feat: editor endpoints

.devcontainer/Dockerfile

@@ -1,2 +0,0 @@
-ARG BASEIMAGE=mcr.microsoft.com/devcontainers/typescript-node:22@sha256:9791f4aa527774bc370c6bd2f6705ce5a686f1e6f204badd8dfaacce28c631ae
-FROM ${BASEIMAGE}

.devcontainer/devcontainer.json

@@ -1,20 +0,0 @@
-{
-	"name": "Immich devcontainers",
-	"build": {
-		"dockerfile": "Dockerfile",
-		"args": {
-			"BASEIMAGE": "mcr.microsoft.com/devcontainers/typescript-node:22"
-		}
-	},
-	"customizations": {
-		"vscode": {
-			"extensions": [
-				"svelte.svelte-vscode"
-			]
-		}
-	},
-	"forwardPorts": [],
-	"postCreateCommand": "make install-all",
-	"remoteUser": "node"
-}
-

.dockerignore

@@ -22,7 +22,6 @@ open-api/typescript-sdk/node_modules/
 server/coverage/
 server/node_modules/
 server/upload/
-server/src/queries
 server/dist/
 server/www/
 

.github/FUNDING.yml

@@ -1 +0,0 @@
-custom: ['https://buy.immich.app']

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -83,6 +83,7 @@ body:
         2.
         3.
         ...
+      render: bash
     validations:
       required: true
 

.github/ISSUE_TEMPLATE/config.yml

@@ -1,14 +1,11 @@
 blank_issues_enabled: false
 contact_links:
-  - name: ✋ I have a question or need support
+  - name: I have a question or need support
     url: https://discord.immich.app
     about: We use GitHub for tracking bugs, please check out our Discord channel for freaky fast support.
-  - name: 📷 My photo or video has a date, time, or timezone problem
-    url: https://github.com/immich-app/immich/discussions/12650
-    about: Upload a sample file to this discussion and we will take a look
-  - name: 🌟 Feature request
+  - name: Feature Request
     url: https://github.com/immich-app/immich/discussions/new?category=feature-request
     about: Please use our GitHub Discussion for making feature requests.
-  - name: 🫣 I'm unsure where to go
+  - name: I'm unsure where to go
     url: https://discord.immich.app
     about: If you are unsure where to go, then joining our Discord is recommended; Just ask!

.github/dependabot.yml

@@ -0,0 +1,7 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/labeler.yml

@@ -33,6 +33,3 @@ documentation:
   - changed-files:
       - any-glob-to-any-file:
           - machine-learning/app/**
-
-changelog:translation:
-  - head-branch: ['^chore/translations$']

.github/release.yml

@@ -1,33 +1,41 @@
 changelog:
   categories:
-    - title: 🚨 Breaking Changes
+    - title: ⚠️ Breaking Changes
       labels:
-        - changelog:breaking-change
+        - breaking-change
 
-    - title: 🫥 Deprecated Changes
+    - title: 🗄️ Server
       labels:
-        - changelog:deprecated
+        - 🗄️server
 
-    - title: 🔒 Security
+    - title: 📱 Mobile
       labels:
-        - changelog:security
+        - 📱mobile
 
-    - title: 🚀 Features
+    - title: 🖥️ Web
       labels:
-        - changelog:feature
+        - 🖥️web
 
-    - title: 🌟 Enhancements
+    - title: 🧠 Machine Learning
       labels:
-        - changelog:enhancement
+        - 🧠machine-learning
 
-    - title: 🐛 Bug fixes
+    - title: ⚡ CLI
       labels:
-        - changelog:bugfix
+        - cli
 
-    - title: 📚 Documentation
+    - title: 📓 Documentation
       labels:
-        - changelog:documentation
+        - documentation
 
-    - title: 🌐 Translations
+    - title: 🔨 Maintenance
       labels:
-        - changelog:translation
+        - deployment
+        - dependencies
+        - renovate
+        - maintenance
+        - tech-debt
+
+    - title: Other changes
+      labels:
+        - "*"

.github/workflows/build-mobile.yml

@@ -16,28 +16,10 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-      - id: found_paths
-        uses: dorny/paths-filter@v3
-        with:
-          filters: |
-            mobile:
-              - 'mobile/**'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ github.event_name == 'workflow_call' || github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
-
   build-sign-android:
     name: Build and sign Android
-    needs: pre-job
     # Skip when PR from a fork
-    if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' && needs.pre-job.outputs.should_run == 'true' }}
+    if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }}
     runs-on: macos-14
 
     steps:

.github/workflows/cli.yml

@@ -22,7 +22,7 @@ permissions:
 
 jobs:
   publish:
-    name: CLI Publish
+    name: Publish
     runs-on: ubuntu-latest
     defaults:
       run:
@@ -59,7 +59,7 @@ jobs:
         uses: docker/setup-qemu-action@v3.2.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.8.0
+        uses: docker/setup-buildx-action@v3.6.1
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
@@ -88,7 +88,7 @@ jobs:
             type=raw,value=latest,enable=${{ github.event_name == 'release' }}
 
       - name: Build and push image
-        uses: docker/build-push-action@v6.10.0
+        uses: docker/build-push-action@v6.6.1
         with:
           file: cli/Dockerfile
           platforms: linux/amd64,linux/arm64

.github/workflows/docker-cleanup.yml

@@ -22,7 +22,7 @@ concurrency:
 jobs:
   cleanup-images:
     name: Cleanup Stale Images Tags for ${{ matrix.primary-name }}
-    runs-on: ubuntu-24.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
@@ -35,7 +35,7 @@ jobs:
     steps:
       - name: Clean temporary images
         if: "${{ env.TOKEN != '' }}"
-        uses: stumpylog/image-cleaner-action/ephemeral@v0.9.0
+        uses: stumpylog/image-cleaner-action/ephemeral@v0.8.0
         with:
           token: "${{ env.TOKEN }}"
           owner: "immich-app"
@@ -48,7 +48,7 @@ jobs:
 
   cleanup-untagged-images:
     name: Cleanup Untagged Images Tags for ${{ matrix.primary-name }}
-    runs-on: ubuntu-24.04
+    runs-on: ubuntu-22.04
     needs:
       - cleanup-images
     strategy:
@@ -64,7 +64,7 @@ jobs:
     steps:
       - name: Clean untagged images
         if: "${{ env.TOKEN != '' }}"
-        uses: stumpylog/image-cleaner-action/untagged@v0.9.0
+        uses: stumpylog/image-cleaner-action/untagged@v0.8.0
         with:
           token: "${{ env.TOKEN }}"
           owner: "immich-app"

.github/workflows/docker.yml

@@ -17,197 +17,47 @@ permissions:
   packages: write
 
 jobs:
-  pre-job:
+  build_and_push:
+    name: Build and Push
     runs-on: ubuntu-latest
-    outputs:
-      should_run_server: ${{ steps.found_paths.outputs.server == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_ml: ${{ steps.found_paths.outputs.machine-learning == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-      - id: found_paths
-        uses: dorny/paths-filter@v3
-        with:
-          filters: |
-            server:
-              - 'server/**'
-              - 'openapi/**'
-              - 'web/**'
-              - 'i18n/**'
-            machine-learning:
-              - 'machine-learning/**'
-
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ github.event_name == 'workflow_dispatch' || github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
-
-  retag_ml:
-    name: Re-Tag ML
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'false' && !github.event.pull_request.head.repo.fork }}
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        suffix: ["", "-cuda", "-openvino", "-armnn"]
-    steps:
-        - name: Login to GitHub Container Registry
-          uses: docker/login-action@v3
-          with:
-            registry: ghcr.io
-            username: ${{ github.repository_owner }}
-            password: ${{ secrets.GITHUB_TOKEN }}
-        - name: Re-tag image
-          run: |
-              REGISTRY_NAME="ghcr.io"
-              REPOSITORY=${{ github.repository_owner }}/immich-machine-learning
-              TAG_OLD=main${{ matrix.suffix }}
-              TAG_NEW=${{ github.event.number == 0 && github.ref_name ||  format('pr-{0}', github.event.number)  }}${{ matrix.suffix }}
-              docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_NEW $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
-
-  retag_server:
-    name: Re-Tag Server
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'false' && !github.event.pull_request.head.repo.fork }}
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        suffix: [""]
-    steps:
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Re-tag image
-        run: |
-          REGISTRY_NAME="ghcr.io"
-          REPOSITORY=${{ github.repository_owner }}/immich-server
-          TAG_OLD=main${{ matrix.suffix }}
-          TAG_NEW=${{ github.event.number == 0 && github.ref_name ||  format('pr-{0}', github.event.number)  }}${{ matrix.suffix }}
-          docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_NEW $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
-
-
-  build_and_push_ml:
-    name: Build and Push ML
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'true' }}
-    runs-on: ubuntu-latest
-    env:
-      image: immich-machine-learning
-      context: machine-learning
-      file: machine-learning/Dockerfile
     strategy:
       # Prevent a failure in one image from stopping the other builds
       fail-fast: false
       matrix:
         include:
-          - platforms: linux/amd64,linux/arm64
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64,linux/arm64
             device: cpu
 
-          - platforms: linux/amd64
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64
             device: cuda
             suffix: -cuda
 
-          - platforms: linux/amd64
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64
             device: openvino
             suffix: -openvino
 
-          - platforms: linux/arm64
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/arm64
             device: armnn
             suffix: -armnn
 
