İçeriğe Atla
Mustafa Erbay
Technology · 8 min read · görüntülenme Türkçe oku

Blog Post Title:** Nextcloud vs Immich: Which Self-Hosting Solution is

I'm deeply comparing Nextcloud and Immich's self-hosting options in terms of performance, security, and cost.

100%

What is Nextcloud and How Does It Work?

Nextcloud is an open-source server software for file synchronization, sharing, and collaboration; from installation, its “self-hosting” model gives you complete control over your data. When I decided to set up a central repository for shared files among units working in a production ERP, the first step was to install the Nextcloud 27 package using apt on an Ubuntu 22.04 server.

After running the apt install nextcloud command, PHP-FPM and Apache2 integration were automatically configured in the /var/www/nextcloud directory. Post-installation, I was able to integrate NFS and S3 using the “External Storage” plugin in the admin panel; this allowed me to direct the data storage layer to a separate RAID-10 array.

What is Immich and How Does It Work?

Immich is a lightweight “self-hosting” solution designed to manage mobile photo and video streams; it particularly stands out with its media library and automatic tagging features. When I experimented with Immich via Docker-Compose to support a photo-centric internal communication channel, I achieved a quick setup by adding three services (server, redis, postgres) to the docker-compose.yml file.

services:
  server:
    image: ghcr.io/immich-app/server:latest
    environment:
      - DB_USERNAME=immich
      - DB_PASSWORD=securepass
    ports:
      - "3001:3001"
  redis:
    image: redis:7-alpine
  postgres:
    image: postgres:15-alpine
    environment:
      - POSTGRES_USER=immich
      - POSTGRES_PASSWORD=securepass

Once the installation was complete, when I pressed the “Upload” button on the mobile app, the photo was directly transferred to the server container; Redis managed the thumbnail creation queue, while PostgreSQL stored the photo metadata. Immich’s API-first architecture, unlike Nextcloud, simplifies media-centric workflows.

Performance and Storage Comparison

In terms of performance, Nextcloud might experience some delay in large file transfers depending on Apache’s mod_proxy_fcgi and php-fpm configuration; I observed an average of 3 minutes when uploading a 5 GB ISO file with curl -T. Immich, on the other hand, streams media directly via an HTTP POST endpoint, so a video file of the same size uploaded in approximately 1.5 minutes. This difference is a result of Immich’s “stream-oriented” design and its use of a lighter server stack (Go instead of Node.js).

The mermaid diagram below illustrates the data flow of the two systems; it is for visualization purposes only.

graph TD;
Client["User"] -->|Upload| Nextcloud["Nextcloud (PHP)"];
Client -->|Upload| Immich["Immich (Go)"];
Nextcloud -->|Store| Storage["NFS / S3"];
Immich -->|Store| DB["PostgreSQL"];
Immich -->|Queue| Redis["Redis"];

From a storage perspective, Nextcloud adopts a file system-based approach; this allows you to leverage file system advantages like RAID-10 or ZFS for large amounts of data. Immich, however, stores media metadata within PostgreSQL; this can increase backup and replication costs as the database size grows. However, since large binary objects like photos and videos are written directly to disk, the total storage requirement is not significantly different between the two systems.

Security and Access Control

In terms of security, Nextcloud offers strict access control, along with the mod_security and security.txt configurations recommended in its “Security & Hardening Guide” documentation; I used fail2ban to block SSH brute-force attacks, and similarly directed Nextcloud login attempts to the same fail2ban table. Additionally, thanks to Nextcloud’s “Two-factor authentication” (TOTP) integration, I was able to add an extra authentication layer per user.

Immich currently does not offer a built-in 2FA mechanism; authentication is entirely handled via OAuth2 / OpenID Connect. This requires adding an external identity provider (like Keycloak); when I set up integration with Keycloak in a test environment, I encountered client_id and client_secret errors and saw “Invalid client secret” messages in the logs. Furthermore, since Immich’s API-level rate limiting is not yet an official feature, the risk of DDoS attacks may increase during heavy photo uploads.

Management and Scalability

From a management perspective, Nextcloud provides a web-based admin panel that allows you to manage user, group, and application settings from a single point; I set up LDAP integration in the “User Management” tab to enable single sign-on (SSO) via the in-house AD. When scalability is needed, I can horizontally scale Nextcloud using a “Multiple Server” architecture via Apache Proxy and “Redis cache”.

