Image management Immich

Immich is an image management server.

1. Create .env see all variables

   UPLOAD_LOCATION=/home/docker/images
   TZ=Europe/Berlin
   IMMICH_VERSION="v2.6.2"
   
   DB_PASSWORD=<REDACTED>
   DB_DATA_LOCATION=./postgres
   DB_USERNAME=postgres
   DB_DATABASE_NAME=immich
   

2. Create docker-compose.yml official guide

   name: immich
   
   services:
       immich-server:
           container_name: immich_server
           image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
           volumes:
               - ${UPLOAD_LOCATION}:/usr/src/app/upload
               - /etc/localtime:/etc/localtime:ro
           env_file:
               - .env
           ports:
               - '2283:2283'
           depends_on:
               - redis
               - database
           restart: always
           healthcheck:
               disable: false
           networks: ["server"]
           labels:
               - "traefik.enable=true"
               - "traefik.http.routers.immich-server.rule=Host(`images.${DOMAIN}`)"
   
       redis:
           container_name: immich_redis
           image: docker.io/valkey/valkey:9@sha256:3eeb09785cd61ec8e3be35f8804c8892080f3ca21934d628abc24ee4ed1698f6
           healthcheck:
           test: redis-cli ping || exit 1
           restart: always
           networks: ["server"]
           command: valkey-server --ignore-warnings ARM64-COW-BUG
   
   
       database:
           container_name: immich_postgres
           image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
           environment:
               POSTGRES_PASSWORD: ${DB_PASSWORD}
               POSTGRES_USER: ${DB_USERNAME}
               POSTGRES_DB: ${DB_DATABASE_NAME}
               POSTGRES_INITDB_ARGS: '--data-checksums'
               # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs
               # DB_STORAGE_TYPE: 'HDD'
           volumes:  
               - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
           restart: always
           networks: ["server"]
   
   networks:
       server:
           external: true
   

3. Configure SSO authelia
   1. Login to Immich.
   2. Navigate to OAuth Settings.
   3. Configure the following options:

      key	value
      ISSUER_URL	https://auth.DOMAIN/.well-known/openid-configuration
      CLIENT_ID	immich
      CLIENT_SECRET	REDACTED
      SCOPE	openid email profile immich_scope
      ID_TOKEN_SIGNED_RESPONSE_ALG	RS256
      USERINFO_SIGNED_RESPONSE_ALG	RS256
      Storage label claim	uid
      Role Claim	immich_role
      Storage quota claim	immich_quota
      Default storage quota (GiB)	0
      Button Text	Login with Authelia
      Auto Register	true
      Auto Launch	false
      Mobile redirect URI override	false

   4. Press Save at the bottom