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3.2.0
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.8.0
-
-      - name: Login to Docker Hub
-        # Only push to Docker Hub when making a release
-        if: ${{ github.event_name == 'release' }}
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        # Skip when PR from a fork
-        if: ${{ !github.event.pull_request.head.repo.fork }}
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Generate docker image tags
-        id: metadata
-        uses: docker/metadata-action@v5
-        with:
-          flavor: |
-            # Disable latest tag
-            latest=false
-          images: |
-            name=ghcr.io/${{ github.repository_owner }}/${{env.image}}
-            name=altran1502/${{env.image}},enable=${{ github.event_name == 'release' }}
-          tags: |
-            # Tag with branch name
-            type=ref,event=branch,suffix=${{ matrix.suffix }}
-            # Tag with pr-number
-            type=ref,event=pr,suffix=${{ matrix.suffix }}
-            # Tag with git tag on release
-            type=ref,event=tag,suffix=${{ matrix.suffix }}
-            type=raw,value=release,enable=${{ github.event_name == 'release' }},suffix=${{ matrix.suffix }}
-
-      - name: Determine build cache output
-        id: cache-target
-        run: |
-          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-            # Essentially just ignore the cache output (PR can't write to registry cache)
-            echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
-          else
-            echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ env.image }}" >> $GITHUB_OUTPUT
-          fi
-
-      - name: Build and push image
-        uses: docker/build-push-action@v6.10.0
-        with:
-          context: ${{ env.context }}
-          file: ${{ env.file }}
-          platforms: ${{ matrix.platforms }}
-          # Skip pushing when PR from a fork
-          push: ${{ !github.event.pull_request.head.repo.fork }}
-          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{env.image}}
-          cache-to: ${{ steps.cache-target.outputs.cache-to }}
-          tags: ${{ steps.metadata.outputs.tags }}
-          labels: ${{ steps.metadata.outputs.labels }}
-          build-args: |
-            DEVICE=${{ matrix.device }}
-            BUILD_ID=${{ github.run_id }}
-            BUILD_IMAGE=${{ github.event_name == 'release' && github.ref_name || steps.metadata.outputs.tags }}
-            BUILD_SOURCE_REF=${{ github.ref_name }}
-            BUILD_SOURCE_COMMIT=${{ github.sha }}
-
-
-  build_and_push_server:
-    name: Build and Push Server
-    runs-on: ubuntu-latest
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
-    env:
-      image: immich-server
-      context: .
-      file: server/Dockerfile
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - platforms: linux/amd64,linux/arm64
+          - image: immich-server
+            context: .
+            file: server/Dockerfile
+            platforms: linux/amd64,linux/arm64
             device: cpu
+
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -216,7 +66,7 @@ jobs:
         uses: docker/setup-qemu-action@v3.2.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.8.0
+        uses: docker/setup-buildx-action@v3.6.1
 
       - name: Login to Docker Hub
         # Only push to Docker Hub when making a release
@@ -243,8 +93,8 @@ jobs:
             # Disable latest tag
             latest=false
           images: |
-            name=ghcr.io/${{ github.repository_owner }}/${{env.image}}
-            name=altran1502/${{env.image}},enable=${{ github.event_name == 'release' }}
+            name=ghcr.io/${{ github.repository_owner }}/${{matrix.image}}
+            name=altran1502/${{matrix.image}},enable=${{ github.event_name == 'release' }}
           tags: |
             # Tag with branch name
             type=ref,event=branch,suffix=${{ matrix.suffix }}
@@ -261,18 +111,18 @@ jobs:
             # Essentially just ignore the cache output (PR can't write to registry cache)
             echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
           else
-            echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ env.image }}" >> $GITHUB_OUTPUT
+            echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ matrix.image }}" >> $GITHUB_OUTPUT
           fi
 
       - name: Build and push image
-        uses: docker/build-push-action@v6.10.0
+        uses: docker/build-push-action@v6.6.1
         with:
-          context: ${{ env.context }}
-          file: ${{ env.file }}
+          context: ${{ matrix.context }}
+          file: ${{ matrix.file }}
           platforms: ${{ matrix.platforms }}
           # Skip pushing when PR from a fork
           push: ${{ !github.event.pull_request.head.repo.fork }}
-          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{env.image}}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{matrix.image}}
           cache-to: ${{ steps.cache-target.outputs.cache-to }}
           tags: ${{ steps.metadata.outputs.tags }}
           labels: ${{ steps.metadata.outputs.labels }}
@@ -282,29 +132,3 @@ jobs:
             BUILD_IMAGE=${{ github.event_name == 'release' && github.ref_name || steps.metadata.outputs.tags }}
             BUILD_SOURCE_REF=${{ github.ref_name }}
             BUILD_SOURCE_COMMIT=${{ github.sha }}
-
-  success-check-server:
-    name: Docker Build & Push Server Success
-    needs: [build_and_push_server, retag_server]
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - name: Any jobs failed?
-        if: ${{ contains(needs.*.result, 'failure') }}
-        run: exit 1
-      - name: All jobs passed or skipped
-        if: ${{ !(contains(needs.*.result, 'failure')) }}
-        run: echo "All jobs passed or skipped" && echo "${{ toJSON(needs.*.result) }}"
-
-  success-check-ml:
-    name: Docker Build & Push ML Success
-    needs: [build_and_push_ml, retag_ml]
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - name: Any jobs failed?
-        if: ${{ contains(needs.*.result, 'failure') }}
-        run: exit 1
-      - name: All jobs passed or skipped
-        if: ${{ !(contains(needs.*.result, 'failure')) }}
-        run: echo "All jobs passed or skipped" && echo "${{ toJSON(needs.*.result) }}"

.github/workflows/docs-build.yml

@@ -2,8 +2,12 @@ name: Docs build
 on:
   push:
     branches: [main]
+    paths:
+      - "docs/**"
   pull_request:
     branches: [main]
+    paths:
+      - "docs/**"
   release:
     types: [published]
 
@@ -12,27 +16,7 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.docs == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-      - id: found_paths
-        uses: dorny/paths-filter@v3
-        with:
-          filters: |
-            docs:
-              - 'docs/**'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ github.event_name == 'release' || github.ref_name == 'main' }}" >> "$GITHUB_OUTPUT"
-
   build:
-    name: Docs Build
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}
     runs-on: ubuntu-latest
     defaults:
       run:

.github/workflows/docs-deploy.yml

@@ -7,32 +7,13 @@ on:
 
 jobs:
   checks:
-    name: Docs Deploy Checks
     runs-on: ubuntu-latest
     outputs:
       parameters: ${{ steps.parameters.outputs.result }}
-      artifact: ${{ steps.get-artifact.outputs.result }}
     steps:
-      - if: ${{ github.event.workflow_run.conclusion != 'success' }}
-        run: echo 'The triggering workflow did not succeed' && exit 1
-      - name: Get artifact
-        id: get-artifact
-        uses: actions/github-script@v7
-        with:
-          script: |
-            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               run_id: context.payload.workflow_run.id,
-            });
-            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
-              return artifact.name == "docs-build-output"
-            })[0];
-            if (!matchArtifact) {
-              console.log("No artifact found with the name docs-build-output, build job was skipped")
-              return { found: false };
-            }
-            return { found: true, id: matchArtifact.id };
+      - if: ${{ github.event.workflow_run.conclusion == 'failure' }}
+        run: echo 'The triggering workflow failed' && exit 1
+
       - name: Determine deploy parameters
         id: parameters
         uses: actions/github-script@v7
@@ -92,10 +73,9 @@ jobs:
             return parameters;
 
   deploy:
-    name: Docs Deploy
     runs-on: ubuntu-latest
     needs: checks
-    if: ${{ fromJson(needs.checks.outputs.artifact).found && fromJson(needs.checks.outputs.parameters).shouldDeploy }}
+    if: ${{ fromJson(needs.checks.outputs.parameters).shouldDeploy }}
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -118,11 +98,18 @@ jobs:
         uses: actions/github-script@v7
         with:
           script: |
-            let artifact = ${{ needs.checks.outputs.artifact }};
+            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               run_id: context.payload.workflow_run.id,
+            });
+            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
+              return artifact.name == "docs-build-output"
+            })[0];
             let download = await github.rest.actions.downloadArtifact({
                owner: context.repo.owner,
                repo: context.repo.repo,
-               artifact_id: artifact.id,
+               artifact_id: matchArtifact.id,
                archive_format: 'zip',
             });
             let fs = require('fs');

.github/workflows/docs-destroy.yml

@@ -5,7 +5,6 @@ on:
 
 jobs:
   deploy:
-    name: Docs Destroy
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
@@ -23,7 +22,7 @@ jobs:
           tg_version: "0.58.12"
           tofu_version: "1.7.1"
           tg_dir: "deployment/modules/cloudflare/docs"
-          tg_command: "destroy -refresh=false"
+          tg_command: "destroy"
 
       - name: Comment
         uses: actions-cool/maintain-one-comment@v3

.github/workflows/fix-format.yml

@@ -1,52 +0,0 @@
-name: Fix formatting
-
-on:
-  pull_request:
-    types: [labeled]
-
-jobs:
-  fix-formatting:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.label.name == 'fix:formatting' }}
-    permissions:
-      pull-requests: write
-    steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
-      - name: 'Checkout'
-        uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.head.ref }}
-          token: ${{ steps.generate-token.outputs.token }}
-
-      - name: Setup Node
-        uses: actions/setup-node@v4
-        with:
-          node-version-file: './server/.nvmrc'
-
-      - name: Fix formatting
-        run: make install-all && make format-all
-
-      - name: Commit and push
-        uses: EndBug/add-and-commit@v9
-        with:
-          default_author: github_actions
-          message: 'chore: fix formatting'
-
-      - name: Remove label
-        uses: actions/github-script@v7
-        if: always()
-        with:
-          script: |
-            github.rest.issues.removeLabel({
-              issue_number: context.payload.pull_request.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              name: 'fix:formatting'
-            })
-

.github/workflows/pr-label-validation.yml

@@ -1,22 +0,0 @@
-name: PR Label Validation
-
-on:
-  pull_request_target:
-    types: [opened, labeled, unlabeled, synchronize]
-
-jobs:
-  validate-release-label:
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-      pull-requests: write
-    steps:
-      - name: Require PR to have a changelog label
-        uses: mheap/github-action-required-labels@v5
-        with:
-          mode: exactly
-          count: 1
-          use_regex: true
-          labels: "changelog:.*"
-          add_comment: true
-          message: "Label error. Requires {{errorString}} {{count}} of: {{ provided }}. Found: {{ applied }}. A maintainer will add the required label."