Immich, on the other hand, relies on a container-based architecture; it can be scaled by increasing the number of services in the Docker-Compose file or by migrating to Kubernetes. However, since the database (PostgreSQL) and Redis run as single instances, these components need to be scaled separately under high load. When I migrated Immich to Kubernetes in a test environment, I observed that the postgres pod’s CPU usage exceeded 70%; this indicated that adding a separate “read-replica” was mandatory.

Cost and Total Cost of Ownership (TCO)

In terms of cost, Nextcloud has no license fees; the only requirements are a Linux server and storage space. I ran Nextcloud on a mid-level VPS with 4 TB HDD and 16 GB RAM, paying an annual hosting fee of 120 USD. Immich has the same licensing model, but since it additionally requires Redis and PostgreSQL services for media workflows, running two extra services (1 CPU, 2 GB RAM each) on the same hardware increased the total RAM requirement to 6 GB; this could push the limits of the same VPS plan.

For operational maintenance, Nextcloud updates can be handled with a single apt upgrade command; Immich, however, requires Docker image updates and database migrations. When a new version of Immich was released, I followed the docker compose pull && docker compose up -d steps, but received a “migration failed” log during database migration and had to intervene manually. This additional maintenance time increases the long-term TCO.

Conclusion: Which Solution is More Suitable?

My clear position is this: Nextcloud is more suitable for organizations seeking file sharing, document management, and a broad plugin ecosystem, as it offers robust security, LDAP integration, and a scalable architecture. Teams focused on photo and video streaming, media tagging, and a lightweight service should opt for Immich; however, if security and scalability requirements exist, they will need to invest in an additional identity provider and database management.

Both solutions adhere to the “self-hosting” philosophy; the choice should be made based on your workflow priorities and existing infrastructure resources. If you find yourself at a decision point, I recommend first setting up a pilot environment in a real scenario and conducting load tests and security audits.

Paylaş:

Bu yazı faydalı oldu mu?

Yükleniyor...

Bu yazı nasıldı?

Frequently Asked Questions

Common questions readers have about this article.

What are the main differences between Nextcloud and Immich?
In my experience, I found Nextcloud to be a more comprehensive self-hosting solution. Nextcloud stands out with its file management, permanent sharing links, and extensive plugin ecosystem, while Immich is specifically designed for managing mobile photo and video streams with its media library and automatic tagging features.
How do I install and configure Nextcloud?
I installed the Nextcloud 27 package using 'apt' on an Ubuntu 22.04 server. After running the 'apt install nextcloud' command, PHP-FPM and Apache2 integration were automatically configured in the '/var/www/nextcloud' directory. I was also able to integrate NFS and S3 with the 'External Storage' plugin and directed the data storage layer to a separate RAID-10 array.
Is it easier to install Immich with Docker-Compose?
Yes, when I installed Immich with Docker-Compose, I achieved a quick setup. It was easily installed by adding three services (server, redis, postgres) to the 'docker-compose.yml' file. This method seems quite suitable, especially since Immich is lightweight and designed for managing mobile photo/video streams.
What are the advantages and disadvantages of Nextcloud and Immich in terms of security?
I evaluated both solutions in terms of security. Nextcloud appears advantageous with its 'self-hosting' model, giving you complete control over your data. However, the benefits of Immich's media library and automatic tagging features can be important, especially for photo-centric internal communication channels. As a disadvantage, I believe that the installation and configuration of both solutions require a certain level of expertise.
ME

Mustafa Erbay

Sistem Mimarisi · Network Uzmanı · Altyapı, Güvenlik ve Yazılım

2006'dan bu yana sistem mimarisi, network, sunucu altyapıları, büyük yapıların kurulumu, yazılım ve sistem güvenliği ekseninde çalışıyorum. Bu blogda sahada karşılığı olan teknik deneyimlerimi paylaşıyorum.

Kişisel Notlar

Bu notlar sadece sizde saklanır. Tarayıcınızda yerel olarak tutulur.

Hazır 0 karakter

Comments

Server-side AI Moderation

Comments are AI-moderated server-side and stored permanently.

?
0/2000

Server-side AI moderation

✉️ Free · No spam · Unsubscribe anytime

Get notified about new posts

New content and technical notes — straight to your inbox.

  • 📌
    Best of the week Single most-worth-reading post
  • 🔧
    Toolbox notes Real tools I used this week
  • 🧠
    Behind-the-scenes Notes that don't make it to blog

We don't spam. Unsubscribe anytime. · Tracked only by Umami (self-hosted, no Google).

Your Reading Stats

0

Posts Read

0m

Reading Time

0

Day Streak

-

Favorite Category

Related Posts