

No Problem!
If you want to fix the issue: That seems like the hostname for one of the databases is wrongly set in the environment file, the hostname of containers is the same as the container name which can be read using podman ps
.
No Problem!
If you want to fix the issue: That seems like the hostname for one of the databases is wrongly set in the environment file, the hostname of containers is the same as the container name which can be read using podman ps
.
Sounds like a problem fixing itself, at some point MacOS is going to have problems if it can’t edit a config is my guess.
I thought this was an entry level publishing
Behold, a woman
Sure, I set it up in nixos though this is the short form of that:
usermod --add-subuids 100000-165535 --add-subgids 100000-165535 johndoe
[Unit]
Description=Immich Database
Requires=immich-redis.service immich-network.service
[Container]
AutoUpdate=registry
EnvironmentFile=${immich-config} # add your environment variables file here
Image=registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 # hash from the official docker-compose, has to be updated from time to time
Label=registry
Pull=newer # update to newest image, though this image is specified by hash and will never update to another version unless the hash is changed
Network=immich.network # attach to the podman network
UserNS=keep-id:uid=999,gid=999 # This makes uid 999 and gid 999 map to the user running the service, this is so that you can access the files in the volume without any special handling otherwise root would map to your uid and the uid 999 would map to some very high uid that you can't access without podman - This modifies the image at runtime and may make the systemd service timeout, maybe increase the timeout on low-powered machines
Volume=/srv/services/immich/database:/var/lib/postgresql/data # Database persistance
Volume=/etc/localtime:/etc/localtime:ro # timezone info
Exec=postgres -c shared_preload_libraries=vectors.so -c 'search_path="$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on # also part of official docker-compose.....last time i checked anyways
[Service]
Restart=always
$HOME/.config/containers/systemd/immich-ml.container
[Unit]
Description=Immich Machine Learning
Requires=immich-redis.service immich-database.service immich-network.service
[Container]
AutoUpdate=registry
EnvironmentFile=${immich-config} #same config as above
Image=ghcr.io/immich-app/immich-machine-learning:release
Label=registry
Pull=newer # auto update on startup
Network=immich.network
Volume=/srv/services/immich/ml-cache:/cache # machine learning cache
Volume=/etc/localtime:/etc/localtime:ro
[Service]
Restart=always
$HOME/.config/containers/systemd/immich.network
[Unit]
Description=Immich network
[Network]
DNS=8.8.8.8
Label=app=immich
$HOME/.config/containers/systemd/immich-redis.container
[Unit]
Description=Immich Redis
Requires=immich-network.service
[Container]
AutoUpdate=registry
Image=registry.hub.docker.com/library/redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8 # should probably change this to valkey....
Label=registry
Pull=newer # auto update on startup
Network=immich.network
Timezone=Europe/Berlin
[Service]
Restart=always
$HOME/.config/containers/systemd/immich-server.container
[Unit]
Description=Immich Server
Requires=immich-redis.service immich-database.service immich-network.service immich-ml.service
[Container]
AutoUpdate=registry
EnvironmentFile=${immich-config} #same config as above
Image=ghcr.io/immich-app/immich-server:release
Label=registry
Pull=newer # auto update on startup
Network=immich.network
PublishPort=127.0.0.1:2283:2283
Volume=/srv/services/immich/upload:/usr/src/app/upload # i think you can put images here to import, though i never used it
Volume=/etc/localtime:/etc/localtime:ro # timezone info
Volume=/srv/services/immich/library:/imageLibrary # here the images are stored once imported
[Service]
Restart=always
[Install]
WantedBy=multi-user.target default.target
loginctl enable-linger $USER
Can confirm, works without problems in rootless podman.
ip a a 127.0.0.2/8 dev lo
You have a whole /8 subnet of localhost, do it.
Most backdoors are dangerous and dumb.
Why do you need EV certs?
“Nix” doesn’t resemble “nichts”, it’s slang for the same thing in German so it has the same meaning.
I don’t know which language is the source but if someone can access the nix paper to confirm that’d be great.
I believe that [nix meaning ‘nichts’ in german] is even intentional, the original author of nix (Eelco Dolstra) is from the Netherlands. The name comes from the fact that by default, nothing is available in build environments in nix.
Which is apparently confirmed by https://pdfs.semanticscholar.org/5fd8/8f89bd8738816e62808a1b7fb12d3ab14a2f.pdf but I can’t access that.
Nix = slang for “nichts” = word for “nothing” in German
Absolutely bamboozled
Update: April 15, 2025 (3:35 AM ET): Samsung has confirmed that the One UI 7 update will resume shortly. According to a solutions manager on Samsung’s Korean community forums, the rollout was temporarily paused due to maintenance-related issues. However, the inspection is now complete, and the update is expected to restart soon. Here’s the full statement:
https://www.androidauthority.com/one-ui-7-rollout-resuming-3544322/
And how long to push them.
Just the usual amount. I don’t think we want to know.
We’re a smaller chamber but a lot more echo.
weakness in signature verification algorithm that could allow an administrator privileged attacker to load arbitrary microcode patches
I don’t think this will affect performance unless you depend on having to quickly update the CPU microcode multiple times a second.
EntrySign is a vulnerability that enables attackers with ring 0 or kernel-level access to bypass safeguards.
So almost no security impact and no performance change?
https://www.androidauthority.com/android-16-linux-terminal-doom-3521804/
Of course it runs Doom
But my streak is at 419, I can’t stop now!