.github/workflows/pr-require-conventional-commit.yml

@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: PR Conventional Commit Validation
-        uses:  ytanikin/PRConventionalCommits@1.3.0
+        uses:  ytanikin/PRConventionalCommits@1.2.0
         with:
           task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]'
           add_label: 'false'

.github/workflows/prepare-release.yml

@@ -29,17 +29,10 @@ jobs:
       ref: ${{ steps.push-tag.outputs.commit_long_sha }}
 
     steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          token: ${{ steps.generate-token.outputs.token }}
+          token: ${{ secrets.ORG_RELEASE_TOKEN }}
 
       - name: Install Poetry
         run: pipx install poetry
@@ -51,8 +44,10 @@ jobs:
         id: push-tag
         uses: EndBug/add-and-commit@v9
         with:
-          default_author: github_actions
-          message: 'chore: version ${{ env.IMMICH_VERSION }}'
+          author_name: Alex The Bot
+          author_email: alex.tran1502@gmail.com
+          default_author: user_info
+          message: 'Version ${{ env.IMMICH_VERSION }}'
           tag: ${{ env.IMMICH_VERSION }}
           push: true
 

.github/workflows/static_analysis.yml

@@ -10,27 +10,8 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-      - id: found_paths
-        uses: dorny/paths-filter@v3
-        with:
-          filters: |
-            mobile:
-              - 'mobile/**'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
-
   mobile-dart-analyze:
     name: Run Dart Code Analysis
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}
 
     runs-on: ubuntu-latest
 
@@ -56,10 +37,6 @@ jobs:
         run: dart format lib/ --set-exit-if-changed
         working-directory: ./mobile
 
-      - name: Run dart custom_lint
-        run: dart run custom_lint
-        working-directory: ./mobile
-
       # Enable after riverpod generator migration is completed
       # - name: Run dart custom lint
       #   run: dart run custom_lint

.github/workflows/test.yml

@@ -10,48 +10,8 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run_web: ${{ steps.found_paths.outputs.web == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_server: ${{ steps.found_paths.outputs.server == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_cli: ${{ steps.found_paths.outputs.cli == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e: ${{ steps.found_paths.outputs.e2e == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_mobile: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_ml: ${{ steps.found_paths.outputs.machine-learning == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e_web: ${{ steps.found_paths.outputs.e2e == 'true' || steps.found_paths.outputs.web == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e_server_cli: ${{ steps.found_paths.outputs.e2e == 'true' || steps.found_paths.outputs.server == 'true' || steps.found_paths.outputs.cli == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-      - id: found_paths
-        uses: dorny/paths-filter@v3
-        with:
-          filters: |
-            web:
-              - 'web/**'
-              - 'i18n/**'
-              - 'open-api/typescript-sdk/**'
-            server:
-              - 'server/**'
-            cli:
-              - 'cli/**'
-              - 'open-api/typescript-sdk/**'
-            e2e:
-              - 'e2e/**'
-            mobile:
-              - 'mobile/**'
-            machine-learning:
-              - 'machine-learning/**'
-
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
-
   server-unit-tests:
-    name: Test & Lint Server
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
+    name: Server
     runs-on: ubuntu-latest
     defaults:
       run:
@@ -81,14 +41,12 @@ jobs:
         run: npm run check
         if: ${{ !cancelled() }}
 
-      - name: Run small tests & coverage
+      - name: Run unit tests & coverage
         run: npm run test:cov
         if: ${{ !cancelled() }}
 
   cli-unit-tests:
-    name: Unit Test CLI
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_cli == 'true' }}
+    name: CLI
     runs-on: ubuntu-latest
     defaults:
       run:
@@ -127,9 +85,7 @@ jobs:
         if: ${{ !cancelled() }}
 
   cli-unit-tests-win:
-    name: Unit Test CLI (Windows)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_cli == 'true' }}
+    name: CLI (Windows)
     runs-on: windows-latest
     defaults:
       run:
@@ -161,9 +117,7 @@ jobs:
         if: ${{ !cancelled() }}
 
   web-unit-tests:
-    name: Test & Lint Web
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_web == 'true' }}
+    name: Web
     runs-on: ubuntu-latest
     defaults:
       run:
@@ -205,74 +159,13 @@ jobs:
         run: npm run test:cov
         if: ${{ !cancelled() }}
 
-  e2e-tests-lint:
-    name: End-to-End Lint
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e == 'true' }}
+  e2e-tests:
+    name: End-to-End Tests
     runs-on: ubuntu-latest
     defaults:
       run:
         working-directory: ./e2e
 
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup Node
-        uses: actions/setup-node@v4
-        with:
-          node-version-file: './e2e/.nvmrc'
-
-      - name: Run setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-        if: ${{ !cancelled() }}
-
-      - name: Install dependencies
-        run: npm ci
-        if: ${{ !cancelled() }}
-
-      - name: Run linter
-        run: npm run lint
-        if: ${{ !cancelled() }}
-
-      - name: Run formatter
-        run: npm run format
-        if: ${{ !cancelled() }}
-
-      - name: Run tsc
-        run: npm run check
-        if: ${{ !cancelled() }}
-
-  medium-tests-server:
-    name: Medium Tests (Server)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
-    runs-on: mich
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          submodules: 'recursive'
-
-      - name: Production build
-        if: ${{ !cancelled() }}
-        run: docker compose -f e2e/docker-compose.yml build
-
-      - name: Run medium tests
-        if: ${{ !cancelled() }}
-        run: make test-medium
-
-  e2e-tests-server-cli:
-    name: End-to-End Tests (Server & CLI)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e_server_cli == 'true' }}
-    runs-on: mich
-    defaults:
-      run:
-        working-directory: ./e2e
-
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -298,41 +191,16 @@ jobs:
         run: npm ci
         if: ${{ !cancelled() }}
 
-      - name: Docker build
-        run: docker compose build
+      - name: Run linter
+        run: npm run lint
         if: ${{ !cancelled() }}
 
-      - name: Run e2e tests (api & cli)
-        run: npm run test
+      - name: Run formatter
+        run: npm run format
         if: ${{ !cancelled() }}
 
-  e2e-tests-web:
-    name: End-to-End Tests (Web)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e_web == 'true' }}
-    runs-on: mich
-    defaults:
-      run:
-        working-directory: ./e2e
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          submodules: 'recursive'
-
-      - name: Setup Node
-        uses: actions/setup-node@v4
-        with:
-          node-version-file: './e2e/.nvmrc'
-
-      - name: Run setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-        if: ${{ !cancelled() }}
-
-      - name: Install dependencies
-        run: npm ci
+      - name: Run tsc
+        run: npm run check
         if: ${{ !cancelled() }}
 
       - name: Install Playwright Browsers
@@ -343,14 +211,16 @@ jobs:
         run: docker compose build
         if: ${{ !cancelled() }}
 
+      - name: Run e2e tests (api & cli)
+        run: npm run test
+        if: ${{ !cancelled() }}
+
       - name: Run e2e tests (web)
         run: npx playwright test
         if: ${{ !cancelled() }}
 
   mobile-unit-tests:
-    name: Unit Test Mobile
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_mobile == 'true' }}
+    name: Mobile
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -364,9 +234,7 @@ jobs:
         run: flutter test -j 1
 
   ml-unit-tests:
-    name: Unit Test ML
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'true' }}
+    name: Machine Learning
     runs-on: ubuntu-latest
     defaults:
       run:

.gitignore

@@ -21,5 +21,3 @@ mobile/openapi/.openapi-generator/FILES
 open-api/typescript-sdk/build
 mobile/android/fastlane/report.xml
 mobile/ios/fastlane/report.xml
-
-vite.config.js.timestamp-*

.gitmodules

@@ -1,6 +1,6 @@
 [submodule "mobile/.isar"]
 	path = mobile/.isar
 	url = https://github.com/isar/isar
-[submodule "e2e/test-assets"]
+[submodule "server/test/assets"]
 	path = e2e/test-assets
 	url = https://github.com/immich-app/test-assets

.vscode/launch.json

@@ -5,8 +5,8 @@
       "type": "node",
       "request": "attach",
       "restart": true,
-      "port": 9231,
-      "name": "Immich API Server",
+      "port": 9230,
+      "name": "Immich Server",
       "remoteRoot": "/usr/src/app",
       "localRoot": "${workspaceFolder}/server"
     },
@@ -14,8 +14,8 @@
       "type": "node",
       "request": "attach",
       "restart": true,
-      "port": 9230,
-      "name": "Immich Workers",
+      "port": 9231,
+      "name": "Immich Microservices",
       "remoteRoot": "/usr/src/app",
       "localRoot": "${workspaceFolder}/server"
     }

.vscode/settings.json

@@ -41,4 +41,4 @@
   "explorer.fileNesting.patterns": {
     "*.ts": "${capture}.spec.ts,${capture}.mock.ts"
   }
-}
+}

Makefile

@@ -39,7 +39,7 @@ attach-server:
 renovate:
   LOG_LEVEL=debug npx renovate --platform=local --repository-cache=reset
 
-MODULES = e2e server web cli sdk docs
+MODULES = e2e server web cli sdk
 
 audit-%:
 	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) audit fix
@@ -48,9 +48,11 @@ install-%:
 build-cli: build-sdk
 build-web: build-sdk
 build-%: install-%
-	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run build
+	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run | grep 'build' >/dev/null \
+		&& npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run build || true
 format-%:
-	npm --prefix $* run format:fix
+	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run | grep 'format:fix' >/dev/null \
+		&& npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run format:fix || true
 lint-%:
 	npm --prefix $* run lint:fix
 check-%:
@@ -64,27 +66,15 @@ test-e2e:
 	docker compose -f ./e2e/docker-compose.yml build
 	npm --prefix e2e run test
 	npm --prefix e2e run test:web
-test-medium:
-	docker run \
-    --rm \
-    -v ./server/src:/usr/src/app/src \
-    -v ./server/test:/usr/src/app/test \
-    -v ./server/vitest.config.medium.mjs:/usr/src/app/vitest.config.medium.mjs \
-    -v ./server/tsconfig.json:/usr/src/app/tsconfig.json \
-    -e NODE_ENV=development \
-    immich-server:latest \
-    -c "npm ci && npm run test:medium -- --run"
-test-medium-dev:
-	docker exec -it immich_server /bin/sh -c "npm run test:medium"
 
