diff --git a/containers/immich/.env b/containers/immich/.env
new file mode 100644
index 0000000..9ad3af3
--- /dev/null
+++ b/containers/immich/.env
@@ -0,0 +1,21 @@
+# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
+
+# The location where your uploaded files are stored
+UPLOAD_LOCATION=./library
+# The location where your database files are stored
+DB_DATA_LOCATION=./postgres
+
+# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
+# TZ=Etc/UTC
+
+# The Immich version to use. You can pin this to a specific version like "v1.71.0"
+IMMICH_VERSION=release
+
+# Connection secret for postgres. You should change it to a random password
+# Please use only the characters `A-Za-z0-9`, without special characters or spaces
+DB_PASSWORD=postgres
+
+# The values below this line do not need to be changed
+###################################################################################
+DB_USERNAME=postgres
+DB_DATABASE_NAME=immich
diff --git a/containers/immich/.env.upstream b/containers/immich/.env.upstream
new file mode 100644
index 0000000..9ad3af3
--- /dev/null
+++ b/containers/immich/.env.upstream
@@ -0,0 +1,21 @@
+# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
+
+# The location where your uploaded files are stored
+UPLOAD_LOCATION=./library
+# The location where your database files are stored
+DB_DATA_LOCATION=./postgres
+
+# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
+# TZ=Etc/UTC
+
+# The Immich version to use. You can pin this to a specific version like "v1.71.0"
+IMMICH_VERSION=release
+
+# Connection secret for postgres. You should change it to a random password
+# Please use only the characters `A-Za-z0-9`, without special characters or spaces
+DB_PASSWORD=postgres
+
+# The values below this line do not need to be changed
+###################################################################################
+DB_USERNAME=postgres
+DB_DATABASE_NAME=immich
diff --git a/containers/immich/.gitignore b/containers/immich/.gitignore
new file mode 100644
index 0000000..517529d
--- /dev/null
+++ b/containers/immich/.gitignore
@@ -0,0 +1,2 @@
+/library/
+/postgres/
diff --git a/containers/immich/docker-compose.upstream.yml b/containers/immich/docker-compose.upstream.yml
new file mode 100644
index 0000000..927a95f
--- /dev/null
+++ b/containers/immich/docker-compose.upstream.yml
@@ -0,0 +1,76 @@
+#
+# WARNING: Make sure to use the docker-compose.yml of the current release:
+#
+# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
+#
+# The compose file on main may not be compatible with the latest release.
+#
+
+name: immich
+
+services:
+ immich-server:
+ container_name: immich_server
+ image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+ # extends:
+ # file: hwaccel.transcoding.yml
+ # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+ volumes:
+ # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
+ - ${UPLOAD_LOCATION}:/usr/src/app/upload
+ - /etc/localtime:/etc/localtime:ro
+ env_file:
+ - .env
+ ports:
+ - 2283:3001
+ depends_on:
+ - redis
+ - database
+ restart: always
+ healthcheck:
+ disable: false
+
+ immich-machine-learning:
+ container_name: immich_machine_learning
+ # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
+ # Example tag: ${IMMICH_VERSION:-release}-cuda
+ image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
+ # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
+ # file: hwaccel.ml.yml
+ # service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
+ volumes:
+ - model-cache:/cache
+ env_file:
+ - .env
+ restart: always
