Figured I’d ask here as thought self-hosters would care most about looking after their photos.

What do you do with friends’ photos you’d like to keep hold of? Maybe there’s a pic on a chat app or they’ve sent you a link to an album on google photos.

Would you just throw into your own pile of photos or do you carefully adjust metadata to indicate who took them? Just use dirs to separate them from your own? Interested in any and all thoughts.

  • thedbp@feddit.dk
    link
    fedilink
    English
    arrow-up
    15
    ·
    4 months ago

    Love immich, you can make seperate accounts and do quite fine grained access controll and the search feature is da bomb

    • Ek-Hou-Van-Braai@piefed.social
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 months ago

      Thats nice but I wish it had E2E encryption.

      I don’t like that I can see everyone’s photos that use my immich server.

      Not that I’d look, but I can if I wanted to, and that’s why I only use my server for family

      • SayCyberOnceMore@feddit.uk
        link
        fedilink
        English
        arrow-up
        9
        ·
        4 months ago

        I commented elsewhere here, but E2E encryption is just between the server and the end user (ie a VPN)

        You’re thinking about encryption at rest, on the storage.

        Immich would have to setup a whole new design to be able to store all the metadata on a per-user basis… but… you could have multiple Immich instances if you were to host it for your friends, but I think we’re drifting into “why bother” now…

        • chaospatterns@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 months ago

          Encryption at rest just means the data itself is encrypted when stored on disk and the key is somewhere. It doesn’t dictate that the key is not visible to the server.

          Encryption in transit refers to an encrypted channel from client to server.

          E2E encryption usually refers to encryption from one entity to another where any intermediary servers do not have the ability to decrypt

          Source: too many years doing application security at my job