-build-all: $(foreach M,$(filter-out e2e,$(MODULES)),build-$M) ;
+build-all: $(foreach M,$(MODULES),build-$M) ;
 install-all: $(foreach M,$(MODULES),install-$M) ;
-check-all: $(foreach M,$(filter-out sdk cli docs,$(MODULES)),check-$M) ;
-lint-all: $(foreach M,$(filter-out sdk docs,$(MODULES)),lint-$M) ;
-format-all: $(foreach M,$(filter-out sdk,$(MODULES)),format-$M) ;
+check-all: $(foreach M,$(MODULES),check-$M) ;
+lint-all: $(foreach M,$(MODULES),lint-$M) ;
+format-all: $(foreach M,$(MODULES),format-$M) ;
 audit-all:  $(foreach M,$(MODULES),audit-$M) ;
 hygiene-all: lint-all format-all check-all sql audit-all;
-test-all: $(foreach M,$(filter-out sdk docs,$(MODULES)),test-$M) ;
+test-all: $(foreach M,$(MODULES),test-$M) ;
 
 clean:
 	find . -name "node_modules" -type d -prune -exec rm -rf '{}' +

README.md

@@ -17,24 +17,23 @@
 <img src="design/immich-screenshots.png" title="Main Screenshot">
 </a>
 <br/>
-
 <p align="center">
-  <a href="readme_i18n/README_ca_ES.md">Català</a>
-  <a href="readme_i18n/README_es_ES.md">Español</a>
-  <a href="readme_i18n/README_fr_FR.md">Français</a>
-  <a href="readme_i18n/README_it_IT.md">Italiano</a>
-  <a href="readme_i18n/README_ja_JP.md">日本語</a>
-  <a href="readme_i18n/README_ko_KR.md">한국어</a>
-  <a href="readme_i18n/README_de_DE.md">Deutsch</a>
-  <a href="readme_i18n/README_nl_NL.md">Nederlands</a>
-  <a href="readme_i18n/README_tr_TR.md">Türkçe</a>
-  <a href="readme_i18n/README_zh_CN.md">中文</a>
-  <a href="readme_i18n/README_ru_RU.md">Русский</a>
-  <a href="readme_i18n/README_pt_BR.md">Português Brasileiro</a>
-  <a href="readme_i18n/README_sv_SE.md">Svenska</a>
-  <a href="readme_i18n/README_ar_JO.md">العربية</a>
-  <a href="readme_i18n/README_vi_VN.md">Tiếng Việt</a>
-  <a href="readme_i18n/README_th_TH.md">ภาษาไทย</a>
+
+<a href="readme_i18n/README_ca_ES.md">Català</a>
+<a href="readme_i18n/README_es_ES.md">Español</a>
+<a href="readme_i18n/README_fr_FR.md">Français</a>
+<a href="readme_i18n/README_it_IT.md">Italiano</a>
+<a href="readme_i18n/README_ja_JP.md">日本語</a>
+<a href="readme_i18n/README_ko_KR.md">한국어</a>
+<a href="readme_i18n/README_de_DE.md">Deutsch</a>
+<a href="readme_i18n/README_nl_NL.md">Nederlands</a>
+<a href="readme_i18n/README_tr_TR.md">Türkçe</a>
+<a href="readme_i18n/README_zh_CN.md">中文</a>
+<a href="readme_i18n/README_ru_RU.md">Русский</a>
+<a href="readme_i18n/README_pt_BR.md">Português Brasileiro</a>
+<a href="readme_i18n/README_sv_SE.md">Svenska</a>
+<a href="readme_i18n/README_ar_JO.md">العربية</a>
+
 </p>
 
 ## Disclaimer
@@ -93,7 +92,7 @@ For the mobile app, you can use `https://demo.immich.app/api` for the `Server En
 | LivePhoto/MotionPhoto backup and playback    | Yes    | Yes |
 | Support 360 degree image display             | No     | Yes |
 | User-defined storage structure               | Yes    | Yes |
-| Public Sharing                               | Yes    | Yes |
+| Public Sharing                               | No     | Yes |
 | Archive and Favorites                        | Yes    | Yes |
 | Global Map                                   | Yes    | Yes |
 | Partner Sharing                              | Yes    | Yes |
@@ -102,8 +101,6 @@ For the mobile app, you can use `https://demo.immich.app/api` for the `Server En
 | Offline support                              | Yes    | No  |
 | Read-only gallery                            | Yes    | Yes |
 | Stacked Photos                               | Yes    | Yes |
-| Tags                                         | No     | Yes |
-| Folder View                                  | No     | Yes |
 
 ## Translations
 

cli/.nvmrc

@@ -1 +1 @@
-22.12.0
+20.16.0

cli/Dockerfile

@@ -1,4 +1,4 @@
-FROM node:22.12.0-alpine3.20@sha256:96cc8323e25c8cc6ddcb8b965e135cfd57846e8003ec0d7bcec16c5fd5f6d39f AS core
+FROM node:20.16.0-alpine3.20@sha256:eb8101caae9ac02229bd64c024919fe3d4504ff7f329da79ca60a04db08cef52 AS core
 
 WORKDIR /usr/src/open-api/typescript-sdk
 COPY open-api/typescript-sdk/package*.json open-api/typescript-sdk/tsconfig*.json ./

cli/README.md

@@ -4,18 +4,8 @@ Please see the [Immich CLI documentation](https://immich.app/docs/features/comma
 
 # For developers
 
-Before building the CLI, you must build the immich server and the open-api client. To build the server run the following in the server folder:
-
-    $ npm install
-    $ npm run build
-
-Then, to build the open-api client run the following in the open-api folder:
-
-    $ ./bin/generate-open-api.sh
-
 To run the Immich CLI from source, run the following in the cli folder:
 
-    $ npm install
     $ npm run build
     $ ts-node .
 
@@ -27,4 +17,3 @@ You can also build and install the CLI using
 
     $ npm run build
     $ npm install -g .
-****

cli/eslint.config.mjs

@@ -55,7 +55,6 @@ export default [
       'unicorn/import-style': 'off',
       curly: 2,
       'prettier/prettier': 0,
-      'object-shorthand': ['error', 'always'],
     },
   },
 ];

cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@immich/cli",
-  "version": "2.2.37",
+  "version": "2.2.13",
   "description": "Command Line Interface (CLI) for Immich",
   "type": "module",
   "exports": "./dist/index.js",
@@ -20,26 +20,26 @@
     "@types/cli-progress": "^3.11.0",
     "@types/lodash-es": "^4.17.12",
     "@types/mock-fs": "^4.13.1",
-    "@types/node": "^22.10.2",
-    "@typescript-eslint/eslint-plugin": "^8.15.0",
-    "@typescript-eslint/parser": "^8.15.0",
+    "@types/node": "^20.14.13",
+    "@typescript-eslint/eslint-plugin": "^8.0.0",
+    "@typescript-eslint/parser": "^8.0.0",
     "@vitest/coverage-v8": "^2.0.5",
     "byte-size": "^9.0.0",
     "cli-progress": "^3.12.0",
     "commander": "^12.0.0",
-    "eslint": "^9.14.0",
+    "eslint": "^9.0.0",
     "eslint-config-prettier": "^9.1.0",
     "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-unicorn": "^56.0.1",
+    "eslint-plugin-unicorn": "^55.0.0",
     "globals": "^15.9.0",
     "mock-fs": "^5.2.0",
     "prettier": "^3.2.5",
     "prettier-plugin-organize-imports": "^4.0.0",
     "typescript": "^5.3.3",
     "vite": "^5.0.12",
-    "vite-tsconfig-paths": "^5.0.0",
+    "vite-tsconfig-paths": "^4.3.2",
     "vitest": "^2.0.5",
-    "vitest-fetch-mock": "^0.4.0",
+    "vitest-fetch-mock": "^0.3.0",
     "yaml": "^2.3.1"
   },
   "scripts": {
@@ -67,6 +67,6 @@
     "lodash-es": "^4.17.21"
   },
   "volta": {
-    "node": "22.12.0"
+    "node": "20.16.0"
   }
 }

cli/src/commands/asset.ts

@@ -1,6 +1,5 @@
 import {
   Action,
-  AssetBulkUploadCheckItem,
   AssetBulkUploadCheckResult,
   AssetMediaResponseDto,
   AssetMediaStatus,
@@ -12,7 +11,7 @@ import {
   getSupportedMediaTypes,
 } from '@immich/sdk';
 import byteSize from 'byte-size';
-import { MultiBar, Presets, SingleBar } from 'cli-progress';
+import { Presets, SingleBar } from 'cli-progress';
 import { chunk } from 'lodash-es';
 import { Stats, createReadStream } from 'node:fs';
 import { stat, unlink } from 'node:fs/promises';
@@ -91,23 +90,23 @@ export const checkForDuplicates = async (files: string[], { concurrency, skipHas
     return { newFiles: files, duplicates: [] };
   }
 
-  const multiBar = new MultiBar(
-    { format: '{message} | {bar} | {percentage}% | ETA: {eta}s | {value}/{total} assets' },
+  const progressBar = new SingleBar(
+    { format: 'Checking files | {bar} | {percentage}% | ETA: {eta}s | {value}/{total} assets' },
     Presets.shades_classic,
   );
 
-  const hashProgressBar = multiBar.create(files.length, 0, { message: 'Hashing files          ' });
-  const checkProgressBar = multiBar.create(files.length, 0, { message: 'Checking for duplicates' });
+  progressBar.start(files.length, 0);
 
   const newFiles: string[] = [];
   const duplicates: Asset[] = [];
 
