Self-hosting my photos with Immich

Self hosting used to mean conceding on something. I can honestly say Immich is better in every way than Google Photos or whatever Apple calls it. The only thing is having to set it up yourself.

How does sharing an album with others work on Immich?

You get a link and you can set read or write permissions on it.

Whoever gets that link can browse it in a web browser.

I've used this to share albums of photos with gatherings of folks; it works very well. It does assume you have your Immich installation publicly available, however. (Not open to the public, but on a publicly accessible web server)

OK. Then you concede your security, as I can't imagine any single person self-hosting can be better at keeping their public service more secure than engineers at Google can. Especially with limited time.

If you're not Cloudflare averse...

Setup immich VM or docker container with a cloudflare tunnel

Front access with Cloudflare Access (ZeroTrust) for free.

Set "can only be accessed by users with email = xyz@myuser”

Done.

Now assuming this is the same user email as the one you shared photos with, there is a base level of security keeping the riffraff away.

Home IP is never exposed either, because it's proxied through the cf tunnel.