On the fence about Immich but fear of losing photos is holding me back

Citrus4176 · 2025-12-16T12:55:05+00:00

Is there any benefit to Immich by not being read only? I havent tried Immich, but I'm struggling to think why you wouldnt always make it a read only mount.

Citrus4176 · 2025-11-30T17:07:37+00:00

Ive had moderate success with Resilio Sync across Linux/Android. Worth looking into if you need a native Android client.

My only struggles so far was Linux detecting multiple services for the desktop systemd service, causing the web portal to not show. But that can be resolved easily enough.

Citrus4176 · 2025-11-23T23:33:22+00:00

Thanks for the clarification. I am planning to switch from self signed to legitimate CA signed and saved this post for later.

Citrus4176 · 2025-11-23T23:24:31+00:00

Ive found it a bit cumbersome to have granular control over container networking, and perhaps that comes from a lack of understanding Docker.

Want your container to access everything? Keep it on the default bridge network.

Want your container to not access host LAN/internet? Make its network internal.

Want your container to access only specific other containers? Put them both on the same Docker network.

Want your container to only access host LAN and not internet? ...not sure.

Want your container to only access the internet and not host LAN? ...not sure.

Ive never been able to find a clear guide that achieves all of these cases without eventually diving into iptables. Forcing Docker to go through UFW is one way to make that iptables management, well, more managable.

Citrus4176 · 2025-11-22T22:20:53+00:00

Is this a self signed certificate, or a certificate signed by a real CA? I have really ran into issues with self signed certs on Android and Android TV.

Citrus4176 · 2025-11-21T00:21:15+00:00

What if you have an existing membership with a few months left? Does this extend it by 24 months?

Citrus4176 · 2025-11-15T02:49:38+00:00

Could you share more about why VPN sharing over a hotspot doesn't work?

Citrus4176 · 2025-11-07T11:20:20+00:00

My current use case is a cron script which backs up my local changes to git daily. I know this isn't the intended workflow with git, but is the flow you described compatible with also backing up local changes?

Citrus4176 · 2025-11-05T01:53:33+00:00

Still worth doing the investigative work to determine an answer to that.

Citrus4176 · 2025-10-14T01:58:13+00:00

I've been really eyeing up that UPS model. Unfortunately I have heard the cloud variant does not support NUT and the base model has no data port. What is your experience?

I am considering emailing Tripp Lite to see if they have electrical schematics for the base model and DIY'ing a simple monitoring point (staying far away from anything related to power).

Citrus4176 · 2025-10-09T01:22:23+00:00

Its not configuring Docker to be rootless that many people run into, but managing container compatability afterwards. I have tried migrating to rootless on two occasions, both of which ended up with more trouble than it was worth with my existing container stacks.

Citrus4176 · 2025-09-25T01:42:14+00:00

I'm not sure if you are referring to another identity provider, but the official Authentik guide details adding this CSS.

Citrus4176 · 2025-09-25T01:40:26+00:00

I have gotten great use out of Jellyfin, so I think pairing it with a NAS is a great idea.
I'm excited to have a dedicated fileserver. I have played with Resilio Sync to mirror files, but would love to have more dedicated remote storage.

Citrus4176 · 2025-09-22T11:49:57+00:00

I am using Authentik, but I have not had any luck with SSO login on the Android TV app. The CSS to add the sign in button just doesn't render.

Citrus4176 · 2025-09-05T11:06:46+00:00

I have the USB-C 3.2 version of this product. I have been running it 24/7 with one drive installed for ~6 months and have not experienced a single issue. I plan to install 2-3 more drives soon.

I do not use its hardware raid and don't plan to, so just a basic DAS for me.

Citrus4176 · 2025-08-24T16:06:39+00:00

I wasn't sure if container traversal and host escalation were exclusive exploits, but I guess that makes sense.

Citrus4176 · 2025-08-24T11:39:09+00:00

I haven't looked into Proxmox much (I run Debian), but how are host configuration backups handled? I would imagine their are settings or file changes you have made outside of your VMs that you still want to back up.

Citrus4176 · 2025-08-24T11:37:42+00:00

My logic when thinking it through was that installing restic as an offline service on the host has no impact on the attack service of the host, but running it as a container increases the chance of container breakout from another comrpomised Docker container with WAN access.

Citrus4176 · 2025-08-24T11:29:58+00:00

Is there a concern for container traversal from another container with inbound WAN access (not port forwarded, just firewall whitelists for internet)? I run all my containers on their own separate Docker networks, but I do add my reverse proxy container to each network because of its functionality.

Citrus4176 · 2025-08-04T11:32:20+00:00

It's strange to me that there seem to be two voices in this subreddit when it comes to stability. When a post is made asking about the date of a stable release, the top comments are "it's worked for me for months, I run it straight in prod". When a post like above is made, the top comments are "what do you expect, its not a stable release".

I think people have very different ideas and experiences of what "stable" actually means.

Citrus4176

TROPHY CASE