-  const checkBulkUploadQueue = new Queue<AssetBulkUploadCheckItem[], void>(
-    async (assets: AssetBulkUploadCheckItem[]) => {
-      const response = await checkBulkUpload({ assetBulkUploadCheckDto: { assets } });
-
+  const queue = new Queue<string[], AssetBulkUploadCheckResults>(
+    async (filepaths: string[]) => {
+      const dto = await Promise.all(
+        filepaths.map(async (filepath) => ({ id: filepath, checksum: await sha1(filepath) })),
+      );
+      const response = await checkBulkUpload({ assetBulkUploadCheckDto: { assets: dto } });
       const results = response.results as AssetBulkUploadCheckResults;
-
       for (const { id: filepath, assetId, action } of results) {
         if (action === Action.Accept) {
           newFiles.push(filepath);
@@ -116,46 +115,19 @@ export const checkForDuplicates = async (files: string[], { concurrency, skipHas
           duplicates.push({ id: assetId as string, filepath });
         }
       }
-
-      checkProgressBar.increment(assets.length);
-    },
-    { concurrency, retry: 3 },
-  );
-
-  const results: { id: string; checksum: string }[] = [];
-  let checkBulkUploadRequests: AssetBulkUploadCheckItem[] = [];
-
-  const queue = new Queue<string, AssetBulkUploadCheckItem[]>(
-    async (filepath: string): Promise<AssetBulkUploadCheckItem[]> => {
-      const dto = { id: filepath, checksum: await sha1(filepath) };
-
-      results.push(dto);
-      checkBulkUploadRequests.push(dto);
-      if (checkBulkUploadRequests.length === 5000) {
-        const batch = checkBulkUploadRequests;
-        checkBulkUploadRequests = [];
-        void checkBulkUploadQueue.push(batch);
-      }
-
-      hashProgressBar.increment();
+      progressBar.increment(filepaths.length);
       return results;
     },
     { concurrency, retry: 3 },
   );
 
-  for (const item of files) {
-    void queue.push(item);
+  for (const items of chunk(files, concurrency)) {
+    await queue.push(items);
   }
 
   await queue.drained();
 
-  if (checkBulkUploadRequests.length > 0) {
-    void checkBulkUploadQueue.push(checkBulkUploadRequests);
-  }
-
-  await checkBulkUploadQueue.drained();
-
-  multiBar.stop();
+  progressBar.stop();
 
   console.log(`Found ${newFiles.length} new files and ${duplicates.length} duplicate${s(duplicates.length)}`);
 
@@ -229,8 +201,8 @@ export const uploadFiles = async (files: string[], { dryRun, concurrency }: Uplo
     { concurrency, retry: 3 },
   );
 
-  for (const item of files) {
-    void queue.push(item);
+  for (const filepath of files) {
+    await queue.push(filepath);
   }
 
   await queue.drained();

cli/src/queue.ts

@@ -72,8 +72,8 @@ export class Queue<T, R> {
    * @returns Promise<void> - The returned Promise will be resolved when all tasks in the queue have been processed by a worker.
    * This promise could be ignored as it will not lead to a `unhandledRejection`.
    */
-  drained(): Promise<void> {
-    return this.queue.drained();
+  async drained(): Promise<void> {
+    await this.queue.drain();
   }
 
   /**

cli/src/utils.spec.ts

@@ -115,7 +115,17 @@ const tests: Test[] = [
       '/albums/image3.jpg': true,
     },
   },
-
+  {
+    test: 'should support globbing paths',
+    options: {
+      pathsToCrawl: ['/photos*'],
+    },
+    files: {
+      '/photos1/image1.jpg': true,
+      '/photos2/image2.jpg': true,
+      '/images/image3.jpg': false,
+    },
+  },
   {
     test: 'should crawl a single path without trailing slash',
     options: {

cli/src/utils.ts

@@ -141,21 +141,25 @@ export const crawl = async (options: CrawlOptions): Promise<string[]> => {
     }
   }
 
-  if (patterns.length === 0) {
+  let searchPattern: string;
+  if (patterns.length === 1) {
+    searchPattern = patterns[0];
+  } else if (patterns.length === 0) {
     return crawledFiles;
+  } else {
+    searchPattern = '{' + patterns.join(',') + '}';
   }
 
-  const searchPatterns = patterns.map((pattern) => {
-    let escapedPattern = pattern;
-    if (recursive) {
-      escapedPattern = escapedPattern + '/**';
-    }
-    return `${escapedPattern}/*.{${extensions.join(',')}}`;
-  });
+  if (recursive) {
+    searchPattern = searchPattern + '/**/';
+  }
 
-  const globbedFiles = await glob(searchPatterns, {
+  searchPattern = `${searchPattern}/*.{${extensions.join(',')}}`;
+
+  const globbedFiles = await glob(searchPattern, {
     absolute: true,
     caseSensitiveMatch: false,
+    onlyFiles: true,
     dot: includeHidden,
     ignore: [`**/${exclusionPattern}`],
   });

deployment/modules/cloudflare/docs-release/.terraform.lock.hcl

@@ -2,37 +2,37 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.48.0"
-  constraints = "4.48.0"
+  version     = "4.38.0"
+  constraints = "4.38.0"
   hashes = [
-    "h1:0IKUOR32xEI1suS5QCOjfxjQ2mRd058btXk8hVnaOJ4=",
-    "h1:3YG6vu/bFPcYOeLdSUZhiAWiWKaFlOAR34z2o8cbE9k=",
-    "h1:FvGy06/i9AMtVkSIUnCrXNv5xF6jqBqMH8oPVLyeeAg=",
-    "h1:GXH7nIF0ocMqebbA41+fSGIYfM+VAM/PvTe7fJr8UrQ=",
-    "h1:H0ll0ph4404vFE868W3qJ3zhOyy4jbXrOMtdkViEZsU=",
-    "h1:SX42e3k73IcFcrQlZ2e/Veqt2tvCMy6fwlo5yNUktCE=",
-    "h1:Uu/gjBc99GefdPdSrlBwU75DWU0ZcwGcrd3ZFyTeL0s=",
-    "h1:VZw0uN41PWRmNlhg7Ze0Eh7cdoklX1oZbfNAXNYnU1I=",
-    "h1:cMdV7ql6PsFa4qtb0EoZSctvTaTqV7yplBSDwcLRCLc=",
-    "h1:ePGvSurmlqOCkD761vkhRmz7bsK36/EnIvx2Xy8TdXo=",
-    "h1:fOYufF+1bzw2N3aHLpkLB6E8VbZ4ysXDODYQOlwhwd4=",
-    "h1:qe8RbnWq0T4xhqjn9QcbO6YW5YDx47P+eJ0NUMIfwCc=",
-    "h1:tRD2av6PafHDP/b9jDQsG5/aX+lHeKxpbIEHYYLBVUc=",
-    "h1:zyl6Gvx/CFpwYW8pFFDesfO8Lxv+a6CopyAsIMhp54s=",
-    "zh:04c0a49c2b23140b2f21cfd0d52f9798d70d3bdae3831613e156aabe519bbc6c",
-    "zh:185f21b4834ba63e8df1f84aa34639d8a7e126429a4007bb5f9ad82f2602a997",
-    "zh:234724f52cb4c0c3f7313d3b2697caef26d921d134f26ae14801e7afac522f7b",
-    "zh:38a56fcd1b3e40706af995611c977816543b53f1e55fe2720944aae2b6828fcb",
-    "zh:419938f5430fc78eff933470aefbf94a460a478f867cf7761a3dea177b4eb153",
-    "zh:4b46d92bfde1deab7de7ba1a6bbf4ba7c711e4fd925341ddf09d4cc28dae03d8",
-    "zh:537acd4a31c752f1bae305ba7190f60b71ad1a459f22d464f3f914336c9e919f",
-    "zh:5ff36b005aad07697dd0b30d4f0c35dbcdc30dc52b41722552060792fa87ce04",
-    "zh:635c5ee419daea098060f794d9d7d999275301181e49562c4e4c08f043076937",
-    "zh:859277c330d61f91abe9e799389467ca11b77131bf34bedbef52f8da68b2bb49",
+    "h1:+27KAHKHBDvv3dqyJv5vhtdKQZJzoZXoMqIyronlHNw=",
+    "h1:/uV9RgOUhkxElkHhWs8fs5ZbX9vj6RCBfP0oJO0JF30=",
+    "h1:1DNAdMugJJOAWD/XYiZenYYZLy7fw2ctjT4YZmkRCVQ=",
+    "h1:1wn4PmCLdT7mvd74JkCGmJDJxTQDkcxc+1jNbmwnMHA=",
+    "h1:BIHB4fBxHg2bA9KbL92njhyctxKC8b6hNDp60y5QBss=",
+    "h1:HCQpvKPsMsR4HO5eDqt+Kao7T7CYeEH7KZIO7xMcC6M=",
+    "h1:HTomuzocukpNLwtWzeSF3yteCVsyVKbwKmN66u9iPac=",
+    "h1:YDxsUBhBAwHSXLzVwrSlSBOwv1NvLyry7s5SfCV7VqQ=",
+    "h1:dchVhxo+Acd1l2RuZ88tW9lWj4422QMfgtxKvKCjYrw=",
+    "h1:eypa+P4ZpsEGMPFuCE+6VkRefu0TZRFmVBOpK+PDOPY=",
+    "h1:f3yjse2OsRZj7ZhR7BLintJMlI4fpyt8HyDP/zcEavw=",
+    "h1:mSJ7xj8K+xcnEmGg7lH0jjzyQb157wH94ULTAlIV+HQ=",
+    "h1:tt+2J2Ze8VIdDq2Hr6uHlTJzAMBRpErBwTYx0uD5ilE=",
+    "h1:uQW8SKxmulqrAisO+365mIf2FueINAp5PY28bqCPCug=",
+    "zh:171ab67cccceead4514fafb2d39e4e708a90cce79000aaf3c29aab7ed4457071",
+    "zh:18aa7228447baaaefc49a43e8eff970817a7491a63d8937e796357a3829dd979",
+    "zh:2cbaab6092e81ba6f41fa60a50f14e980c8ec327ee11d0b21f16a478be4b7567",
+    "zh:53b8e49c06f5b31a8c681f8c0669cf43e78abe71657b8182a221d096bb514965",
+    "zh:6037cfc60b4b647aabae155fcb46d649ed7c650e0287f05db52b2068f1e27c8a",
+    "zh:62460982ce1a869eebfca675603fbbd50416cf6b69459fb855bfbe5ae2b97607",
+    "zh:65f6f3a8470917b6398baa5eb4f74b3932b213eac7c0202798bfad6fd1ee17df",
     "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:927dfdb8d9aef37ead03fceaa29e87ba076a3dd24e19b6cefdbb0efe9987ff8c",
-    "zh:bbf2226f07f6b1e721877328e69ded4b64f9c196634d2e2429e3cfabbe41e532",
-    "zh:daeed873d6f38604232b46ee4a5830c85d195b967f8dbcafe2fcffa98daf9c5f",
-    "zh:f8f2fc4646c1ba44085612fa7f4dbb7cbcead43b4e661f2b98ddfb4f68afc758",
+    "zh:8b5cebe64bf04105a49178a165b6a8800a9a33bae6767143a47fe4977755f805",
+    "zh:a5596635db0993ee3c3060fbc2227d91b239466e96d2d82642625a5aa2486988",
+    "zh:b3a9c63038441f13c311fd4b2c7e69e571445e5a7365a20c7cc9046b7e6c8aba",
+    "zh:b585e7e4d7648a540b14b9182819214896ca9337729eeb1f2034833b17db754d",
+    "zh:d2c3c545318ac8542369e9fc8228e29ee585febdf203a450fad3e0eded71ce02",
+    "zh:e95dd2d6c3525073af47d47b763cb81b6a51b20cabf76f789c69328922da9ecf",
+    "zh:eee6e590b36d6c6168a7daae8afa74a8721fd7aa9f62a710f04a311975100722",
   ]
 }