+ healthcheck:
+ disable: false
+
+ redis:
+ container_name: immich_redis
+ image: docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e
+ healthcheck:
+ test: redis-cli ping || exit 1
+ restart: always
+
+ database:
+ container_name: immich_postgres
+ image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
+ environment:
+ POSTGRES_PASSWORD: ${DB_PASSWORD}
+ POSTGRES_USER: ${DB_USERNAME}
+ POSTGRES_DB: ${DB_DATABASE_NAME}
+ POSTGRES_INITDB_ARGS: '--data-checksums'
+ volumes:
+ # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
+ - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
+ healthcheck:
+ test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+ interval: 5m
+ start_interval: 30s
+ start_period: 5m
+ command: ["postgres", "-c", "shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
+ restart: always
+
+volumes:
+ model-cache:
diff --git a/containers/immich/docker-compose.yml b/containers/immich/docker-compose.yml
new file mode 100644
index 0000000..74fb856
--- /dev/null
+++ b/containers/immich/docker-compose.yml
@@ -0,0 +1,86 @@
+---
+
+###
+# Edit variables via .env file
+###
+
+name: immich
+services:
+ immich-server:
+ container_name: immich_server
+ image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+ extends:
+ file: hwaccel.transcoding.yml
+ service: vaapi
+ volumes:
+ - ${UPLOAD_LOCATION}:/usr/src/app/upload
+ - /etc/localtime:/etc/localtime:ro
+ env_file:
+ - .env
+ ports:
+ - 2283:3001
+ depends_on:
+ - redis
+ - database
+ restart: unless-stopped
+ healthcheck:
+ disable: false
+
+ immich-machine-learning:
+ container_name: immich_machine_learning-openvino
+ image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
+ extends:
+ file: hwaccel.ml.yml
+ service: openvino
+ volumes:
+ - model-cache:/cache
+ env_file:
+ - .env
+ restart: unless-stopped
+ healthcheck:
+ disable: false
+
+ redis:
+ container_name: immich_redis
+ image: docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e
+ healthcheck:
+ test: redis-cli ping || exit 1
+ restart: unless-stopped
+
+ database:
+ container_name: immich_postgres
+ image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
+ environment:
+ POSTGRES_PASSWORD: ${DB_PASSWORD}
+ POSTGRES_USER: ${DB_USERNAME}
+ POSTGRES_DB: ${DB_DATABASE_NAME}
+ POSTGRES_INITDB_ARGS: '--data-checksums'
+ volumes:
+ - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
+ healthcheck:
+ test: >-
+ pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1;
+ Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
+ echo "checksum failure count is $$Chksum";
+ [ "$$Chksum" = '0' ] || exit 1
+ interval: 5m
+ start_interval: 30s
+ start_period: 5m
+ command:
+ - postgres
+ - -c
+ - shared_preload_libraries=vectors.so
+ - -c
+ - 'search_path="$$user", public, vectors'
+ - -c
+ - logging_collector=on
+ - -c
+ - max_wal_size=2GB
+ - -c
+ - shared_buffers=512MB
+ - -c
+ - wal_compression=on
+ restart: unless-stopped
+
+volumes:
+ model-cache:
diff --git a/containers/immich/hwaccel.ml.upstream.yml b/containers/immich/hwaccel.ml.upstream.yml
new file mode 100644
index 0000000..d9455d2
--- /dev/null
+++ b/containers/immich/hwaccel.ml.upstream.yml
@@ -0,0 +1,43 @@
+# Configurations for hardware-accelerated machine learning
+
+# If using Unraid or another platform that doesn't allow multiple Compose files,
+# you can inline the config for a backend by copying its contents
+# into the immich-machine-learning service in the docker-compose.yml file.
+
+# See https://immich.app/docs/features/ml-hardware-acceleration for info on usage.
