this post was submitted on 27 Mar 2024
78 points (95.3% liked)

Privacy

31935 readers
629 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

My son was just born, and while a few photos will go on the likes of Facebook and Instagram, overall my partner and I are wanting to keep our shared photos private from the EULA abuses that we all know and hate.

Does anyone here have any good suggestions? I would create my own front end, but I can't swing hosting or a static IP to do it from my local box. Are there any companies out there who aren't total shit bags who claim immediate irrevocable license to all of my photos to do with whatever the fuck they please?

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 7 months ago* (last edited 7 months ago)

I do:

  • own domain with cloudflare
  • ddns with their API
  • NextCloud in docker
  • caddy reverse proxy takes care of SSL cert

Or:

  • Plex can do photos too and they have a docker container
  • invite family to your server

Or:

  • Immich with same setup as NextCloud
[–] [email protected] 1 points 7 months ago

Xmpp server with account for family members? Personally, I host one, and keep favourites pics on a minigal nano, a php app to share pictures on my webserver

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

Why can't you self host? I have a wordpress site, and everything is fine, I use noIP for a domain name and IP tracking. Everything is running on a raspberry pi 4, with 7TB of USB storage. Loading up the photos can be a little slow when we post a big adventure day out, but if you're patient, or have the means to put a more powerful machine on the job, it is the best way to share your lives with family. Wordpress has an option to ask the search engine crawler to not index the website, and it seems to work. When I post to the blog, I have an email subscription list for all my family, who want to be notified of a new post.

[–] [email protected] 2 points 7 months ago

Could set up a nextcloud instance, but might be a bit overkill for your use case as it is a full Google workspace replacement

[–] [email protected] 3 points 7 months ago* (last edited 7 months ago) (1 children)

If you and your partner both have iphones then iCloud should be sufficient for keeping the photos to yourselves if you turn on Advanced Data Protection. I think it requires you and your partner to have two yubikeys at a minimum though.

https://support.apple.com/guide/security/advanced-data-protection-for-icloud-sec973254c5f

Photos encrypted at rest, only you and your partner will have access to the keys. If you want the convenience of icloud backup then the government would be able to subpoena your decryption keys from your phone backups, but it's not going to be available for casual employee access. Automated tagging/face matching is done by your iPhone when it's plugged in so there's some organization. Nothing close to Google's AI organization.

I know Apple is a shit company. But they've learned a thing or two after the Fappening.

Advanced Data Protection should be the minimum setting for you to consider Apple as your photo storage. Your photos will auto upload from your phones, apple has partner sharing so photo libraries will automatically be shared between you and your partner, and they recently implemented a system similar to "signal key verification", but again limited to ADP turned on.

Otherwise you're looking at Proton or Tresorit.

[–] [email protected] 6 points 7 months ago

I will happily look at the alternatives. We avoid Apple like it carries the plague, mostly on my objections to their licensing policies alone. Also, I love that you linked to something about The Fappening, have a 💯 and my heartiest appreciation for you as a scholar and a gentleman.

[–] [email protected] 11 points 7 months ago* (last edited 7 months ago) (1 children)

I self-host Photoprism, and use it to share albums privately with people.

The flow goes:

  • I take pictures with my phone
  • Those get synced via Syncthing to my photos folder.
  • Photoprism is set up via docker, with my photos folder added.
[–] [email protected] 4 points 7 months ago

This has potential in many ways. I will have to set it up and see how it feels.

[–] [email protected] 1 points 7 months ago (1 children)

I know Futo has an app called Circles which is designed for things like that and staying in contact with family without social media. It's supposedly E2EE and controlled by the person hosting the circle.

I haven't used it yet for myself so I can't say whether it's good or not, but it sounds like something you might be interested in.

Congrats on the newborn, by the way!

[–] [email protected] 1 points 7 months ago

Thank you on the congrats! We are so happy and he could not be more adorable.

Also thank you for the suggestion, I will dig into it.

[–] [email protected] 1 points 7 months ago

smugmug.com

[–] [email protected] 3 points 7 months ago (1 children)

What are your requirements and desires for browsing/viewing?

[–] [email protected] 3 points 7 months ago (1 children)

Ideally, as easy to interface with as possible for non-tech literate users. My mother-in-law once told my wife "I don't know why you would ever want to strengthen your mind." in response to confronting my wife on why she was reading a book outside as a child instead of playing physically. This is a mantra she has continued well into her 50's and is still going "strong". I need something she can access and download pictures from to print off and hang on her wall like she does from FB now. This is essentially the low bar. Everyone else should be more competent than that.

[–] [email protected] 1 points 7 months ago

I haven't found something with a nice simple UI, let us know how you go

[–] [email protected] 2 points 7 months ago

You could use Pixelfed if you trust the server admin (many choices), it's FOSS and based on ActivityPub to share with other Fediverse applications. You could even self-host it.