deployment/modules/cloudflare/docs-release/config.tf

@@ -5,7 +5,7 @@ terraform {
   required_providers {
     cloudflare = {
       source = "cloudflare/cloudflare"
-      version = "4.48.0"
+      version = "4.38.0"
     }
   }
 }

deployment/modules/cloudflare/docs-release/domain.tf

@@ -9,6 +9,6 @@ resource "cloudflare_record" "immich_app_release_domain" {
   proxied = true
   ttl = 1
   type = "CNAME"
-  content = data.terraform_remote_state.cloudflare_immich_app_docs.outputs.immich_app_branch_pages_hostname
+  value = data.terraform_remote_state.cloudflare_immich_app_docs.outputs.immich_app_branch_pages_hostname
   zone_id = data.terraform_remote_state.cloudflare_account.outputs.immich_app_zone_id
 }

deployment/modules/cloudflare/docs/.terraform.lock.hcl

@@ -2,37 +2,37 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.48.0"
-  constraints = "4.48.0"
+  version     = "4.38.0"
+  constraints = "4.38.0"
   hashes = [
-    "h1:0IKUOR32xEI1suS5QCOjfxjQ2mRd058btXk8hVnaOJ4=",
-    "h1:3YG6vu/bFPcYOeLdSUZhiAWiWKaFlOAR34z2o8cbE9k=",
-    "h1:FvGy06/i9AMtVkSIUnCrXNv5xF6jqBqMH8oPVLyeeAg=",
-    "h1:GXH7nIF0ocMqebbA41+fSGIYfM+VAM/PvTe7fJr8UrQ=",
-    "h1:H0ll0ph4404vFE868W3qJ3zhOyy4jbXrOMtdkViEZsU=",
-    "h1:SX42e3k73IcFcrQlZ2e/Veqt2tvCMy6fwlo5yNUktCE=",
-    "h1:Uu/gjBc99GefdPdSrlBwU75DWU0ZcwGcrd3ZFyTeL0s=",
-    "h1:VZw0uN41PWRmNlhg7Ze0Eh7cdoklX1oZbfNAXNYnU1I=",
-    "h1:cMdV7ql6PsFa4qtb0EoZSctvTaTqV7yplBSDwcLRCLc=",
-    "h1:ePGvSurmlqOCkD761vkhRmz7bsK36/EnIvx2Xy8TdXo=",
-    "h1:fOYufF+1bzw2N3aHLpkLB6E8VbZ4ysXDODYQOlwhwd4=",
-    "h1:qe8RbnWq0T4xhqjn9QcbO6YW5YDx47P+eJ0NUMIfwCc=",
-    "h1:tRD2av6PafHDP/b9jDQsG5/aX+lHeKxpbIEHYYLBVUc=",
-    "h1:zyl6Gvx/CFpwYW8pFFDesfO8Lxv+a6CopyAsIMhp54s=",
-    "zh:04c0a49c2b23140b2f21cfd0d52f9798d70d3bdae3831613e156aabe519bbc6c",
-    "zh:185f21b4834ba63e8df1f84aa34639d8a7e126429a4007bb5f9ad82f2602a997",
-    "zh:234724f52cb4c0c3f7313d3b2697caef26d921d134f26ae14801e7afac522f7b",
-    "zh:38a56fcd1b3e40706af995611c977816543b53f1e55fe2720944aae2b6828fcb",
-    "zh:419938f5430fc78eff933470aefbf94a460a478f867cf7761a3dea177b4eb153",
-    "zh:4b46d92bfde1deab7de7ba1a6bbf4ba7c711e4fd925341ddf09d4cc28dae03d8",
-    "zh:537acd4a31c752f1bae305ba7190f60b71ad1a459f22d464f3f914336c9e919f",
-    "zh:5ff36b005aad07697dd0b30d4f0c35dbcdc30dc52b41722552060792fa87ce04",
-    "zh:635c5ee419daea098060f794d9d7d999275301181e49562c4e4c08f043076937",
-    "zh:859277c330d61f91abe9e799389467ca11b77131bf34bedbef52f8da68b2bb49",
+    "h1:+27KAHKHBDvv3dqyJv5vhtdKQZJzoZXoMqIyronlHNw=",
+    "h1:/uV9RgOUhkxElkHhWs8fs5ZbX9vj6RCBfP0oJO0JF30=",
+    "h1:1DNAdMugJJOAWD/XYiZenYYZLy7fw2ctjT4YZmkRCVQ=",
+    "h1:1wn4PmCLdT7mvd74JkCGmJDJxTQDkcxc+1jNbmwnMHA=",
+    "h1:BIHB4fBxHg2bA9KbL92njhyctxKC8b6hNDp60y5QBss=",
+    "h1:HCQpvKPsMsR4HO5eDqt+Kao7T7CYeEH7KZIO7xMcC6M=",
+    "h1:HTomuzocukpNLwtWzeSF3yteCVsyVKbwKmN66u9iPac=",
+    "h1:YDxsUBhBAwHSXLzVwrSlSBOwv1NvLyry7s5SfCV7VqQ=",
+    "h1:dchVhxo+Acd1l2RuZ88tW9lWj4422QMfgtxKvKCjYrw=",
+    "h1:eypa+P4ZpsEGMPFuCE+6VkRefu0TZRFmVBOpK+PDOPY=",
+    "h1:f3yjse2OsRZj7ZhR7BLintJMlI4fpyt8HyDP/zcEavw=",
+    "h1:mSJ7xj8K+xcnEmGg7lH0jjzyQb157wH94ULTAlIV+HQ=",
+    "h1:tt+2J2Ze8VIdDq2Hr6uHlTJzAMBRpErBwTYx0uD5ilE=",
+    "h1:uQW8SKxmulqrAisO+365mIf2FueINAp5PY28bqCPCug=",
+    "zh:171ab67cccceead4514fafb2d39e4e708a90cce79000aaf3c29aab7ed4457071",
+    "zh:18aa7228447baaaefc49a43e8eff970817a7491a63d8937e796357a3829dd979",
+    "zh:2cbaab6092e81ba6f41fa60a50f14e980c8ec327ee11d0b21f16a478be4b7567",
+    "zh:53b8e49c06f5b31a8c681f8c0669cf43e78abe71657b8182a221d096bb514965",
+    "zh:6037cfc60b4b647aabae155fcb46d649ed7c650e0287f05db52b2068f1e27c8a",
+    "zh:62460982ce1a869eebfca675603fbbd50416cf6b69459fb855bfbe5ae2b97607",
+    "zh:65f6f3a8470917b6398baa5eb4f74b3932b213eac7c0202798bfad6fd1ee17df",
     "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:927dfdb8d9aef37ead03fceaa29e87ba076a3dd24e19b6cefdbb0efe9987ff8c",
-    "zh:bbf2226f07f6b1e721877328e69ded4b64f9c196634d2e2429e3cfabbe41e532",
-    "zh:daeed873d6f38604232b46ee4a5830c85d195b967f8dbcafe2fcffa98daf9c5f",
-    "zh:f8f2fc4646c1ba44085612fa7f4dbb7cbcead43b4e661f2b98ddfb4f68afc758",
+    "zh:8b5cebe64bf04105a49178a165b6a8800a9a33bae6767143a47fe4977755f805",
+    "zh:a5596635db0993ee3c3060fbc2227d91b239466e96d2d82642625a5aa2486988",
+    "zh:b3a9c63038441f13c311fd4b2c7e69e571445e5a7365a20c7cc9046b7e6c8aba",
+    "zh:b585e7e4d7648a540b14b9182819214896ca9337729eeb1f2034833b17db754d",
+    "zh:d2c3c545318ac8542369e9fc8228e29ee585febdf203a450fad3e0eded71ce02",
+    "zh:e95dd2d6c3525073af47d47b763cb81b6a51b20cabf76f789c69328922da9ecf",
+    "zh:eee6e590b36d6c6168a7daae8afa74a8721fd7aa9f62a710f04a311975100722",
   ]
 }

deployment/modules/cloudflare/docs/config.tf

@@ -5,7 +5,7 @@ terraform {
   required_providers {
     cloudflare = {
       source = "cloudflare/cloudflare"
-      version = "4.48.0"
+      version = "4.38.0"
     }
   }
 }

deployment/modules/cloudflare/docs/domain.tf

@@ -9,7 +9,7 @@ resource "cloudflare_record" "immich_app_branch_subdomain" {
   proxied = true
   ttl     = 1
   type    = "CNAME"
-  content   = "${replace(var.prefix_name, "/\\/|\\./", "-")}.${local.is_release ? data.terraform_remote_state.cloudflare_account.outputs.immich_app_archive_pages_project_subdomain : data.terraform_remote_state.cloudflare_account.outputs.immich_app_preview_pages_project_subdomain}"
+  value   = "${replace(var.prefix_name, "/\\/|\\./", "-")}.${local.is_release ? data.terraform_remote_state.cloudflare_account.outputs.immich_app_archive_pages_project_subdomain : data.terraform_remote_state.cloudflare_account.outputs.immich_app_preview_pages_project_subdomain}"
   zone_id = data.terraform_remote_state.cloudflare_account.outputs.immich_app_zone_id
 }
 