+
+services:
+ armnn:
+ devices:
+ - /dev/mali0:/dev/mali0
+ volumes:
+ - /lib/firmware/mali_csffw.bin:/lib/firmware/mali_csffw.bin:ro # Mali firmware for your chipset (not always required depending on the driver)
+ - /usr/lib/libmali.so:/usr/lib/libmali.so:ro # Mali driver for your chipset (always required)
+
+ cpu: {}
+
+ cuda:
+ deploy:
+ resources:
+ reservations:
+ devices:
+ - driver: nvidia
+ count: 1
+ capabilities:
+ - gpu
+
+ openvino:
+ device_cgroup_rules:
+ - 'c 189:* rmw'
+ devices:
+ - /dev/dri:/dev/dri
+ volumes:
+ - /dev/bus/usb:/dev/bus/usb
+
+ openvino-wsl:
+ devices:
+ - /dev/dri:/dev/dri
+ - /dev/dxg:/dev/dxg
+ volumes:
+ - /dev/bus/usb:/dev/bus/usb
+ - /usr/lib/wsl:/usr/lib/wsl
diff --git a/containers/immich/hwaccel.ml.yml b/containers/immich/hwaccel.ml.yml
new file mode 100644
index 0000000..91141dc
--- /dev/null
+++ b/containers/immich/hwaccel.ml.yml
@@ -0,0 +1,37 @@
+---
+
+services:
+ armnn:
+ devices:
+ - /dev/mali0:/dev/mali0
+ volumes:
+ - /lib/firmware/mali_csffw.bin:/lib/firmware/mali_csffw.bin:ro # Mali firmware for your chipset (not always required depending on the driver)
+ - /usr/lib/libmali.so:/usr/lib/libmali.so:ro # Mali driver for your chipset (always required)
+
+ cpu: {}
+
+ cuda:
+ deploy:
+ resources:
+ reservations:
+ devices:
+ - driver: nvidia
+ count: 1
+ capabilities:
+ - gpu
+
+ openvino:
+ device_cgroup_rules:
+ - 'c 189:* rmw'
+ devices:
+ - /dev/dri:/dev/dri
+ volumes:
+ - /dev/bus/usb:/dev/bus/usb
+
+ openvino-wsl:
+ devices:
+ - /dev/dri:/dev/dri
+ - /dev/dxg:/dev/dxg
+ volumes:
+ - /dev/bus/usb:/dev/bus/usb
+ - /usr/lib/wsl:/usr/lib/wsl
diff --git a/containers/immich/hwaccel.transcoding.upstream.yml b/containers/immich/hwaccel.transcoding.upstream.yml
new file mode 100644
index 0000000..bd4e2a4
--- /dev/null
+++ b/containers/immich/hwaccel.transcoding.upstream.yml
@@ -0,0 +1,55 @@
+# Configurations for hardware-accelerated transcoding
+
+# If using Unraid or another platform that doesn't allow multiple Compose files,
+# you can inline the config for a backend by copying its contents
+# into the immich-microservices service in the docker-compose.yml file.
+
+# See https://immich.app/docs/features/hardware-transcoding for more info on using hardware transcoding.
+
+services:
+ cpu: {}
+
+ nvenc:
+ deploy:
+ resources:
+ reservations:
+ devices:
+ - driver: nvidia
+ count: 1
+ capabilities:
+ - gpu
+ - compute
+ - video
+
+ quicksync:
+ devices:
+ - /dev/dri:/dev/dri
+
+ rkmpp:
+ security_opt: # enables full access to /sys and /proc, still far better than privileged: true
+ - systempaths=unconfined
+ - apparmor=unconfined
+ group_add:
+ - video
+ devices:
+ - /dev/rga:/dev/rga
+ - /dev/dri:/dev/dri
+ - /dev/dma_heap:/dev/dma_heap
+ - /dev/mpp_service:/dev/mpp_service
