il/ilnmors-homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ilnmors-homelab/docs/services/app/immich.md

87 lines
2.2 KiB
Markdown
Raw Permalink Blame History

# immich
## Prerequisite
### Create database
- Create the password with `openssl rand -base64 32`
- Save this value in secrets.yaml in `postgresql.password.immich`
- Access infra server to create immich_db with `podman exec -it postgresql psql -U postgres`
```SQL
CREATE USER immich WITH PASSWORD 'postgresql.password.immich';
CREATE DATABASE immich_db;
ALTER DATABASE immich_db OWNER TO immich;
\connect immich_db
CREATE EXTENSION IF NOT EXISTS vchord CASCADE;
CREATE EXTENSION IF NOT EXISTS cube CASCADE;
CREATE EXTENSION IF NOT EXISTS earthdistance CASCADE;
\dx
-- Check the extension is activated with `\dx`
-- postgresql image is built with `pgvector` and `vectorchord` already
```
### Create oidc secret and hash
- Create the secret with `openssl rand -base64 32`
- access to auth vm
- `podman exec -it authelia sh`
- `authelia crypto hash generate pbkdf2 --password 'immich.oidc.secret'`
- Save this value in secrets.yaml in `immich.oidc.secret` and `immich.oidc.hash`
### Create admin password
- Create the secret with `openssl rand -base64 32`
- Save this value in secrets.yaml in `immich.il.password`
### Add postgresql dump backup list
- [set_postgresql.yaml](../../../ansible/roles/infra/tasks/services/set_postgresql.yaml)
```yaml
- name: Set connected services list
ansible.builtin.set_fact:
connected_services:
- ...
- "immich"
```
## Configuration
### Access to immich
- https://immich.ilnmors.com
- Getting started
- admin E-mail
- admin password
- admin name
- Theme
- language
- Server privacy
- map
- version check
- User privacy
- google cast \(disable\)
- Storage template
- `{{y}}/{{MM}}/{{y}}{{MM}}{{dd}}_{{hh}}{{mm}}{{ss}}`
- Backups
- Mobile App
- Done
### Oauth configuration
- Administartion: Authentication Settings: OAuth: Enable
- Issuer URL: https://auth.example.com/.well-known/openid-configuration
- Client ID: immich
- Client Secret: immich.oidc.secret
- Scope: openid profile email
- Button Text: Login with Authelia
- Auto Register: Enable if desired
### Machine learning configuration
- Administration: Machine Learning Settings: Enable
- URL: http://host.containers.internal:3003
- **!CAUTION!**
- immich-ml should contain `-openvino` to use GPU for machine learning.
Reference in New Issue View Git Blame Copy Permalink