and wipe everything and restore from my NAS backup.
I feel like this is the best of all worlds. I get cloud convenience and no real self-hosting burden along with solid ownership of my data.
Perhaps Immich doesn’t bother with e2ee since it’s primarily designed for self-hosting, while for Ente it’s meant to be suitable for both a paid cloud service and self-hosting.
I have a multi-region homelab cluster and I share some photos with my friends in the US and my parents in Russia. I’m auto-uploading full library (basically replacing iCloud/Google Photos) and I can share links to selected photos or albums (a reachable node will be determined by a split-view DNS). All without risks of exposing my full photo archive in case either node gets seized or otherwise compromised.
(Now, this is what I’m trying to do. I set things up, but it’s not really functional at the moment, because Ente is buggy af, and I haven’t yet learned how to rebuild and debug their iOS app.)
e2ee means that the encryption keys are stored client-side by the intended recipient. It's not just in transit and in rest.
It's cool they keep the server open and selfhostable instead of only open clients like many e2ee projects do.
I like how you can share an album and anyone can contribute to it without an account. Another cool feature is that you can select photos to lock when you hand your phone to somebody so they can only see the ones you selected without your device unlock.
If only. It can’t even upload photos any reliably (I self-host). I had it simply fail to upload anything for days (it doesn’t provide any diagnostics, gotta figure out how to build and debug it myself), with no apparent reason. That’s despite keeping app in the foreground, on a charger, for hours, with video uploads and ML features all disabled so it was supposed to focus on just the photos. Server side is fine, web-based uploads work without any issues, app just doesn’t. I haven’t figured it out yet.
"Ente Photos is a paid service, but we offer 10GB of free storage. You can also >>clone this repository and choose to self-host<<."
So both forms...
https://github.com/ente/ente
Ente Auth and Locker both seem like limited feature subsets of solutions like 1Password.
They really are pretty much just what they appear to be. Im a fan.
https://github.com/immich-app/immich/discussions/14365
If you set the pref to keep originals locally, they're all on your drive, in original form, as well as the derived versions including caches of raw to jpeg, resolutions, and edited versions.
That said, Apple Photos does let you export even if only in cloud. Open the library, select all, and File > Export ... > Export Unmodified Originals.
It pauses for a second or two on my quarter million images, but is then happy to comply.
I have all of my photos organized like this: `events -> year/month - holiday -> (album_1, ...)`. and: `home town -> year -> (album_1, ...)`. Photos will be in multiple albums, and there will be edits as well. And I need to track the picked/rejected state as well (and filter on it).
Only reason I haven't moved over to Immich yet is because I am struggling to map my photo organization onto it's way of doing things in a way that's nice. So far my attempts have been unwieldy.
(I keep meaning to look at it and keep kicking it down the road.)
https://developers.cloudflare.com/tunnel/
It’s obviously not a magical security layer that eliminates all issues related to public Internet exposure, but in my opinion it is good enough for the average home user.
Unfortunately, Pihole was less important than Tailscale and I have to put up with mobile ads.
But the way I do access Immich externally is not with Tailscale directly on my phone but involves exposing a caddy instance, running on a $1 VPS, to the internet.
If requests include a specific very long header (which I randomly made up), it then forwards those requests to my real Immich instance, which runs on my NAS. Headers can be configured within the mobile app. It has worked really well for me so far.
My phone has been powered on but inactive all night; I charged it to 80% before going to bed, then unplugged it and left it where I can reach it from my bed, as is my habit. (I'm in an Asian timezone, in case you hadn't guessed, so it's morning for me while it's evening in America right now). Its battery is now at 73%. The Android battery report says 6% battery usage from Kindle (makes sense, I started reading a book when I woke up), 0.7% from Signal (haven't sent any messages yet today but have received a few), and 0.3% from Tailscale.
So when you're not using the Tailscale network actively, you'll hardly notice the battery drain.
https://tailscale.com/docs/integrations/nextdns
I just want to be able to organize my folders outside of some dumb library system and immich at the time fought that as well.
You say this as if it wasn’t Immich itself that backed up the database automatically next to your image files.
I think they’re one of the best self-hosted services when it comes to backup/restore — enabling it by default — and when it comes to migrations — no breaking changes in minor versions after 1.0.
Did you report this issue so I could try and reproduce it?
I ended up doing that manually, but it's great to see that is now a first class citizen in 3.0.0. I love Immich.
I know they were working on it, but haven't kept up, I just want to know if it works better now and I should try again.
I could have done a data download from Apple but essentially leaving the Ente app open and choosing my albums to back up was a “set it and forget it” process.
I've downloaded all the chunks once, only to find them corrupted due to... Their 50gb size and using a browser in theory. One also cannot seem to use wget or alternatives because of the auth / session cookies required via Google takeout.
I've yet to even broach the aspect of importing each giant bundle into immich because I've not had success in even grabbing the takeout files correctly, but would LOVE pointers on the best way of importing the roughly 700gb into the database without it ALL going wrong.
I've had great success with immich running in docker for the past year or so, although I have yet to upgrade to the newest version. Google photos backups have been disabled on my phone for a year or so, but I yet to haul in all of the past years.
Also, anyone know if I can get immich to upload the photos without... Running immich once in a while? Would be great if it just automatically sent them to "my cloud".
