So there’s a storage protocol called “S3” (I wanna say it stands for simple scalable storage?), first created by Amazon for AWS. Many types of software, including backup programs, have been designed to use it as a storage backend. There are now many S3 compatible providers, last I looked the best value was backblaze B2.

You need a backup program with end-to-end encryption, S3 compatibility, and whatever other features you like. I use restic but it’s CLI only, there’s also borg backup and many others.

If you encrypt locally with a good key, you don’t have to trust the remote storage provider. They just see a bunch of meaningless noise. Just don’t lose the key or your backup is useless.

lol raid1c10

Oh cool, this is exactly what I was looking for! Thanks :)

Performance is all but irrelevant in this case

It’s a 4gb pi4, think it could boot from ZFS?

I like the DNS on the router idea, I’ll look into it. I do have some split DNS set up as well as adblocking lists (technitium). Not sure what my router can do.

Edit: autocorrect got me

Yeah, I’m getting a pretty strong consensus here that an SSD is the way to go. I’ve also had at least one SD card die on me, and because I didn’t have backups it was pretty inconvenient. Had to recreate my homeassistant setup from scratch.

I get the config only backup, but when I have a mondohuge nas available and we’re dealing with like less than 100 gigs, why not just take a full disk image?

Well, this is my DNS server which means if it’s down the internet is down and I can’t resolve hostnames to ssh into. I know that can be worked around, but I’d really like a quick and easy fix that I could even talk someone through over the phone if I had to.

My real backups are squared away, no worries. Nightly automatic restic snapshots, one to an external drive on this very pi and another to a NAS at my parents’ house.

I’ve also been using BTRFS for awhile, and recently I’ve been getting into zfs which IMO does a better job of handling large software raid arrays. They’re both pretty great!

Yeah, I definitely won’t be buying a new pi anytime soon for exactly that reason but I’ve had this one for awhile and would prefer to do something useful with it.

I have a decent Samsung card in there now, it might survive. Can’t remember what brand the one that failed was, but I don’t tend to buy crappy ones

That’s true, just booting from an SSD would be a lot more reliable and simple.

• you do not need kubernetes
• you do not need anything to be „high availability”, that just adds a ton of complexity for no benefit. Nobody will die or go broke if your homelab is down for a few days.
• tailscale is awesome
• docker-compose is awesome
• irreplaceable data gets one offsite backup, one local backup, and ideally one normally offline backup (in case you get ransomwared)
• yubikeys are cool and surprisingly easy to use
• don’t offer your services to other people until you are sure you can support it, your backups are squared away, and you are happy with how things are set up.

That’s not really what a UPS is designed for, they’re meant to last minutes. Long enough for a clean shutdown or to start a generator.

You’d want something like a whole house battery backup instead.

If you can avoid it, don’t open ports in your firewall, don’t publish your home IP address, and keep everything behind a VPN. If only you and your family will be using these services, go with Tailscale or one of its competitors. Otherwise, VPS or cloudflare tunnel/competitor.

If they have an email address they can send a license key

I’m just trying to understand what you’re upset about. Immich is released under one of the most user-protecting licenses out there, without a CLA, and every communication from everyone on the dev team has emphatically committed to keeping it that way. You’re over here saying “yeah but they might change it some day” and sure, maybe, but it would be a gigantic pain in the ass, there’s no indication they plan to do so, and you could say the same thing about literally any other open source project. And even if they did change it, we’d still have the most recent GPL version to fork! What more could you possibly want? All that’s left is a guarantee of ongoing maintenance, which I’m sorry but you are not entitled to that.

Edit: and the best way to ensure ongoing maintenance is to fund the project. Devs gotta eat.

Ok, that’s totally fair. Your needs are valid, but most of us just want a self-hosted google photos replacement that’s good enough our families won’t complain. Just being self hosted improves security and privacy immensely; E2EE would be an incremental improvement in this regard while having major drawbacks for usability.

… at which point we could still fork the project from before the license change and continue on our merry way.

If you expect ongoing maintenance, are you saying you feel entitled to the devs’ continuing work in perpetuity, and at no cost? Because that’s called slavery and we have laws against it.

So you trust your phone and its closed source OS with your photos, but your Linux server can’t see them?

I’m having a hard time imagining what Immich could do other than file syncing in this scenario