Until recently she worked in Washington DC in a role fairly anonymous to the public.
In the summer she got transferred to another state heading up a local office. One of the newfound duties is being the public face of this Law Enforcement organization. She has already been identified in the local media, so she is no longer anonymous.
Unfortunately, the state she lives in does not protect the personal information of law enforcement officials so anyone can look her up to find where she lives, etc.
I’ve got some 20,000 images in Google photos, organized in albums, that I’ve sent links to my family to meander through.
There is a webpage with links to each and every album. In the past it was password protected, but when I reconfigured my website, I didn’t put the password back on. The page is not linked anywhere other than my family, but I’m confident it’s been mapped by all the bots running around.
My daughter is in many of these images and is now concerned about the exposure.
I’ve offered to delete all the images and host them locally and that is what this message is about.
I’ve got a desktop computer running Ubuntu server with Docker/Portainer handling the packages which is interfaced to the world via Traefik and Cloudflare.
So, I’m thinking of standing up a photo hosting application, but the question is which one.
I’ve been sharing on Google Photos (RAW files are on USB HDD, only curated JPGs are shared) for 10+ years, mostly to my bigger family only. The recent discontinued free storage had me switched to hosting my own.
I considered a few, including Piwigo, finally went with Immich, also using CloudFlare tunnel to protect my Ubuntu server. Immich looks almost identical to Google Photos, with lots of active devs. It’s still new so there’s a huge queue of tickets and PRs in its github repo, but it’s very stable at the moment. Development is rapid so I believe it will even get better fast.
The Ubuntu server is just an old Dell 7567 gaming laptop, SATA SSD + M2 SSD, 16GB RAM, and GTX 1050Ti, more than fast enough for Immich. I haven’t tested its iOS app, but I do have its Android app on my phone, works really well (even have advanced option to set CF service token in headers).
Once feature I really like is local Machine Learning integration for searching, enabled by default. I can select which model to run, trading off accuracy for speed. The GTX 1050 Ti is beefy enough to run object/face detection/recognition quickly. I’ve been looking into auto-tagging in darktable for years, but darktable doesn’t scale well with too many albums. Immich is the perfect tool, object-detection for automatic tagging, and face-recognition, all managed locally for max privacy. I can now search for “squirrel”, or “flowers”, or “airplane”, or names … easily. My family now can access the whole collection from anywhere securely (put Google OAuth2 in front of my domain).
You can also use Google Checkout to export all your photos/albums to zip files, Immich has a CLI tool to import them automatically.
Here’s my usage so far, still in the process of importing my collection.
+1 for Immich. Photoprism is good too, but I found it nowhere near as good as Immich.
You could use Tailscale or something to limit access to it, but personally I would just leave it open to the internet, so far I think they have suffered 0 authentication exploits and seems safe. Being password protected will already be an upgrade over your current situation.
FWIW, I did consult both Gemini Pro and ChatGPT. They not only described what each project is, but also compared Piwigo and Immich side-by-side with pros and cons for each. I also asked about long-terms sustainability and development, licensing model, …
Gemini Pro helped me through the whole setup process, including setting up Immich Docker containers, combing my SATA and M2 drives under LVM, setting up CloudFlare tunnel and security policy. It also helped me created a restricted nginx proxy to safely serve albums shared via links without exposing Immich’s functionalities.
I did argue with Gemini back and forth, raising my doubt/questions and misunderstandings, pin-pointing which security model would be best (firewall, VLAN, …). Of course, it’s lagging behind in terms of latest API, so I had to dig into the Immich documentation myself, but Gemini was super helpful, especially for learning new concepts. In the end, I am still the one making the decision, but Gemini helped providing information and things to consider.
Learned so much through the process. It’s like having a personal tutor/adviser that doesn’t get annoyed as I keep asking similar questions in different ways to confirm my understanding.
In terms of coding, Lego is a good analogy. I used to design the model and build the basic blocks myself. Now with the help of AI, I can focus on designing the model, AI can help me build the basic blocks much much faster. I still need to read, understand, and verify that the blocks are exactly what I want. There’s no doubt that AI boosts my productivity to a whole new level, and it’ll only get better. We have to embrace and leverage it, or risk falling way behind.
If you want to use it, go for it. As for here, we are people helping other people. If you want AI answers, you can get them, we are not interested. You can read more here No more AI answers, please
I’m currently experimenting with a hugo gallery, based on Galleries Deluxe, with custom modifications (yes, guilty of using an LLM for those – mostly responsive design (providing scaled versions of the images, loaded based on viewer size)).
I guess one could simply use .htaccess to password protect some directories.
I’ll spin up an Immich container. Need to research interfacing with Traefik and Cloudflare, but it should be similar to the other two forward facing apps I’ve got running.
I tested PhotoPrism a while back and found it to be a resource hog, both space and computationally. The HP Elitedesk I’ve got running my stuff isn’t the most powerful thing in the world, and so I’ve got to be mindful of that.
Another option, nextcloud container. I use clouldflare tunnel to expose it. With nextcloud you can share the files (eg Google drive) or the images via Memories (eg Google photos).
Hi, you already had several answer and advises about FLOSS online photo manager but I’ll drop mine as well
I use a self hosted photo manager called Lychee, I choose this one because :
It’s the appearance is nice and clean
Once set up it’s really easy to manage and flexible (albums with sub-albums possible)
The privacy per-album is really easy to manage with several options like simply hidden (just accessible by direct link) and/or password protected.
My instance run on a raspberry py 2B and it’s really fast while browsing but mass adding pictures can take some time to process when scaling from pictures with big resolution. ( to avoid that I prepare scaled down files with my local main DAM on my desktop)
If you know how to use an API, you could take a look at their docs:
You can create an API Key and then create a script that:
lists all albums
lists all users
foreach album add all users(except the owner) to it
Besides that I don’t have any other ideas. I try to create an album per topic, instead of per folder. 750 is indeed a bit hardcore to go one by one assigning users
I’ve been considering Immich. A collection may be shared using Tailscale according to the company. There is a free tier of Tailscale that may be all you need.
As it turns out, Piwigo doesn’t like spaces in file names or folders.
It refused to import 2/3 of my image inventory. There are, allegedly, some work arounds, but I still couldn’t get it to read the remainder of the images.
So, now I’m trying Photoprism.
All I can say is thank goodness for Docker/Portainer and ChatGPT. It’s much easier to stand stuff up to try.
Are you using the FTP sync method? I’ve used plenty of spaces in names and albums but I use the Darktable export plugin 99% of the time and mobile upload the other 1%:
For files, nextcloud is okay