this post was submitted on 18 Jul 2024
156 points (97.0% liked)

Selfhosted

40438 readers
424 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Welcome to version v1.109.0 of Immich. This release introduces an additional way for you to support Immich financially as well as bug fixes for various issues. Some of the highlights in this release include:

Immich license pricing is $25 per user or $99 per server for a lifetime license.

you are viewing a single comment's thread
view the rest of the comments
[–] Lem453@lemmy.ca 2 points 4 months ago (1 children)

Https is end to end encryption and doesn't need to be on their road map

Encryption at rest could be an option but seeing as how many other projects have trouble with it (nsxtcloud), its probably best to have this at the fike system level with disc encryption

[–] jet@hackertalks.com 13 points 4 months ago

Small nit: Https is transport layer encryption, not commonly considered end-to-end encryption.

For the end-to-end encryption model to work, the data must be encrypted entirely from the sender to the recipient. In the model of immich That's yourself.

But you're right, I should have been clearer, client-side encryption, encryption at rest are better terms. But I don't want the server to ever see the unencrypted data ideally unless I am physically there requiring it to do so.