+ #- /dev/mali0:/dev/mali0 # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
+ volumes:
+ #- /etc/OpenCL:/etc/OpenCL:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
+ #- /usr/lib/aarch64-linux-gnu/libmali.so.1:/usr/lib/aarch64-linux-gnu/libmali.so.1:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
+
+ vaapi:
+ devices:
+ - /dev/dri:/dev/dri
+
+ vaapi-wsl: # use this for VAAPI if you're running Immich in WSL2
+ devices:
+ - /dev/dri:/dev/dri
+ volumes:
+ - /usr/lib/wsl:/usr/lib/wsl
+ environment:
+ - LD_LIBRARY_PATH=/usr/lib/wsl/lib
+ - LIBVA_DRIVER_NAME=d3d12
diff --git a/containers/immich/hwaccel.transcoding.yml b/containers/immich/hwaccel.transcoding.yml
new file mode 100644
index 0000000..9f2e1dc
--- /dev/null
+++ b/containers/immich/hwaccel.transcoding.yml
@@ -0,0 +1,49 @@
+---
+
+services:
+ cpu: {}
+
+ nvenc:
+ deploy:
+ resources:
+ reservations:
+ devices:
+ - driver: nvidia
+ count: 1
+ capabilities:
+ - gpu
+ - compute
+ - video
+
+ quicksync:
+ devices:
+ - /dev/dri:/dev/dri
+
+ rkmpp:
+ security_opt: # enables full access to /sys and /proc, still far better than privileged: true
+ - systempaths=unconfined
+ - apparmor=unconfined
+ group_add:
+ - video
+ devices:
+ - /dev/rga:/dev/rga
+ - /dev/dri:/dev/dri
+ - /dev/dma_heap:/dev/dma_heap
+ - /dev/mpp_service:/dev/mpp_service
+ #- /dev/mali0:/dev/mali0 # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
+ volumes:
+ #- /etc/OpenCL:/etc/OpenCL:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
+ #- /usr/lib/aarch64-linux-gnu/libmali.so.1:/usr/lib/aarch64-linux-gnu/libmali.so.1:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping
+
+ vaapi:
+ devices:
+ - /dev/dri:/dev/dri
+
+ vaapi-wsl: # use this for VAAPI if you're running Immich in WSL2
+ devices:
+ - /dev/dri:/dev/dri
+ volumes:
+ - /usr/lib/wsl:/usr/lib/wsl
+ environment:
+ - LD_LIBRARY_PATH=/usr/lib/wsl/lib
+ - LIBVA_DRIVER_NAME=d3d12
diff --git a/knowledge base/immich.md b/knowledge base/immich.md
new file mode 100644
index 0000000..cd9ab66
--- /dev/null
+++ b/knowledge base/immich.md
@@ -0,0 +1,65 @@
+# Immich
+
+Self-hosted photo and video management solution.
+
+1. [TL;DR](#tldr)
+1. [Further readings](#further-readings)
+
+## TL;DR
+
+
+ Setup
+
+```sh
+curl -O 'https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml' \
+&& curl -o '.env' 'https://github.com/immich-app/immich/releases/latest/download/example.env' \
+&& curl -O 'https://github.com/immich-app/immich/releases/latest/download/hwaccel.transcoding.yml' \
+&& curl -O 'https://github.com/immich-app/immich/releases/latest/download/hwaccel.ml.yml' \
+&& docker compose up -d \
+&& xdg-open 'http://localhost:2283'
+```
+
+The composition uses `.env` for configuration.
+Refer the [Environment Variables] documentation page for the available environment variables.