@@ -18,7 +18,7 @@ output "immich_app_branch_subdomain" {
 }
 
 output "immich_app_branch_pages_hostname" {
-  value = cloudflare_record.immich_app_branch_subdomain.content
+  value = cloudflare_record.immich_app_branch_subdomain.value
 }
 
 output "pages_project_name" {

docker/docker-compose.dev.yml

@@ -36,18 +36,13 @@ services:
       IMMICH_BUILD_URL: https://github.com/immich-app/immich/actions/runs/9654404849
       IMMICH_BUILD_IMAGE: development
       IMMICH_BUILD_IMAGE_URL: https://github.com/immich-app/immich/pkgs/container/immich-server
-      IMMICH_THIRD_PARTY_SOURCE_URL: https://github.com/immich-app/immich/
-      IMMICH_THIRD_PARTY_BUG_FEATURE_URL: https://github.com/immich-app/immich/issues
-      IMMICH_THIRD_PARTY_DOCUMENTATION_URL: https://immich.app/docs
-      IMMICH_THIRD_PARTY_SUPPORT_URL: https://immich.app/docs/third-party
     ulimits:
       nofile:
         soft: 1048576
         hard: 1048576
     ports:
+      - 3001:3001
       - 9230:9230
-      - 9231:9231
-      - 2283:2283
     depends_on:
       - redis
       - database
@@ -57,19 +52,16 @@ services:
   immich-web:
     container_name: immich_web
     image: immich-web-dev:latest
-    # Needed for rootless docker setup, see https://github.com/moby/moby/issues/45919
-    # user: 0:0
     build:
       context: ../web
     command: ['/usr/src/app/bin/immich-web']
     env_file:
       - .env
     ports:
-      - 3000:3000
+      - 2283:3000
       - 24678:24678
     volumes:
       - ../web:/usr/src/app
-      - ../i18n:/usr/src/i18n
       - ../open-api/:/usr/src/open-api/
       - /usr/src/app/node_modules
     ulimits:
@@ -106,7 +98,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8
+    image: redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e
     healthcheck:
       test: redis-cli ping || exit 1
 
@@ -125,25 +117,28 @@ services:
     ports:
       - 5432:5432
     healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
-        Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
-        --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
-        echo "checksum failure count is $$Chksum";
-        [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
       interval: 5m
       start_interval: 30s
       start_period: 5m
-    command: >-
-      postgres
-      -c shared_preload_libraries=vectors.so
-      -c 'search_path="$$user", public, vectors'
-      -c logging_collector=on
-      -c max_wal_size=2GB
-      -c shared_buffers=512MB
-      -c wal_compression=on
+    command:
+      [
+        'postgres',
+        '-c',
+        'shared_preload_libraries=vectors.so',
+        '-c',
+        'search_path="$$user", public, vectors',
+        '-c',
+        'logging_collector=on',
+        '-c',
+        'max_wal_size=2GB',
+        '-c',
+        'shared_buffers=512MB',
+        '-c',
+        'wal_compression=on',
+      ]
 
-  # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
+  # set IMMICH_METRICS=true in .env to enable metrics
   # immich-prometheus:
   #   container_name: immich_prometheus
   #   ports:

docker/docker-compose.prod.yml

@@ -16,7 +16,7 @@ services:
     env_file:
       - .env
     ports:
-      - 2283:2283
+      - 2283:3001
     depends_on:
       - redis
       - database
@@ -47,7 +47,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8
+    image: redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always
@@ -67,31 +67,19 @@ services:
     ports:
       - 5432:5432
     healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
-        Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
-        --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
-        echo "checksum failure count is $$Chksum";
-        [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
       interval: 5m
       start_interval: 30s
       start_period: 5m
-    command: >-
-      postgres
-      -c shared_preload_libraries=vectors.so
-      -c 'search_path="$$user", public, vectors'
-      -c logging_collector=on
-      -c max_wal_size=2GB
-      -c shared_buffers=512MB
-      -c wal_compression=on
+    command: ["postgres", "-c", "shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
     restart: always
 
-  # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
+  # set IMMICH_METRICS=true in .env to enable metrics
   immich-prometheus:
     container_name: immich_prometheus
     ports:
       - 9090:9090
-    image: prom/prometheus@sha256:565ee86501224ebbb98fc10b332fa54440b100469924003359edf49cbce374bd
+    image: prom/prometheus@sha256:f20d3127bf2876f4a1df76246fca576b41ddf1125ed1c546fbd8b16ea55117e6
     volumes:
       - ./prometheus.yml:/etc/prometheus/prometheus.yml
       - prometheus-data:/prometheus
@@ -103,7 +91,7 @@ services:
     command: ['./run.sh', '-disable-reporting']
     ports:
       - 3000:3000
-    image: grafana/grafana:11.4.0-ubuntu@sha256:afccec22ba0e4815cca1d2bf3836e414322390dc78d77f1851976ffa8d61051c
+    image: grafana/grafana:11.1.3-ubuntu@sha256:e10453733015f31103cb530425f32c994816b50102886fa885dafea2c50a711c
     volumes:
       - grafana-data:/var/lib/grafana
 

docker/docker-compose.yml

@@ -22,7 +22,7 @@ services:
     env_file:
       - .env
     ports:
-      - '2283:2283'
+      - 2283:3001
     depends_on:
       - redis
       - database
@@ -48,7 +48,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8
+    image: docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always
@@ -65,23 +65,11 @@ services:
       # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
       - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
     healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
-        Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
-        --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
-        echo "checksum failure count is $$Chksum";
-        [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
       interval: 5m
       start_interval: 30s
       start_period: 5m
-    command: >-
-      postgres
-      -c shared_preload_libraries=vectors.so
-      -c 'search_path="$$user", public, vectors'
-      -c logging_collector=on
-      -c max_wal_size=2GB
-      -c shared_buffers=512MB
-      -c wal_compression=on
+    command: ["postgres", "-c", "shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
     restart: always
 
 volumes:

docker/example.env

@@ -12,7 +12,6 @@ DB_DATA_LOCATION=./postgres
 IMMICH_VERSION=release
 
 # Connection secret for postgres. You should change it to a random password
-# Please use only the characters `A-Za-z0-9`, without special characters or spaces
 DB_PASSWORD=postgres
 
 # The values below this line do not need to be changed

docker/hwaccel.transcoding.yml

@@ -51,4 +51,5 @@ services:
     volumes:
       - /usr/lib/wsl:/usr/lib/wsl
     environment:
+      - LD_LIBRARY_PATH=/usr/lib/wsl/lib
       - LIBVA_DRIVER_NAME=d3d12

docs/.nvmrc

@@ -1 +1 @@
-22.12.0
+20.16.0

docs/docs/FAQ.mdx

@@ -52,26 +52,14 @@ On iOS (iPhone and iPad), the operating system determines if a particular app ca
 - Disable Background App Refresh for apps that don't need background tasks to run. This will reduce the competition for background task invocation for Immich.
 - Use the Immich app more often.
 
-### Why are features not working with a self-signed cert or mTLS?
-
-Due to limitations in the upstream app/video library, using a self-signed TLS certificate or mutual TLS may break video playback or asset upload (both foreground and/or background).
-We recommend using a real SSL certificate from a free provider, for example [Let's Encrypt](https://letsencrypt.org/).
-
 ---
 
 ## Assets
 
 ### Does Immich change the file?
 
-No, Immich does not modify the original files.
-All edited metadata is saved in companion `.xmp` sidecar files and the database.
-However, Immich will delete original files that have been trashed when the trash is emptied in the Immich UI.
-
-### Why do my file names appear as a random string in the file manager?
-
-When Storage Template is off (default) Immich saves the file names in a random string (also known as random UUIDs) to prevent duplicate file names.
-To retrieve the original file names, you must enable the Storage Template and then run the STORAGE TEMPLATE MIGRATION job.
-It is recommended to read about [Storage Template](https://immich.app/docs/administration/storage-template) before activation.
+No, Immich does not touch the original file under any circumstances,  
+all edited metadata are saved in the companion sidecar file and the database.
 
 ### Can I add my existing photo library?
 
@@ -83,20 +71,11 @@ Template changes will only apply to _new_ assets. To retroactively apply the tem
 
 ### Why are only photos and not videos being uploaded to Immich?
 
-This often happens when using a reverse proxy in front of Immich.
-Make sure to [set your reverse proxy](/docs/administration/reverse-proxy/) to allow large requests.
-Also, check the disk space of your reverse proxy.
-In some cases, proxies cache requests to disk before passing them on, and if disk space runs out, the request fails.
-
-If you are using Cloudflare Tunnel, please know that they set a maxiumum filesize of 100 MB that cannot be changed.
-At times, files larger than this may work, potentially up to 1 GB. However, the official limit is 100 MB.
-If you are having issues, we recommend switching to a different network deployment.
+This often happens when using a reverse proxy (such as Nginx or Cloudflare tunnel) in front of Immich. Make sure to set your reverse proxy to allow large `POST` requests. In `nginx`, set `client_max_body_size 50000M;` or similar. Also, check the disk space of your reverse proxy. In some cases, proxies cache requests to disk before passing them on, and if disk space runs out, the request fails.
 
 ### Why are some photos stored in the file system with the wrong date?
 
-There are a few different scenarios that can lead to this situation. The solution is to rerun the storage migration job.
-The job is only automatically run once per asset after upload. If metadata extraction originally failed, the jobs were cleared/canceled, etc.,
-the job may not have run automatically the first time.
+There are a few different scenarios that can lead to this situation. The solution is to rerun the storage migration job. The job is only automatically run once per asset after upload. If metadata extraction originally failed, the jobs were cleared/canceled, etc., the job may not have run automatically the first time.
 
 ### How can I hide photos from the timeline?
 
@@ -126,8 +105,7 @@ Also, there are additional jobs for person (face) thumbnails.
 
