Immich is extremely good, and has amazing features ( like identifying objects and faces ) which make it very easy to search for photos if you have a very large library.
However you should run it on a server you trust (so you should selfhost it instead of using a vps or any public server ) and hide it behind a VPN if you want to have access to it through internet when you’re not at home.
It’s open source. It’s lacking e2ee but it’s fine if you’re selfhosting it. (Depends on your threat model)
Thanks for sharing that. Personally I pretty much stopped caring for self-hosting as with my Nextcloud journey and self-hosting email I very well learned this isn’t for everyone. Now I can fix those issues, but that’s not feasible for normal users. During this time also more and more good solutions have become available. I kinda lost my belief that everyone should have their own server and federate. That would be ideal, just not realistic. Instead, now I am more focussing on companies that build good alternatives. Ente pretty recently opened up for self-hosting, so documentation might change, but still a lot of work to maintain your own instance, compared to just paying them for doing it.
Immich is self hosted software. In that context E2EE is not usually necessary.
Why do you feel E2EE is a hard requirement for self hosted software? E2EE is most relevant in contexts where you don’t trust the service provider or infrastructure, but in this case you are your own service provider and the infrastructure is yours.
that’s to me a bit too short-sighted it depends on a lot more, for example:
Yeah, I am not quite agreeing here. People do host on public cloud/private could. Thinking they are doing self-hosting. This may only apply if you have your own hardware, and you control every bit of that. Then you still f.x. need physical security to the place. There is a lot to consider. E2EE is a way more efficient security measure. E2EE is not only about service provider, but also a measure against theft, interception, etc.
Adding to that, pictures contain a lot of sensitive information, which can basically reveal anything about you. You should also treat it as such with the appropriate security requirements. For me there are not many differences I make there between pictures and securing my passwords.
This seems to be more of an argument against self-hosting (or “non-self”-hosting in the case of using a cloud provider/VPS). But that is different topic I think.
Where I agree with you:
Where I don’t agree:
Then you still f.x. need physical security to the place
You do, but you need this anyway. If someone can physically steal your home server, they can physically steal your personal devices.
Where physical theft (or seizure) is a risk, traditional physical security, strong passwords, and encryption at rest is important (for servers and for personal devices). A primary use for both Ente and Immich is backing up photos from a phone or personal device, if your server isn’t at greater risk of physical theft and compromise than your personal devices, I don’t think you are fundamentally less secure by self hosting.
E2EE is a way more efficient security measure
Depends what the goal is. E2EE is a minimum requirement for me in many/most contexts, but it does limit or complicate things in other ways, and can add complexity. Proton (also Signal) is a good example, they make great products, but otherwise not too complicated features that non-privacy focused companies trivially build out, can sometimes take Proton years to get around to, Not all of that relates to difficulties related to E2EE but some of it does. Proton and Signal are cloud based solutions, so the tradeoff makes sense in that context, but in the context of self-hosting the benefits of E2EE seem a lot smaller and those costs in complexity are still present. I’m not saying E2EE has no value in a self-hosted context, just that the cost/benefit is a lot different.
E2EE is not only about service provider, but also a measure against theft, interception, etc.
It does offer robust protection in those contexts. But its not the only valid approach.
I think we are agreeing broadly that E2EE is usually desirable and good in most ways and a really elegant and desirable feature, but disagreeing in the specific context of self-hosting (on your own hardware), I understand preferring E2EE but I don’t think it should be anywhere near a hard requirement.
FWIW, the E2EE requirement in the Photo Management Section seems intentionally written to apply to cloud providers and exclude self hosted options:
Cloud-hosted providers must enforce end-to-end encryption.
And from the github discussion:
For Cloud based photo management products, that can not be self-hosted, we can borrow points from
Cloud Storagesection.
- Must enforce end-to-end encryption.
I’ll just add that some of this discussion may be better suited (or already addressed) here:
Yeah i sont think there is much disagreement here. I would just rather not recommend tools that don’t have it. To just protect people from making the mistakes here. Aso because we try to target everyone and not just technical peopl. Those people will find there way to these situations anyway I think.
Actually when you put it this way, what your wrote here is the same logic I use to support my (personal) opinion that Arch shouldn’t be one of the recommended distros (vast majority of people, including a majority of Arch users in my opinion, won’t and can’t secure their system to the same degree that they would get out of the box with one of the other recommended distros).
On the other hand, I don’t think it would be a good idea to just be totally silent on self-hosted solutions and tools. Since we do have a community and an audience that does skew towards the somewhat technical side. On the whole I think PG does a pretty great job of finding the balance between being technical and nuanced without being overly technical and inaccessible to less technical users. I guess I think self-hosting should be acknowledged as a valid approach to privacy but not go so far as to encourage self-hosting. I think how Arkenfox is presented would be a good template for how self-hosted (or more advanced options more broadly) can be framed
I think it has already been pointed out, but we are not going to add this because of this big banner right on the top of their website:
The project is under very active development. Expect bugs and changes. Do not use it as the only way to store your photos and videos!
I’ll mark this as waiting instead of rejected though, let me know when they have a stable release 
Ente Photos is incredibly simple and lacks half of most basic features such software usually can do. I would never recommend it just because it is e2ee now. Yes, biased and happy Immich user, no issues for year and a half allready. But really, they are not even close to compare.