Comment on Using Immich in combination with NAS permissions
PeriodicallyPedantic@lemmy.ca 23 hours agoLibrary access won’t allow upload, this will.
My knowledge here isn’t super deep, but it seems like you can do mapping per-share-per-ip, which means you can say “all file access coming from the immich host to this share will act as this user” which I think is fine if that share belongs to that user, and you don’t have anything else coming from that host to that share which you want to act as a different user. Which are very big caveats.
non_burglar@lemmy.world 22 hours ago
This isn’t right. docs.immich.app/administration/user-management/
I understand following op’s pattern of wanting to set controls on underlying storage together with a share, but simply using immich’s built-in storage labels is much easier.
Plus, each user can be assigned an NFS share to their individual files separate from immich’s access requirements for storage. There is no need to make this a worse hodge-podge than op has already made it.
PeriodicallyPedantic@lemmy.ca 21 hours ago
Sorry I misread when you said “library” for some reason I thought you meant “external library”
The problem that I’m trying to solve and I think OP is also trying to solve, is that they want the files to be on their NAS because it is high capacity, redundant, and backed up, but many users have access to the NAS, so they cannot rely on immich alone to provide access permissions, they need access permissions on the files themselves.
I solved this by having a separate share for every user, and then mounting that user’s share on their library (storage label).
It sounds like OP wants a single share, so having correct file ownership is important to restrict file access to the correct users who are viewing the filesystem outside of immich.
Not sure what you mean by your last paragraph, how do you assign a share to individual files (assume you mean directories) outside of immich’s need for storage?
non_burglar@lemmy.world 19 hours ago
Ah, gotchu. Carry on.