After all the amazing reviews and post i read immich I decided to give it a try.
To be honest I am quite impressed, it’s fast and polished, it just works.
But I found a few quirks, and hit a wall with the developer that doesn’t seems kind to listen to users that much (on these issues at least!)
Maybe you guys have suggestions?
Here I go:
One: it does not support base URLs, witch means that I had to spin a dedicated sub domain to be able to access it over internet while all my other services are on a single sub domain. I can work with that, but why. Dev already shut this request down in the past as “insecure”. Which I find baffling. (I mean use mydomain/immich instead of immich.mydomain)
Two: auth cannot be tied to reverse proxy. I get it, it provides OAuth. But it’s much more complex than proxy based auth… And overkill for many cases, mine for sure.
Three: impossible to disable authentication at all, which would just work fine in my use case. There is a switch that seems for that, but no, it’s only for using OAuth.
Four: I cannot find a way to browse by location, only by map. (Locations list seems to be half baked unless I am missing something).
Five: no way to deploy on bare metal, and I tried! due to lack of documentation (only info I found where very very outdated), and no willingness to provide info about that either. Seems that docker is so much better that supporting bare metal is a waste of time.
Six: basically impossible to manage easily public albums. like a public landing page. I get this might be outside immich scope.
Seven: even if now you can import existing libraries, it still does not detect albums withinbthem (sub folders) which is very annoying.
So, overall its a great project and very promising, faster and more reliable than Libre Photos in my use case, but still lacking some basic features that the Dev seems not interested in adding. He developed it to please his wife, I get it :) - no pun intended, doing all this take lots of time, I know.
These are the alternatives I know of:
Photo prism requires a subscription for reverse Geo coding.
LibrePhotos feels sluggish and kind if abandoned.
Are there any others? (Piwigo and Lytchee are great tools, but different kind of tools)
Let’s hope for immich, Dev is working a lit, let’s hope for the best.
I’ve been using it for about a month, and love it.
My one complaint: self-signed certs on reverse proxies seem to break the android app backup. I’m not sure why, but internal CA seems to make things angry. Its more likely to be a local setup issue than anything in immich, but frustrating to pin down.
Why self sign? Use Let’s Encrypt, its free and works just great. That’s what I do
All the traffic is internal, so I can get away with it 🙃
Really was just interested in what cert generation entailed and did a fun little dive a few years back.
I also have internal only traffic, but I still use let’s encrypt. I self signed for a couple of years, but switching to proper certificates made things much simpler and better. Especially on mobile.
I use a combination of my own domain and caddy. and duckdns, since my domain registrar does not have an api caddy can use, but I can point my domain to my duckdns domain and it works 👍
I’m the bad guy that installed my CA where needed lol but nice!
Self signed certs needs to be allowed explicitly. If the app didn’t took those into consideration then there is not much you can do.
Another point against immich I guess if you need self signed.
I will try to support immich actively in the future, even if my free time is really small nowadays.
My current backup strategy is BTSync, which while super easy to get going is a pain in the ass to look up old images. Using direct IP on the app works perfectly, and the DNS lookup only works internally anyways.
All that to say that I’m probably going to use it and remove the btsync approach in a couple months.
Immich is very good for photo backup. I would say it’s it best use. Be aware of the limitations above tough.
I find very annoying not having a bare metal installation way. Will try to make it work in the future maybe.
deleted by creator
Here’s how I generated the CA:
# openssl genrsa -des3 -out my-ca.key 2048 # openssl req -x509 -new -nodes -key my-ca.key -sha256 -days 1825 -out my-ca.pem
I’m sure I’ll receive flak for how I went about it, but importing that pem into the “install certificates” bit of the settings works like a charm.