Everyone keeps forgetting

No, I read it the first time.

They show you what commands it’s going to run.

When it works, sure.

I review everything it will do.

Then what, pray tell, is the point of the agent if you need to check its work each time?

I will point out how many posts, articles, and comments there are about how agents with this level of access have repeatedly and consistently failed to follow “safeguards”.

Ultimately, if you feel informed enough, by all means use it.

• Bot can write to file
• Bot can execute code

You honestly think there isn’t an issue with that?!

Not really. Think of FIM like tripwire but for more than just userland files accessible at run level 3.

This is neat, and I see that lots of folks are getting a good look at their laid out setup costs. However, you should stop using project management budget coding words. Also:

1. You are confusing roi with payback period.
2. There are intangible factors to consider like command of your data, control over security, etc.
3. Opex and capex are values used for fixed-term projects, they aren’t meant to quantify ongoing efforts past project outset.
4. Hardware is absolutely NOT a “one-time purchase”. If you are amortizing the cost of equipment, you must include projected failure rates, particularly for disks. Please refer to green-cycling.
5. Information projects are different than physical processing projects because they “expire”, meaning your i5-7200 is OK now, but will likely be nearly useless in 2030 when everyone is pretty much moved to 4k.

22. There are usually one or two of those that are just experimental and might get trashed.

only 1gbE

What needs more than 1gbe? Are you streaming 8k?

Sounds like you are your own worst enemy. Take a step back and think about how many of these projects are worth completing and which are just for fun and draw a line.

And automate. There are tools to help with this.

“tippon” is just a local POSIX mapping to whatever uid assigned that user, typically the first user beyond system users in Linux or Unix is 1000. So using “tippon” instead of uid=1000 won’t make a difference.

I’m looking forward to the changes to editing. I was happy to see the tools built in (just the simple crop/rotate/mirror), but then being prompted to save to gallery instead of just keeping it in immich was a dumb choice, it defeats the purpose of the edits altogether. Plus, the new image had new metadata?? Like I have to find the old pic, get the metadata, copy it to the new image upload new image and delete old image?? Wtf is the point of that?

Otherwise, immich works well. But man, the editing just isn’t thought out at all. Also no editing options in web ui, which baffles me.

Edit: It works! Finally real edits! Such a quality-of-life update.

I switched to using Radicale a year ago, and I use my android contacts app to add and maintain that info. CardDAV has enough fields for me to add.

Use the trash guides, it’s all in there.

Musicbrainz Picard.

Cinnamon, maybe… But KDE plasma? You must be joking. How do you get KDE plasma down to 300 to 500 mb memory use?

There’s a good reason xfce is the de of choice for low-resource systems like raspberry pi.

It does.

I had to isolate part of a frame from a 70s Italian cartoon to make a giant vinyl sticker and it worked amazingly. Cleaned up the image and pulled it right from the background. I was also able to desaturate the colours well too.

I only ever touch them to add media

Bingo. Every other day.

The problem with my family buying into the setup is that I’m now the media manager. And I’m OK with that, but sheesh… Sometimes it feels like I’m torrenting manually again.

You’re implying that self hosting has to be a certain way.

I don’t need to be able to rebuild an engine to be into customizing my car.

I’m working on Fatiguarr. A locally-hosted web instance to give me a f%&!ing day off from managing the bloody Xarrs in my life.

Ah, gotchu. Carry on.

Library access won’t allow upload, this will.

This isn’t right. https://docs.immich.app/administration/user-management/

I understand following op’s pattern of wanting to set controls on underlying storage together with a share, but simply using immich’s built-in storage labels is much easier.

Plus, each user can be assigned an NFS share to their individual files separate from immich’s access requirements for storage. There is no need to make this a worse hodge-podge than op has already made it.

My VPN tunnel automatically turns on when I leave my home lan. All traffic is tunneled and leaves my home network.

Are you able to use the internet with VPN turned on when you’re out and about? You may simply need to set that.

Squashing per-user is a blanket measure intended to default “public” users into a default access permission.

It is usable according to your layout, but this is effectively logical control preventing users from affecting files that aren’t their own.

And if that is the goal, you might as well set this up as library access through immich.