Can You Self-Host Your Photos? Immich 3.0, Privacy, Costs, and When to Blur Faces
Immich 3.0 (July 2026) is the top HN self-hosted Google Photos alternative. Real cost math vs iCloud, E2EE debate (Ente vs Immich), Tailscale access, and bgblur.com for face privacy before you share.
Can you self-host your photos? Yes β and July 2026 is the loudest moment yet for the idea. Immich 3.0 hit Hacker News the same week (286 points, 141 comments) while v3.0.1 patched mobile album display. The thread was not really about slideshow UX β it was about trust: Who can see your library? What does self-hosting cost in money and time? And do you need end-to-end encryption or just disk you control?
This post answers those questions β Immich 3.0 in context, Ente as the E2EE alternative, real cost math, and bgblur.com when you share faces outside your trusted circle.
TL;DR β should you self-host?
Question
Short answer
Can I replace Google Photos?
Yes β Immich 3.0 is the closest open-source match for backup + search + sharing
Is it free?
Software is free (AGPL); hardware, power, backups, and your time are not
Is it private?
More control, not automatic secrecy β you secure the server, network, and shares
E2EE?
Immich: no Β· Ente: yes β pick based on threat model
Immich 3.0 worth upgrading?
Yes if you run v2 β mobile editing, integrity checks, backup fixes
Blur faces before public share?
Yes when consent is unclear β bgblur.com for quick anonymization
Immich 3.0 β what shipped (July 1β2, 2026)
Immich crossed 105k GitHub stars with v3.0.0 β the first major with release candidates beforehand.
Feature
Why it matters
Mobile non-destructive editing
Crop/rotate on thumbnails without destroying originals β closer to Apple Photos workflow
Detect DB/file mismatches before silent corruption spreads
Background backup improvements
Android scheduler uploads full library; iOS parallel refresh
HLS + real-time transcoding (preview)
Smoother web video without waiting for full transcode
New web video player
Consistent controls; fixes iOS layout pain
OCR on mobile
Search text inside screenshots and documents
Upgrade path: set IMMICH_VERSION=v3 in .env, run usual Docker compose pull/up. Migration guide β drops pgvecto.rs; mostly API breaking changes for third-party tools, not typical family users.
We maintain a longer Immich overview; this post focuses on 3.0 + privacy economics.
The HN argument β E2EE, trust, and "whose computer?"
The July 2026 thread split along predictable lines:
"Immich is fine β I trust my homelab"
You control disk, backups, and network exposure
LUKS / ZFS encryption at rest on the NAS protects stolen hardware
Tailscale or WireGuard avoids exposing Immich to the open internet β the pattern TREK homelab users and Immich operators share
"I want E2EE β use Ente"
Ente encrypts client-side before upload β provider sees blobs, not faces
Polished mobile apps, 10GB free hosted tier, self-host escape hatch
Tradeoff HN users cite: key loss = data loss unless recovery is set up; upload reliability complaints on self-hosted Ente vs Immich for huge libraries
"Encryption at the wrong layer"
Several commenters noted: on self-hosted Immich, you are the operator β E2EE mainly matters when a third party hosts disks (managed VPS, small cloud seller). Full-disk encryption + VPN is the homelab answer; Ente is the "hosted but blind provider" answer.
Threat
Immich + homelab
Ente E2EE cloud
Google reading photos
β avoided
β avoided
Stolen NAS at home
Disk encryption helps
N/A (blobs remote)
Rogue VPS admin
N/A if self-hosted
β ciphertext only
You lose encryption keys
N/A
β catastrophic
Family "just works" support
You are IT
Ente closer to consumer UX
Neither replaces consent discipline when sharing links publicly.
Real cost math β self-host vs Google One
Illustrative 2026 numbers for a 2TB family library:
Files processed for the session; privacy-first marketing claims no permanent storage β still treat any cloud tool as untrusted for highly sensitive material; run local tools when paranoia is appropriate
We covered plate and object blur in AI privacy for video β same principle: redact before distribution, not only before upload.
Workflow: Immich for archive β bgblur for publishable subset β social or public album.
Operational patterns that work (from HN + docs)
Read-only external libraries
Point Immich at a read-only NAS mount β manage files yourself; Immich indexes without owning the canonical tree. External libraries have been available for years; 3.0's integrity checks help catch drift.
50GB browser download limits β use curl with session cookies to NAS directly
Windows extract β native extract fails on 4GB+ zips; use 7-Zip
immich-go β recreates Google Photos albums; resume after server errors
Budget days for 700GB+ imports, not an afternoon.
Network exposure
Pattern
Risk
HN sentiment
Tailscale / WireGuard only
Low public attack surface
Preferred
Cloudflare Tunnel
Convenient; watch 100MiB upload limits on video
Popular compromise
Raw port forward
Brute force, CVE rush
Discouraged without CrowdSec
Backups
Immich README: 3-2-1. HN horror stories: upgrade without DB snapshot β months of pain. v3.0 integrity checks help early detection β they do not replace backups.
Immich 3.0 vs Ente β pick your tradeoff
Immich 3.0
Ente Photos
Primary design
Self-hosted Google Photos UX
E2EE first; cloud or self-host
Face / CLIP search
Server-side ML
Client-assisted; evolving
Public event upload links
Strong Immich feature
Album contribute links
License
AGPL-3
Open source clients + server
Best for
Homelab families, 2TB+ libraries
Privacy cloud with encryption keys
July 2026 buzz
3.0 launch, 105k stars
GrapheneOS migrants, encryption
You can run both: Ente for pocket daily sync, Immich for home archive master β if you accept duplicate ops (most people pick one).
What people still complain about (honest)
From HN and GitHub discussions β not Immich marketing:
iOS backup historically filled phone storage; 3.0 improves scheduling β verify on your library size
Immich v3.0.1 and HN discussion accurate as of July 3, 2026. Official: immich.app, v3.0.0 release notes, GitHub releases. Cost figures are illustrative β meter your hardware and power locally.