As much as we're delighted to present you this new version, we are also sad to announce that our friend and prolific FreeCAD developer bgbsww has passed away a few weeks before this release came out. He was one of the main architects of the topological naming fixing effort, wrote a lot of additional code and tests, and became FreeCAD's TNP specialist. He also helped virtually all other developers out to adapt to the new algorithm. This release is dedicated to him.
๐ฅ
Install is the easy part. Nobody ever thinks about maintenance.
I had the same thought - an entire 8U rack to hold a single raspberry pi with an external drive?
Pop 22.04 with Nvidia 3070 and it "just worked".
You haven't described in what way it is not working for you.
That's all proxmox does too, just provides a gui and management tools.
The likelihood of a risk in this proxy might be medium or even high according to you
It might be zero. It's "unknown" (according to me I guess).
I've dug into the code a bit out of curiosity - it seems to me that "proxy" is a misnomer. It's a stripped-down "view" layer built on top of the API. But has the same endpoints as the main immich app for shared things so that you can create links that work with it so it kinda looks like a proxy. But it's just a "simplified public view" of sorts.
Meh.
I like to judge software based on its actually merit and not on the theoretical possibility it is vulnerable
This is literally the entire justification for the project. It's assuming theoretical vulnerabilities in Immich.
I am not saying I would trust this software in a security critical situation
Which is the point of this software (security critical situation).
just that your speculation means nothing
This project has zero community support. That's not speculative, it's a fact. "Every project starts somewhere" is just a tautology that means nothing. Every project that fails starts somewhere.
Theme for what?
Do you often recommend people running single-developer maintained software that has existed for about a fortnight for "security purposes"?
It's some rando's project that has existed for "nearly a month", has no community, is unlikely to have any rapid response to any issues, and probably won't be supported for more than a year.
But sure - go ahead and run it for "security purposes".
You can "reduce surface area" by simply putting in place nginx or apache (real supported software) and blacklisting the endpoints you don't like.
Well, the department of energy is still around.