Great software.
Its a bit of a trial, but quite doable. Its likely that things have improved since I did it about 6 months ago.
*Getting the files from takeout* I tried downloading the files onto my laptop via a browser, and then copying them over to my NAS, but quickly gave up. The best approach is to download them directly to the NAS. As you pointed out auth/cookies is an issue. There are multiple ways of solving the issue, but for me I found the best way was to use chromes dev console network view to identify the network request for each file, then right click on it and select "Copy cURL". SSH into my nas and use that command to download the file. There is a bit more info on how to do this here:
https://trog.qgl.org/20241001/downloading-a-google-takeout-f...
*Importing them into immich*
Once I had all my takeout files on the nas, I used immich-go to import them: https://github.com/simulot/immich-go
This took a bit of tweaking to get the right set of command line args that worked well for what I wanted it to do. I also found immich errored out a few times during the import. Fortunately immich-go can just pick up the import where it left of, so I kept re-running it until everything was imported.
*Cleaning it all up* If you just want a huge flat dump of your files your probably good. In my case there were various things I wasn't quite happy about. The default handling of stacking edited images with the originals in albums wasn't what I was after. I wanted to replicate sharing of albums with immich users to match what I had in google photos. For all this kind of cleanup work, I found it quite helpful to work with an AI agent. Give it an API key for your server + the url and get it to help you write cleanup scripts.
In my setup, I exclusively use the external libraries feature, pointed at a read-only share from my NAS mounted onto my Immich server. (The external libraries are set to resynchronize to the database every few hours). This means I can manage all my media assets myself without worrying about Immich accidentally corrupting them, and if I eventually move off Immich, I just have a single folder of media files organized by date to port around.
The only downside is that I don't directly upload any media files directly to Immich, but that's okay. I have Syncopoli sync files from my phones (on a scheduled cadence) to an intermediary server which organizes and cleans exif data from media files before dropping it into its permanent home on my NAS share. No manual steps to get photos from my phone to my Immich instance!
Not really applicable if what you have is a google takeout dump. Better in that case to import all the photos and let immich handle them moving forward using a tool like https://github.com/simulot/immich-go
I had ~200GiB. I selected below 10k files at a time to upload in the web UI (selected all 2014, then 2015). It was fine. More than that many and the UI became unusable.
External Libraries seem like a good option.
They have also recently improved the background import in the Android app so I have heard so that might be worth a try.
It got to where I had 20% of my space was just thumbnails for each user, even though it was one set of images in the external storage.
Maybe that's changed recently.
Unfortunately Immich is not end-to-end encrypted. If that would have be the case i'd use https://pixelunion.eu/
Seems like a great app though. So... i'm still pondering what to do :-)
You can also just use a secure transport layer (like WireGuard or a VPN) instead of relying on every project to implement end-to-end encryption.
It they don’t consider that e2e encrypted, literally nothing is then…
- Upgrade breaks things. Need to restore from DB, install previous version, etc.
- Need to update frequently (i.e. if I wait 2 years, the upgrade script doesn't work).
- Discovering a corruption months/years later. Some data just lost by that point.
- Backward incompatible changes
Of course, if you need the features, by all means use it. I just want to back up my photos and use FolderSync daily. I have a separate workflow for pruning. As long as FolderSync (or some similar app) exists, I know this flow will work 10 years from now (heck, I've been using it for almost as long). No time spent worrying about upgrading, etc.
Alternate title: "Outdated lessons I haven't re-evaluated"
Are you saying there's no need to back up the underlying DB?
Are you saying I can keep an insurance running for, say, three years and it'll be trivial to upgrade after that?
That sad, I'm happy to answer your questions. I've run Immich in docker for 3 years with automatic updates through watchtower. Updates are frequent but require no effort from me and have never broken anything, nor is there an "update script" to fail. Nor have I encountered "corruption" at any point. I do back up the database and my photo library.
I'm glad you're happy with your solution, you can share it without disparaging other solutions you're unfamiliar with.
I will note that the last solution I used was fine for over a decade before it broke (and eventually the project died). For much of the time I was using it, it was the primary open source self hosting solution.
So one of my criteria is: "If the project dies, can I maintain it?" Obviously, I can't use that approach for everything (limited skills and time) - I do use NextCloud, for instance (which, BTW, is fairly painful for some of the reasons I listed above). But wherever I can (and wherever it's important), it's best to develop your own stack.
Best to think in the long term. But yes, for sure, there are down sides to my approach.
Isn't system administration a solved problem now with LLMs? At least for these simple problem domains?
Edit: regarding cloud based backup, besides the usual privacy and security concerns, you can’t guarantee the fixed price, you might subscribe now and pay for a year, next year you have the typical “oops, operation cost are high we have to raise the prices or shutdown” blog post and now you’re stuck again, download, find another, upload, etc.
That's the objective answer. There's no mystery here. That's exactly how you get what you want and it's not too hard. Not trying to dunk on you or anyone one but this is an easily solved problem, and I think I want to highlight it like this to make sure everyone understands.
Anything web/internet/network service thing, you can add this on. This composability is important to remember in software, this even goes back to "The Unix Way" type stuff.
https://ente.com/reliability/
For self-hosting, “S3” usually just means “S3-compatible.” Although maybe that’s exactly what you meant.