![](/static/66c60d9f/assets/icons/icon-96x96.png)
![](https://lemmy.world/pictrs/image/8286e071-7449-4413-a084-1eb5242e2cf4.png)
Are you using a web proxy? I am guessing it may be doing partials because of upload limit of the proxy.
Are you using a web proxy? I am guessing it may be doing partials because of upload limit of the proxy.
The proxy you are using seems like a good one and if you are using auth on it you aren’t exposing the services under it directly, so the vulnerability would be proxy or your password to reach any potential vulnerabilities on the service. Sure there could be some crazy bad vulnerability on the proxy, but as long as your using a good trusted one and not doing some config to bypass their security, and updating it, you should be fine. Some people here think you could use vpns and such for everything and sometimes you just gotta share your services and going through a proxy service is a good solution.
From the link in the post it’s a reverse proxy backed by terminos which is a secure OS for kubernetes and is really good, so I imagine this proxy is also really good. So OPs setup is already likely fine as is.
You can transfer at any tine and keep the remaining registration time. The only negative is you have to pay the new regristrar a rnewal fee to complete the trasnfer, this adds nore time to your domain, you just would have to pay it early once. They often do deals for transfers especially around holidays.
I’d recommend a web proxy service. It acts as a middleman, public > router > port forward to proxy / tailscale > proxy forwards by the domainto the correct service (immich).
Traefic is a good starter one.The most used but more advanced is probably nginx.
For SSL, use https://letsencrypt.org/, there are a bunch of tools to do it and some are automated. They expire faster but are free. Tailscale is a vpn tunnel so the ssl part may not be correct and they may have their own thing though.
Also godaddy is like the worst, expensive, ceo has hunted animals that shouadn’t be touched, and I always had outages when dealing with them. Namecheap is good, cloudflare, and porkbun.
It’s also very easy to make it highly available and to scale horizontally.
Glad you found the issue! I fell asleep hard last night sorry I couldn’t be your rubber duck haha
If it is due to a sigle asset I imagine an error would log to the console.
My advice is start over at least temporarily. Use immich base compose with one mount for the uploads and test it before deviating from the basic setup.
Were you able to fix it? Mounting like that should work but it looks like docker isn’t mounting subpaths right.
What do the logs say? I’d check
the more I think there are more unknowns sice there are a few ways it could be running.
Nah not a requirement. I think like 3 months or so after the reddit API shutdown. Big instances got local AI models to detect it and Lemmy server now supports disabling caching other instances so I’d probably disable that if I ever enable it again haha
I got all my yaml files source controlled privately right now but I can share if you want them. I disabled Pictrs around the time of CSAM attacks and have yet to bother enabling it again haha
Yeah I want to switch when other implementations catch up. Unfortunately I think that will be some more time especially since you can’t migrate from synapse and have to start from fresh. One day though!
I did the same for Lemmy at one point then found out all the configs are mapped to environment variables my convention. My Lemmy setup is the most advanced, but it has HA postgres, and all of its modules separated and HA. The proxy setup for it in k8s was rough but I eventually got it working directly on ingress-nginx too.
Yeah it’s a bit of work sometimes. Synapse matrix kinda sucks too their philosophy of no environment variables for secrets. I ended up making an init container that hijacks my config map and I jet’s the environment variables into the config
Using different federation protocol, but matrix wservers ould be the other big one.
Edit you also mentioned trouble creating them. I suggest looking into operator hub and using operators for postgres and redis and auth (keycloak?). This can get you down in the rabbit hole for making everything highly available too.
Server CPUs are built for the workload (hosting / background services) rather than desktop applications for consumer PCs. That being said generally your going to be more limited in disk / ram than CPU unless if you have some specific needs.
In my setup, my server resources are averaging 10% cpu, 54% memory, and ~70% storage. I’m running 4 PCs, 8 cores each so 32 cores, currently on memory I got 2x64GB and 2x16GB so 160GB ram. Between CPU and RAM I am utilizing basically 3.2 cores worth of processing and 86GB of ram. Most of my ram is going to postgres databases for speed improvement and it takes off load from the CPU.
They have some measurements from their machine though depending on GPU and CPU at least it’ll probably be higher. Also, if your hosting stuff 24/7 your CPU load won’t be 100% idle so you certainly would be higher than it depending on what you host.
I am not the best at estimating power usage but like I said depends on the configuration it has. That’s just CPU, not including powering everything else so it’s idle load will be higher. RAM, disks, type of disk, amount of disks, GPU or other PCI cards, etc every additional component adds to the idle watt usage.
https://caddy.its-em.ma/v1/docs/limits you appear to be correct it’s something else. Reviewing logs of Immich and if the images uploaded can be accessed would be good info to start with.