Docker is probably nice to use, but it’s UI is just so goddamn auful for something that other people think everyone is instantly able to pick up. The massive disconnect between containers, images, instances, or whatever near-synonym that the UI expects you to know, and what they actually do is astounding.
I still have ZERO goddamn idea which port is internal or external in the -p80:80 option because every single fucking guide just has it there and expects you to just magically know which one is what and EVERY LAST ONE just uses the same internal and external port. And good fucking luck looking it up and getting even vaguely relevant results (I’ve tried)
So when something says “oh just use docker-compose …” I groan because I have not one fucking idea what actually happens. Does that create a container? Or an image? Or instance? Which one of those is the template and which one of those is the running code which is identified by a completely meaningless hexadecimal string?
Also how do I back them up? Do I also have to back up EVERYTHING in the container? What if I just want to back up the database? How would I pass through a folder on an external drive? Or do I have to duplicate the hundreds of gigabytes of photos I have for just this container? Are those included in backups if backups are even a thing? What if I can’t store all that on my boot drive? Am I able to move JUST that single container or image or whatever the fuck?
There’s a reason I like running things on bare metal. It’s plenty secure if it’s just for you and also behind additional authentication and put it in its own user like I do. It just fucking works.
okay hear me out: what if you took the time to learn it and learn how it works. literally all of your gripes are solvable one way or another. your ignorance fuels your hatred.
People here don’t dislike concept of AI, they dislike AI companies stealing data and shoving AI where it doesn’t belong. There’s nothing wrong with locally hosted basic facial recognition.
No, it’s powered by Tensorflow, not an LLM. It’s the useful side of AI, basically, also it’s locally hosted. In case you don’t like it, you can disable it. It’s still a great app.
Cleaner how? Systemd services can already provide basically all of the isolation features you could want if that’s what you’re talking about. It’s got namespaces, chroot+bind mounts, per-service dynamically allocated users, syscall filter, capability filter, and so on.
Docker adds a lot of for most uses unnecessary complexity (a huge part of which being the networking). This also sometimes causes problems, for example it messes with netfilter tables which works fine most of the time but can actually do unwanted things like IIRC open ports you didn’t expect to be open because you didn’t open them in your firewall. There’s also how if you use prebuilt images (which you probably do) you’re at the mercy of everyone whose containers you’re using to provide security updates in time.
Of course there’s cases where you actually want something like docker (multi-machine orchestration, spinning up multiple of the same container dynamically depending on load, running people’s arbitrary build environments like in GitHub Actions are a few examples) but a lot of times when people are pushing it it really seems like cargo cult mentality.
You can selfhost it. Good. I thought immich was the only option, but maybe I’ll consider this, too.
Immich requires Docker?? 🙄
Is that bad?
For me
Why?
Docker is probably nice to use, but it’s UI is just so goddamn auful for something that other people think everyone is instantly able to pick up. The massive disconnect between containers, images, instances, or whatever near-synonym that the UI expects you to know, and what they actually do is astounding.
I still have ZERO goddamn idea which port is internal or external in the
-p 80:80
option because every single fucking guide just has it there and expects you to just magically know which one is what and EVERY LAST ONE just uses the same internal and external port. And good fucking luck looking it up and getting even vaguely relevant results (I’ve tried)So when something says “oh just use docker-compose …” I groan because I have not one fucking idea what actually happens. Does that create a container? Or an image? Or instance? Which one of those is the template and which one of those is the running code which is identified by a completely meaningless hexadecimal string?
Also how do I back them up? Do I also have to back up EVERYTHING in the container? What if I just want to back up the database? How would I pass through a folder on an external drive? Or do I have to duplicate the hundreds of gigabytes of photos I have for just this container? Are those included in backups if backups are even a thing? What if I can’t store all that on my boot drive? Am I able to move JUST that single container or image or whatever the fuck?
There’s a reason I like running things on bare metal. It’s plenty secure if it’s just for you and also behind additional authentication and put it in its own user like I do. It just fucking works.
okay hear me out: what if you took the time to learn it and learn how it works. literally all of your gripes are solvable one way or another. your ignorance fuels your hatred.
Okay. Any good guide?
tywele has a great answer, also; sorry for such an abrasive response, wasn’t in a great mood 😅
This helped me greatly in understanding all the different things about Docker/Docker Compose: https://gabrieltanner.org/blog/docker-compose/
I also struggled with the external/internal port thing etc
It isn’t.
There’s also PhotoPrism.
I use it but not having a native app is a downer
I’ve been using Gallery for PhotoPrism for a while now and it’s pretty solid.
iOS pleb here…
Isn’t it the kind of software that most people here don’t like?
Immich also has (local) AI for face recognition.
Most people here don’t like it when other people are training on your photos.
People here don’t dislike concept of AI, they dislike AI companies stealing data and shoving AI where it doesn’t belong. There’s nothing wrong with locally hosted basic facial recognition.
No, it’s powered by Tensorflow, not an LLM. It’s the useful side of AI, basically, also it’s locally hosted. In case you don’t like it, you can disable it. It’s still a great app.
Pass.
Why do you avoid docker? It’s cleaner than installing on your machine directly.
Cleaner how? Systemd services can already provide basically all of the isolation features you could want if that’s what you’re talking about. It’s got namespaces, chroot+bind mounts, per-service dynamically allocated users, syscall filter, capability filter, and so on.
Docker adds a lot of for most uses unnecessary complexity (a huge part of which being the networking). This also sometimes causes problems, for example it messes with netfilter tables which works fine most of the time but can actually do unwanted things like IIRC open ports you didn’t expect to be open because you didn’t open them in your firewall. There’s also how if you use prebuilt images (which you probably do) you’re at the mercy of everyone whose containers you’re using to provide security updates in time.
Of course there’s cases where you actually want something like docker (multi-machine orchestration, spinning up multiple of the same container dynamically depending on load, running people’s arbitrary build environments like in GitHub Actions are a few examples) but a lot of times when people are pushing it it really seems like cargo cult mentality.