It worked! Thank you so much.

My quadlet files are now cobbled together from various sources, cross-referencing yours with the official docker compose and a couple of podman examples I found. But I now have a functioning Immich running in rootless podman, accessed through a VPS reverse proxy!

I’ll edit my first comment in the chain with some tips in case someone else comes across this looking for help.

Edit: I just realised your Edit was saying you’ve got legacy bios! So this is all irrelevant. I’ll leave it up in case it helps someone else.

Could it be selecting the wrong SSD to put the boot loader on?

When I reinstalled mint the other day on my laptop with an nvme and SSD (also dual boot) it labelled the extra SSD as sda and the original nvme as sdb, so it was going to try to put the bootloader on sda.

I set up the partitions on the third option (1. Install alongside windows; 2. Wipe everything; 3. Set it up manually) and on the manual setup there’s a selector for the bootloader device just underneath the main section where you select partitions to use for /, /home, etc.

IIRC you set the bootloader to the full device (in my case sdb) not the EFI partition (sdb1) and it works out out.

Thank you!

Alas I can’t get it to work. After some tweaking and fixing, I’m stuck that the server doesn’t seem to be talking to redis, with this error,

missing 'error' handler on this Redis client
microservices worker error: Error: getaddrinfo ENOTFOUND database, stack: Error: getaddrinfo ENOTFOUND database    
     at GetAddrInfoReqWrap.onlookupall [as oncomplete] (node:dns:120:26)     
microservices worker exited with code 1    
Killing api process

I’ve been trying to learn bits of podman and docker and how to translate between the two… I think it’s just a bit much for me for now! Thanks anyway, and I’m sure I’ll come back and have another look at your instructions another time.

That tech was supposed to be ready 10 years ago. Come on, scientists, get your act together!

Can you give me some pointers? I’m still new to docker and podman; hoping to get this going without too much learning curve to start with!

Edit: Thanks to InnerScientist’s instructions below, plus some extra, I got it working. A 5-day-old lemmy comment is probably lost forever to anyone else who wants help, but just in case, here’s some pointers.

1. I cross-referenced with the official docker compose file, and two other quadlet examples/guides, neither of which worked on their own for me. I used InnerScientist’s files below as my base. Other guides:

• https://github.com/jbtrystram/immich-podman-systemd
• https://github.com/tbelway/immich-podman-quadlets/blob/main/docs/install/podman-quadlet.md

2. Comments need to be on their own line (or deleted), not at the end of the line as below
3. The environment file from official docker instructions needs some more lines, including duplicating with correct names for the database container (can you put referenced ones in a quadlet like in the docker compose? I don’t know)
4. The env file also needs DB_HOSTNAME and REDIS_HOSTNAME, which for me were systemd-immich-database and systemd-immich-redis (you can find the names with podman ps, when they’re running, as later in this thread.
5. Podman, to my surprise, bypasses ufw (uncomplicated firewall) just like Docker!

• To restrict access to your computer only, you can PublishPort=127.0.0.1:2283:2283 as below.
• To open to lan, PublishPort=2283:2283
• If, like me, you’re using a reverse-proxy, but don’t want other LAN access, it’s fairly easy to limit with iptables rules. I use nebula, which puts my vpn within a particular ip range. Script below.

iptables script

#!/bin/bash
iptables -I INPUT -p tcp --dport 2283 -j DROP
iptables -I INPUT -p tcp --dport 2283 -s 192.168.1.0/24 -j ACCEPT
iptables -I INPUT -p tcp --dport 2283 -s localhost -j ACCEPT

That puts each line at the top of iptables, before ufw or anything else. So they end up in reverse order from the script.

• packets to port 2283 from localhost, accept!
• packets to port 2283 from 192.168.1.*, accept!
• packets to port 2283 from anywhere [else], drop!

Sounds like a good plot for a novel.

“Hey babe, what what temperature do I cook the chicken at?”

“Um… give me ten thousand years or so and I’ll let you know.”

“And this here is my Wikipedia room.”

I wanted to recommend go, but you said single player… there’s always Katago to play against.

I guarantee you’ll never truly ‘beat’ the game!

I’m planning to do it with podman. It’s supposed to be quite easy to convert between the two.

Cool! Thanks for explaining.

Thank you for the correction. So then, a more tinker-ready OS could do atomic upgrades, but allow manual changes/customisation to the system internals. And also handle traditional distribution-style package installation.

I suppose some people might still want to upgrade certain packages and not others, but that seems a pretty rare case these days - or maybe I just don’t hang out in the right crowds!

Because otherwise it would be totally believable

…

…

/s

I also think atomic distros will become the norm eventually, but I think there’s a long way to go, and not just with user adoption. When I was looking into Nix I was very excited for quite a while, but eventually I realised it’s just another way of handling the package distribution/integration problem. A brilliant one, I agree, but with upsides and downsides like any other answer. And I realised that the incredible work put in by the Debian packagers is a better fit for my needs, no matter that it’s an older approach.

Perhaps one day, Nix or Nix-like will mature and grow to have the right options to fill my needs better. Perhaps one of the modern Atomics will be good enough for me. Or perhaps Debian et al will run out of steam and good works, or perhaps my needs will change. Or perhaps I’ll die first, after a long and happy life using traditional community package distributions.

But I look forward to the glorious future of GUIX/HURD. Even if I never live to see it.

we’re not afraid to tinker

what’s keeping YOU from switching to an atomic distro

1. Being able to tinker. Atomic distros are about choosing in advance to not tinker with a large part of your system. There’s good reasons to do that, sure, but not good enough for me right now.

ChatGPT thinks everything is brilliant.

Awesome. Everything is awesome.

Just make sure you make a backup from your syncthing clones, so an accidental delete/mess-up on one machine doesn’t wipe out every copy!

https://youtube.com/watch?v=4D5hEghLoyM

Put your eye in the beam and tell me that again…

Luckily, not if you actually read the article. The headline is misleading. “Emotional advertising” is a marketing gimmick term by LG for guessing your personality from the shows you watch.