zlacker

[return to "Self-hosting my photos with Immich"]
1. trizic+QMj[view] [source] 2025-12-06 06:19:03
>>birdcu+(OP)
There is something to be said about NixOS, it really is a matter of setting `services.immich.enable = true;` in a configuration file. I find this really powerful and simpler than docker and docker-compose. But don't get me wrong, I am all for containerization when it comes to other OS/distros. Yes, there is a learning curve for the Nix language and creating your own packages. But anyone who can install a distro can install NixOS. Instead of running your apt/dnf/pacman commands, you edit a file with your package names and services you want to enable, and run `nixos-rebuild switch`. Though, you might find standalone binaries such as uv and its portable Python bundles don't work out the box, there is a a few lines configuration to get it working. Having a single language for configuring all services/applications (neovim,nginx,syncthing,systemd, etc) is refreshing. And of course combined with generative AI, you can set up a lot quickly.

Immich is one of the only apps on iOS that properly does background sync. There is also PhotoSync which is notable for working properly with background sync. I'll take a wild guess that Ente may have got this working right too (at least I'd hope). This works around the limitation that iOS apps can't really run as background apps (appears to me that the app can wake up on some interval, run/sync for a little and try again on the next interval). This is much more usable then for example, the Synology apps for photo sync, which is, the last time I tried, for some reason insanely slow and the phone needs to have the app open and screen on for it fully sync.

Some issues I ran into is the Immich iOS app updating and then being incompatible with the older version of the server installed on my machine. You'd have to disable app updates for all apps, as iOS doesn't support disabling updates for individual apps.

In my specific scenario, the latest version of Immich for NixOS didn't perform a certain migration for my older version of Immich. I had to track down the specific commit that contained the version of Immich which had the migration, apply that, then I was able to get back to the latest version. Luckily, even though I probably applied a few versions before getting the right one, it didn't corrupt the Immich install.

◧◩
2. kalaks+tOj[view] [source] 2025-12-06 06:43:15
>>trizic+QMj
I'm running NixOS on some of my hosts, but I still don't fully commit to configuring everything with nix, just the base system, and I prefer docker-compose for the actual services. I do it similarly with Debian hosts using cloud-init (nix is a lot better, though).

The reason is that I want to keep the services in a portable/distro-agnostic format and decoupled from the base system, so I'm not tied too much to a single distro and can manage them separately.

◧◩◪
3. quag+ZOj[view] [source] 2025-12-06 06:51:00
>>kalaks+tOj
How do you update the software in the containers when new versions come out or vulnerabilities are actively being exploited?

My understanding is that when using containers updating is an ordeal and you avoid the need my never exposing the services to the internet.

◧◩◪◨
4. wwarek+gPj[view] [source] 2025-12-06 06:57:12
>>quag+ZOj
> How do you update the software in the containers when new versions come out or vulnerabilities are actively being exploited?

You build new image with updated/patched versions of packages and then replace your vulnerable container with a new one, created from new image

◧◩◪◨⬒
5. teeker+G2k[view] [source] 2025-12-06 10:12:49
>>wwarek+gPj
Am I the only one surprised that this is a serious discussion in 2025?
◧◩◪◨⬒⬓
6. Adrian+q6k[view] [source] 2025-12-06 11:04:56
>>teeker+G2k
Perhaps. There are many people, even in the IT industry, that don't deal with containers at all; think about the Windows apps, games, embedded stuff, etc. Containers are a niche in the grand scheme of things, not the vast majority like some people assume.
◧◩◪◨⬒⬓⬔
7. teeker+F9k[view] [source] 2025-12-06 11:44:41
>>Adrian+q6k
Really? I'm a biologist, just do some self hosting as a hobby, and need a lot of FOSS software for work. I have experienced containers as nothing other than pervasive. I guess my surprise is just stemming from the fact that I, a non CS person even knows containers and see them as almost unavoidable. But what you say sounds logical.
◧◩◪◨⬒⬓⬔⧯
8. WarOnP+lYk[view] [source] 2025-12-06 19:00:29
>>teeker+F9k
I'm a career IT guy who supports biz in my metro area. I've never used docker nor run into it with any of my customers vendors. My current clients are Windows shops across med, pharma, web retail and brick/mortar retail. Virtualization here is hyper-v.

And it this isn't a non-FOSS world. BSD powers firewalls and NAS. About a third of the VMs under my care are *nix.

And as curious as some might be at the lack of dockerism in my world, I'm equally confounded at the lack of compartmentalization in their browsing - using just one browser and that one w/o containers. Why on Earth do folks at this technical level let their internet instances constantly sniff at each other?

But we live where we live.

[go to top]