An Immich LXC came up on community script

An Immich LXC came up on community script (community-scripts.github.io)
from Emanothep@jlai.lu to selfhosted@lemmy.world on 13 Jul 12:15
https://jlai.lu/post/22579833

Hi all,

For all people awaiting for an LXC to self host Immich the time has come. The LXC came up a month ago, sorry if it’s a repost.

#selfhosted

threaded - newest

warmaster@lemmy.world on 13 Jul 12:23 next collapse

New to me, thank you!

perishthethought@piefed.social on 13 Jul 13:17 next collapse

For those like me still learning.

Linux Containers (LXC) is an operating system-level virtualization method for running multiple isolated Linux systems (containers) on a control host using a single Linux kernel.

https://en.m.wikipedia.org/wiki/LXC

NotSteve_@piefed.ca on 13 Jul 16:15 next collapse

They're super useful when running Proxmox. You can create an LXC container and have it booted to a shell in under a minute

corsicanguppy@lemmy.ca on 13 Jul 23:07 collapse

You can create an LXC container and have it booted to a shell in under a minute

Rhel5 on a VM booted in under a minute easily. Rhel6 on a VM booted in around a minute. Rhel7 on a VM booted in almost a minute, and the trend accelerated from there. Wow, is RhelX a piece for its frail-boat booting.

The key is the monolith.

petaqui@lemmings.world on 13 Jul 16:15 next collapse

Thank you! A much needed info

mic_check_one_two@lemmy.dbzer0.com on 13 Jul 23:02 collapse

So it’s Docker with extra steps?

Yoddel_Hickory@lemmy.ca on 14 Jul 00:46 collapse

Fewer steps actually, since it is built into the kernel

ikidd@lemmy.world on 13 Jul 14:05 next collapse

Know what you’re running when you pipe to a bash script. Curl-bash pipes are a security mess.

Sanguine@lemmy.dbzer0.com on 13 Jul 15:52 next collapse

Good advice but ime these helper scripts are legit.

ikidd@lemmy.world on 13 Jul 19:53 next collapse

I’m pretty familiar with TTech’s legacy, I just mention it because if the repos ever got compromised, it could be a shitshow. IDK what security measures the new maintainers use to secure their access or check PRs, but I get nervous when it’s as popular as it is and such a good vector for complicated installations that are hard to check out. I also don’t know the new maintainers from Adam.

Personally, I’d use the scripts as a guide for DIY.

corsicanguppy@lemmy.ca on 13 Jul 23:04 collapse

ime these helper scripts are legit.

Let’s consider a moment the risk you’re subjecting people to, just with a recommendation based on the value of the things you secure without considering what they need to secure.

Sanguine@lemmy.dbzer0.com on 14 Jul 07:52 next collapse

I’m not subjecting anyone to anything. I acknowledged that this practice is risky, however these scripts are maintained by a community of other nerds just like every other open source project you enjoy. If you’re going to use these proceed with the same caution you would anything else on the internet, but in my experience they are safe.

[deleted] on 14 Jul 14:34 collapse

[deleted] on 14 Jul 14:53 collapse

corsicanguppy@lemmy.ca on 13 Jul 22:59 next collapse

Curl-bash pipes are a security mess.

Security mess? Red flag. Avoid.

ick@infosec.pub on 14 Jul 10:21 collapse

I created a little proof of concept last year to highlight some of the risks stoppip.ing

monty33@lemmy.ml on 13 Jul 14:56 next collapse

This looks great! Is there an easy way to migrate from a docker setup to this lxc?

dangling_cat@piefed.blahaj.zone on 13 Jul 15:24 next collapse

Why? Unless you need specific kernel features, Docker is superior because of containerization (runs on host kernel with no overhead), uses less space (layered image), and is easy to set up a complicated network (you want certain apps to run behind WireGuard with reverse proxy? Few lines in yaml).

qqq@lemmy.world on 13 Jul 19:50 next collapse

LXC is containerization. Both it and Docker are using the same kernel APIs.

fox@social.lol on 13 Jul 20:08 next collapse

@dangling_cat @monty33 yes and no.
LXC is a system contenerization, so you can use one lxc container and have whole app, database, redis, etc in one lxc container (and in most cases it’s done like that).
Both solutions (docker and lxc) have pros and cons.
As long as you make your choices based on data and your needs it’s ok.

dangling_cat@piefed.blahaj.zone on 13 Jul 20:42 next collapse

Oh neat! TIL

chonkyninja@lemmy.world on 14 Jul 15:58 collapse

They’re literally exactly the same fucking thing, you can literally go follow the system calls in the docker source repo. Docker just includes some tools for setting up networking and storage as if it were a whole new system.

monty33@lemmy.ml on 13 Jul 22:33 collapse

Currently I’m nesting docker in an LXC. I also believe that the LXC updater would take care of the breaking changes that happen with the complex docker compose changes (hasn’t in several releases but it happens)

MangoPenguin@lemmy.blahaj.zone on 13 Jul 16:21 collapse

Docker is the better option IMO if you already have it set up, much easier to manage.

kebab@endlesstalk.org on 14 Jul 09:15 next collapse

What’s the licensing situation with Immich? Is it still “unlimited trial period”?

truxnell@aussie.zone on 14 Jul 09:45 next collapse

Its 100% free with a totally optional donation. Appreciate there’s been a lot of concern about their partnering with FUTO, but I checked heavily into it and I’m comfortable there won’t be a rug pull.

qaz@lemmy.world on 14 Jul 11:59 collapse

It’s still AGPL afaik

EDIT:

This project is available under GNU AGPL v3 license.

Still is

DontNoodles@discuss.tchncs.de on 14 Jul 12:11 next collapse

I read a lot of good things about LXC and how it was better for such things when I was starting my selfhosting journey an year or so ago. Immich was my need of the hour but I could not find any tutorials to get it done back then and now I know why. Being good and being accessible for noobs are two different things.

Leax@lemmy.dbzer0.com on 14 Jul 12:25 collapse

Great to hear, thank you!