+
+
+
+
+
+
+## Further readings
+
+- [Website]
+- [Main repository]
+- [Environment Variables]
+
+
+
+
+
+
+
+[environment variables]: https://immich.app/docs/install/environment-variables
+[main repository]: https://github.com/immich-app/immich
+[website]: https://immich.app/
+
+
diff --git a/knowledge base/self-hosting.md b/knowledge base/self-hosting.md
index f331860..d5ea62a 100644
--- a/knowledge base/self-hosting.md
+++ b/knowledge base/self-hosting.md
@@ -9,24 +9,25 @@ The _art_ of hosting and managing applications on one's own servers instead of c
## Software
-| Name | Description | Alternatives |
-| ---------------- | -------------------------- | ----------------------------------------- |
-| [AWX] | Task runner | [CTFreak], [Rundeck], [Semaphore], [Zuul] |
-| [Baikal] | CalDAV and CardDAV server | [Radicale] |
-| [CTFreak] | Task runner | [AWX], [Rundeck], [Semaphore], [Zuul] |
-| [Gitea] | Git server | [Gitlab], [Gogs] |
-| [Gitlab] | Git server | [Gitea], [Gogs] |
-| [Gogs] | Git server | [Gitea], [Gitlab] |
-| [Home Assistant] | Home automation platform | |
-| [NextCloud] | File sharing platform | [OwnCloud] |
-| [OpenMediaVault] | NAS solution | [TrueNAS] |
-| [Paperless-ngx] | Document management system | |
-| [PhotoPrism] | Google Photos replacement | |
-| [Rundeck] | Task runner | [AWX], [CTFreak], [Semaphore], [Zuul] |
-| [Semaphore] | Task runner | [AWX], [CTFreak], [Rundeck], [Zuul] |
-| [Uptime Kuma] | Status page | [Gatus], [Statping-ng], [Vigil] |
-| [Zuul] | Task runner | [AWX], [CTFreak], [Rundeck], [Semaphore] |
-| [Wallabag] | Web page saver | Pocket |
+| Name | Description | Alternatives |
+| ---------------- | ----------------------------------- | ----------------------------------------- |
+| [AWX] | Task runner | [CTFreak], [Rundeck], [Semaphore], [Zuul] |
+| [Baikal] | CalDAV and CardDAV server | [Radicale] |
+| [CTFreak] | Task runner | [AWX], [Rundeck], [Semaphore], [Zuul] |
+| [Gitea] | Git server | [Gitlab], [Gogs] |
+| [Gitlab] | Git server | [Gitea], [Gogs] |
+| [Gogs] | Git server | [Gitea], [Gitlab] |
+| [Home Assistant] | Home automation platform | |
+| [Immich] | Photo and video management solution | Google Photo |
+| [NextCloud] | File sharing platform | [OwnCloud] |
+| [OpenMediaVault] | NAS solution | [TrueNAS] |
+| [Paperless-ngx] | Document management system | |
+| [PhotoPrism] | Google Photos replacement | |
+| [Rundeck] | Task runner | [AWX], [CTFreak], [Semaphore], [Zuul] |
+| [Semaphore] | Task runner | [AWX], [CTFreak], [Rundeck], [Zuul] |
+| [Uptime Kuma] | Status page | [Gatus], [Statping-ng], [Vigil] |
+| [Wallabag] | Web page saver | Pocket |
+| [Zuul] | Task runner | [AWX], [CTFreak], [Rundeck], [Semaphore] |
## Further readings
@@ -45,6 +46,7 @@ The _art_ of hosting and managing applications on one's own servers instead of c
[baikal]: baikal.md
[gitea]: gitea.md
[gitlab]: gitlab/README.md
+[immich]: immich.md
[nextcloud]: nextcloud.md
[openmediavault]: openmediavault.md
[paperless-ngx]: paperless-ngx.md
diff --git a/knowledge base/watchtower.md b/knowledge base/watchtower.md
new file mode 100644
index 0000000..615671e
--- /dev/null
+++ b/knowledge base/watchtower.md
@@ -0,0 +1,72 @@
+# Watchtower
+
+Container-based solution for automating Docker container base image updates.
+
+> Intended to be used in homelabs, media centers, local dev environments, and such.
+> **Not** recommend in commercial or production environments.
+
+1. [TL;DR](#tldr)
+1. [Further readings](#further-readings)
+ 1. [Sources](#sources)
+
+## TL;DR
+
+
+ Setup
+
+```sh
+docker run -d --name 'watchtower' -v '/var/run/docker.sock:/var/run/docker.sock' 'containrrr/watchtower'
+```
+
+Docker compose:
+
+```yaml
+services:
+ watchtower:
+ image: containrrr/watchtower
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
+```
+
+
+
+
+
+
+
+## Further readings
+
+- [Website]
+- [Main repository]
+
+### Sources
+
+
+
+
+
+
+
+[main repository]: https://github.com/containrrr/watchtower/
+[website]: https://containrrr.dev/watchtower/
+
+