[–] [email protected] 6 points 7 months ago (1 children)
[–] [email protected] 7 points 7 months ago (1 children)

It can become really messy if one family member deletes a picture by accident and everyone complains. I'd use Syncthing for machines I personally manage.

[–] [email protected] 2 points 7 months ago

You can control which devices can make and propagate changes to shared folders.

[–] [email protected] -1 points 7 months ago (1 children)

Have pictures printed and mail them. Use a family text thread.

If you aren’t gonna host your own digital files and you don’t want someone else to get their hands on em those are the options.

[–] [email protected] 1 points 7 months ago (1 children)

I don't mind self-hosting, I just need something that can host from a dynamic IP since static is too expensive right now.

[–] [email protected] 1 points 7 months ago

there's vps providers in the $10 per year range that come with fifteen or so gigabytes of storage and a static ip if you can swing that.

here's cloudserver with ten bucks for a year of static IP and 20GB

i can't imagine baby pictures would push the bounds of that storage...

[–] [email protected] 25 points 7 months ago (2 children)
[–] [email protected] 1 points 7 months ago (1 children)

Does it support SSO with OIDC?

[–] [email protected] 1 points 7 months ago (1 children)

Yes, have it running right now!

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

Nice. I've heard good things about it previously and it seems like it'll check all my boxes. I've just been trying to figure out what to do for monthly backups to the cloud. I don't wanna risk losing all my extended family's photos in a hurricane or house fire.

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago)

This is the way, immich is insanely fast and performant

[–] [email protected] 2 points 7 months ago (1 children)

Synology has QuickConnect which makes external access easy without dyndns/static ip. I haven't used it myself.
https://kb.synology.com/en-global/DSM/tutorial/share_File_Station_files_without_DSM_account

Another option is to create a Microsoft 365 Business tenant, with a single Business Basic license you get 1TB OneDrive storage and 1TB Sharepoint storage - their ToS says not to use customer data in AI training.
Unless you already know how to manage it this is probably as cumbersome as selfhosting though.
I have no idea about their ToS against non business licenses, so this assumes spending for a business basic license.

If you aren't behind CGNAT you can use dyndns to get around not having a static ip if you want to get into selfhosting with proper external access. I doubt you'll have the time with a newborn though. :)

[–] [email protected] 2 points 7 months ago (1 children)

I will look at QuickConnect as that sounds potentially ideal.

I honestly don't trust MS as far as I could throw them. The amount of ads they are forcing into the OS level is evidence enough for me to believe that they are willing to abuse customers. And if DropBox is any indication of how ToS and EULAs can change in the blink of an eye to include all files, past and present, to be used for AI training with no recourse to opt-out, then MS's current ToS doesn't really give any fuzzy feelings.

I will definitely have to look at dyndns as I need to find a way to provide a static endpoint to gain access to ethically sourced AI training materials for my own works and that sounds like it might work.

And yes, I do work in AI, which is why I am so focused on not allowing the megacorps to ignore even the most basic regimes of ethics or customer respect.

[–] [email protected] 1 points 7 months ago

I would pair a Synology NAS with at least one, preferably two, usb disks to make local backups to with the built in Hyper Backup - losing the whole family picture archive hurts and usb disks are cheap. It doesn't seem possible to make a read only QuickConnect connection so beware of that if there's to be non techie users connecting.

Personally I use dyndns and openvpn (if I rebuilt today I would look at Wireguard instead of openvpn as a vpn solution) as I prefer not relaying my traffic through services outside my self hosting. That would require you to aid your non techie family members with the initial configuration on their end though.

[–] [email protected] 4 points 7 months ago (1 children)

I use DokuWiki for this type of thing. With a few add-ons it is nicely configurable (galleries, discussions etc), could be run from any webspace, and doesn't need a database. You can have ACLs that make sure that only registered users get access. But it is a bit of a DIY solution, and takes a bit of work to set up.

[–] [email protected] 3 points 7 months ago

I'm not above getting my hands dirty and this sounds like it could have promise. Thank you.

[–] [email protected] 4 points 7 months ago (2 children)
[–] [email protected] 1 points 7 months ago

Synology + Docker + Pixelfed is doable

[–] [email protected] 3 points 7 months ago

If you want to keep the metadata on the photos, well GG since it and the color profiles will all be stripped

[–] [email protected] 22 points 7 months ago (1 children)

https://ente.io/

I think this is very close to what you are looking for. Recently they have open sourced all their server side code also. Means currently they are completely open source.

[–] [email protected] -3 points 7 months ago

Seems too expensive. Most people that owned a phone with a camera for the last few years would easily be in the $200/yr plan. I know I am.

That's the cost of Amazon and Walmart subscriptions combined just to get one benefit of Amazon subscription.

I realize people here tend to shit on Amazon, but they never leaked anyone's photos so unless you share them yourself, they are perfectly safe in AWS cloud with unlimited storage.

load more comments
view more: next ›