How-To-Secure-A-Linux-Server VS PhotoPrism

- own server costs about $5/month. I recommend using docker to deploy hbbr and hbbs. Back up the key in case you need to re-deploy. You do need to secure your Linux server, and this community-driven Github guide has some good tips to get started.

I have been using the How To Secure A Linux Server guide for quite a while and wanted to learn Ansible, so I created two playbooks to automate most of the guides content. The playbooks are still a work in progress.

If it works, I will then follow the hardening guide I did before (https://github.com/imthenachoman/How-To-Secure-A-Linux-Server) and test after every step

Maybe these two repos can help you, I've used them both from time to time to look up stuff I have no idea about as a frontend main: https://github.com/imthenachoman/How-To-Secure-A-Linux-Server https://github.com/decalage2/awesome-security-hardening

> In short it’s all about control, privacy, and security, in that order.

I am going to strongly urge you to consider changing that order and move *security* to the first priority. I have long run my own servers, it is much easier to setup a server with strong security foundation, than to clean up afterwards.

As a beginner, you should stick to a well known and documented Linux server distribution such as Ubuntu Server LTS or Fedora. Only install the programs you need. Do not install a windowing system on it. Do everything for the server from the command line.

Here are a few blog posts I have bookmarked over the years that I think are geared to beginners:

"My First 5 Minutes On A Server; Or, Essential Security for Linux Servers": An quick walk through of how to do basic server security manually [1]. There was a good Hacker News discussion about this article, most of the response suggests using tools to automate these types of security tasks [2], however the short tutorial will teach you a great deal, and automation mostly only makes sense when you are deploying a number of similar servers. I definitely take a more manual hands-on approach to managing my personal servers compared to the ones I professionally deploy.

"How To Secure A Linux Server": An evolving how-to guide for securing a Linux server that, hopefully, also teaches you a little about security and why it matters. [3]

Both Linode[4] and Digital Ocean[5] have created good sets of Tutorials and documentation that are generally trustworthy and kept up-to-date

Good luck and have fun

[1]: https://sollove.com/2013/03/03/my-first-5-minutes-on-a-serve...

[2]: https://news.ycombinator.com/item?id=5316093

[3]: https://github.com/imthenachoman/How-To-Secure-A-Linux-Serve...

[4]: https://www.linode.com/docs/guides/

[5]: https://www.digitalocean.com/community/tutorials

I suggest these resources: - Some fundamentals: https://www.cyberciti.biz/tips/linux-security.html - One of the best imho ( exhaustive list ): https://github.com/imthenachoman/How-To-Secure-A-Linux-Server - Ansible playbook to harden security by Jeff Geerling: https://github.com/geerlingguy/ansible-role-security - OAWSP Check list ( targeted for web apps... and honestly a bit overkill ): https://github.com/0xRadi/OWASP-Web-Checklist

I have been using https://www.photoprism.app for a couple of years, and it works better than expected, with the latest updates it's actually quite fast and the face tagging works reasonably well.

For self-hosting, there's Photoprism[1] as well.

Ente's strength lies in end-to-end encryption[2] and its cloud[3] offering so you don't have to worry about reliability.

So if self-hosting is what you're after, Immich, Photoprism and Damselfly (TIL!) are perhaps better designed to serve your needs.

[1]: https://github.com/photoprism/photoprism

[2]: https://ente.io/architecture

[3]: https://ente.io/reliability

For quite a while I'm also in search for a solution which allows me to share galleries with my family, without having to ask them to jump through hoops in order to access them.

After some searching I'm now testing photoprism [1] which is a fantastic application, especially for self-hosting of photos. There's no mobile app for it (yet) and user-management is just starting to get implemented, but it shows alot of promise. Unfortunately not yet enough for putting it on the tablet of my granny but one can hope (and donate!)

Either way, I'm afraid that building a good mobile gallery app is an equally large task, after all the best solution would be to replace the users' native gallery-app with an equivalent that also supports custom Online-Galleries...

[1]: https://www.photoprism.app/

out of curiosity, why no sort-of-established pkg and internal dirs? What do you think of https://github.com/photoprism/photoprism structure?

Thank you!

Ente was first a piece of hardware, then a self-host-able project, but we had a hard time monetizing both, which lead to the E2EE pivot.

TIL about TagSpaces, thanks!

Our server can be open-sourced, but we're unsure of the value E2EE will provide, with services like Photoprism[1] and Immich[2] already doing a good job of serving customers who prefer to self host. In this context E2EE might become a constraint, rather than a feature.

[1]: https://github.com/photoprism/photoprism

[2]: https://github.com/immich-app/immich

Ive seen github issues like this one https://github.com/photoprism/photoprism/issues/907 in which it is implied that this is very very difficult.

Hi. I want to implement an image server similar to Photoprism using ImageAI to tag images based on objects and context. However I don't want to spend to much time working on the frontend, at first I were thinking about using Danbooru and use Flexbooru or the web interface on my phone. But it doesn't have any encryption or password protection (since the purpose of it is to be used as a public image board).

https://www.photoprism.app in Docker.

PhotoPrism[0] and some ugly plumbing[1] to semantically tag all images in the gallery.

0: https://github.com/photoprism/photoprism