 ### Why do files from WhatsApp not appear with the correct date?
 
-Files sent on WhatsApp are saved without metadata on the file. Therefore, Immich has no way of knowing the original date of the file when files are uploaded from WhatsApp,
-not the order of arrival on the device. [See #9116](https://github.com/immich-app/immich/discussions/9116).
+Files sent on WhatsApp are saved without metadata on the file. Therefore, Immich has no way of knowing the original date of the file when files are uploaded from WhatsApp, not the order of arrival on the device. [See #3527](https://github.com/immich-app/immich/issues/3527).
 
 ### What happens if an asset exists in more than one account?
 
@@ -179,30 +157,17 @@ We haven't implemented an official mechanism for creating albums from external l
 
 Duplicate checking only exists for upload libraries, using the file hash. Furthermore, duplicate checking is not global, but _per library_. Therefore, a situation where the same file appears twice in the timeline is possible, especially for external libraries.
 
-### Why are my edits to files not being saved in read-only external libraries?
-
-Images in read-write external libraries (the default) can be edited as normal.
-In read-only libraries (`:ro` in the `docker-compose.yml`), Immich is unable to create the `.xmp` sidecar files to store edited file metadata.
-For this reason, the metadata (timestamp, location, description, star rating, etc.) cannot be edited for files in read-only external libraries.
-
-### How are deletions of files handled in external libraries?
-
-Immich will attempt to delete original files that have been trashed when the trash is emptied.
-In read-write external libraries (the default), Immich will delete the original file.
-In read-only libraries (`:ro` in the `docker-compose.yml`), files can still be trashed in the UI.
-However, when the trash is emptied, the files will re-appear in the main timeline since Immich is unable to delete the original file.
-
 ---
 
 ## Machine Learning
 
 ### How does smart search work?
 
-Immich uses CLIP models. An ML model converts each image to an "embedding", which is essentially a string of numbers that semantically encodes what is in the image. The same is done for the text that you enter when you do a search, and that text embedding is then compared with those of the images to find similar ones. As such, there are no "tags", "labels", or "descriptions" generated that you can look at. For more information about CLIP and its capabilities, read about it [here](https://openai.com/research/clip).
+Immich uses CLIP models. For more information about CLIP and its capabilities, read about it [here](https://openai.com/research/clip).
 
 ### How does facial recognition work?
 
-See [How Facial Recognition Works](/docs/features/facial-recognition#how-facial-recognition-works) for details.
+See [How Facial Recognition Works](/docs/features/facial-recognition#How-Facial-Recognition-Works) for details.
 
 ### How can I disable machine learning?
 
@@ -224,7 +189,7 @@ No, this is not supported. Only models listed in the [Hugging Face][huggingface]
 
 ### I want to be able to search in other languages besides English. How can I do that?
 
-You can change to a multilingual CLIP model. See [here](/docs/features/searching#clip-model) for instructions.
+You can change to a multilingual CLIP model. See [here](/docs/features/smart-search#CLIP-model) for instructions.
 
 ### Does Immich support Facial Recognition for videos?
 
@@ -235,7 +200,7 @@ Scanning the entire video for faces may be implemented in the future.
 
 No.
 :::tip
-You can use [Smart Search](/docs/features/searching.md) for this to some extent. For example, if you have a Golden Retriever and a Chihuahua, type these words in the smart search and watch the results.
+You can use [Smart Search](/docs/features/smart-search.md) for this to some extent. For example, if you have a Golden Retriever and a Chihuahua, type these words in the smart search and watch the results.
 :::
 
 ### I'm getting a lot of "faces" that aren't faces, what can I do?
@@ -319,7 +284,7 @@ Do not exaggerate with the job concurrency because you're probably thoroughly ov
 
 ### My server shows Server Status Offline | Version Unknown. What can I do?
 
-You need to [enable WebSockets](/docs/administration/reverse-proxy/) on your reverse proxy.
+You need to enable WebSockets on your reverse proxy.
 
 ---
 
@@ -344,13 +309,9 @@ You may need to add mount points or docker volumes for the following internal co
 - `immich-machine-learning:/.cache`
 - `redis:/data`
 
-The non-root user/group needs read/write access to the volume mounts, including `UPLOAD_LOCATION` and `/cache` for machine-learning.
+The non-root user/group needs read/write access to the volume mounts, including `UPLOAD_LOCATION`.
 
-:::note Docker Compose Volumes
-The Docker Compose top level volume element does not support non-root access, all of the above volumes must be local volume mounts.
-:::
-
-For a further hardened system, you can add the following block to every container.
+For a further hardened system, you can add the following block to every container except for `immich_postgres`.
 
 <details>
 <summary>docker-compose.yml</summary>
@@ -399,21 +360,22 @@ If the error says the worker is exiting, then this is normal. This is a feature
 
 There are a few reasons why this can happen.
 
-If the error mentions SIGKILL or error code 137, it most likely means the service is running out of memory.
-Consider either increasing the server's RAM or moving the service to a server with more RAM.
+If the error mentions SIGKILL or error code 137, it most likely means the service is running out of memory. Consider either increasing the server's RAM or moving the service to a server with more RAM.
 
-If it mentions SIGILL (note the lack of a K) or error code 132, it most likely means your server's CPU is incompatible with Immich.
+If it mentions SIGILL (note the lack of a K) or error code 132, it most likely means your server's CPU is incompatible. This is unlikely to occur on version 1.92.0 or later. Consider upgrading if your version of Immich is below that.
+
+If your version of Immich is below 1.92.0 and the crash occurs after logs about tracing or exporting a model, consider either upgrading or disabling the Tag Objects job.
 
 ## Database
 
 ### Why am I getting database ownership errors?
 
 If you get database errors such as `FATAL:  data directory "/var/lib/postgresql/data" has wrong ownership` upon database startup, this is likely due to an issue with your filesystem.
-NTFS and ex/FAT/32 filesystems are not supported. See [here](/docs/install/requirements#special-requirements-for-windows-users) for more details.
+NTFS and ex/FAT/32 filesystems are not supported. See [here](/docs/install/environment-variables#supported-filesystems) for more details.
 
 ### How can I verify the integrity of my database?
 
-Database checksums are enabled by default for new installations since v1.104.0. You can check if they are enabled by running the following command.
+If you installed Immich using v1.104.0 or later, you likely have database checksums enabled by default. You can check this by running the following command.
 A result of `on` means that checksums are enabled.
 
 <details>
@@ -429,7 +391,7 @@ docker exec -it immich_postgres psql --dbname=immich --username=<DB_USERNAME> --
 
 </details>
 
-If checksums are enabled, you can check the status of the database with the following command. A normal result is all `0`s.
+If checksums are enabled, you can check the status of the database with the following command. A normal result is all zeroes.
 
 <details>
 <summary>Check for database corruption</summary>

docs/docs/administration/backup-and-restore.md

@@ -5,10 +5,6 @@ import TabItem from '@theme/TabItem';
 
 A [3-2-1 backup strategy](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) is recommended to protect your data. You should keep copies of your uploaded photos/videos as well as the Immich database for a comprehensive backup solution. This page provides an overview on how to backup the database and the location of user-uploaded pictures and videos. A template bash script that can be run as a cron job is provided [here](/docs/guides/template-backup-script.md)
 
-:::danger
-The instructions on this page show you how to prepare your Immich instance to be backed up, and which files to take a backup of. You still need to take care of using an actual backup tool to make a backup yourself.
-:::
-
 ## Database
 
 :::caution
@@ -19,24 +15,12 @@ Immich saves [file paths in the database](https://github.com/immich-app/immich/d
 Refer to the official [postgres documentation](https://www.postgresql.org/docs/current/backup.html) for details about backing up and restoring a postgres database.
 :::
 
+The recommended way to backup and restore the Immich database is to use the `pg_dumpall` command. When restoring, you need to delete the `DB_DATA_LOCATION` folder (if it exists) to reset the database.
+
 :::caution
 It is not recommended to directly backup the `DB_DATA_LOCATION` folder. Doing so while the database is running can lead to a corrupted backup that cannot be restored.
 :::
 
-### Automatic Database Backups
-
-For convenience, Immich will automatically create database backups by default. The backups are stored in `UPLOAD_LOCATION/backups`.  
-As mentioned above, you should make your own backup of these together with the asset folders as noted below.  
-You can adjust the schedule and amount of kept backups in the [admin settings](http://my.immich.app/admin/system-settings?isOpen=backup).  
-By default, Immich will keep the last 14 backups and create a new backup every day at 2:00 AM.
-
-#### Restoring
-
-We hope to make restoring simpler in future versions, for now you can find the backups in the `UPLOAD_LOCATION/backups` folder on your host.  
-Then please follow the steps in the following section for restoring the database.
-
-### Manual Backup and Restore
-
 <Tabs>
   <TabItem value="Linux system" label="Linux system" default>
 
@@ -45,52 +29,83 @@ docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgre
 ```
 
 ```bash title='Restore'
-docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch
-## Uncomment the next line and replace DB_DATA_LOCATION with your Postgres path to permanently reset the Postgres database
-# rm -rf DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch
-docker compose pull             # Update to latest version of Immich (if desired)
-docker compose create           # Create Docker containers for Immich apps without running them
+docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch.
+# rm -rf DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch.
+docker compose pull     # Update to latest version of Immich (if desired)
+docker compose create   # Create Docker containers for Immich apps without running them.
 docker start immich_postgres    # Start Postgres server
-sleep 10                        # Wait for Postgres server to start up
-# Check the database user if you deviated from the default
+sleep 10    # Wait for Postgres server to start up
 gunzip < "/path/to/backup/dump.sql.gz" \
 | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
-| docker exec -i immich_postgres psql --username=postgres  # Restore Backup
-docker compose up -d            # Start remainder of Immich apps
+| docker exec -i immich_postgres psql --username=postgres    # Restore Backup
+docker compose up -d    # Start remainder of Immich apps
 ```
 
 </TabItem>
   <TabItem value="Windows system (PowerShell)" label="Windows system (PowerShell)">
 
 ```powershell title='Backup'
-[System.IO.File]::WriteAllLines("C:\absolute\path\to\backup\dump.sql", (docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgres))
+docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgres > "\path\to\backup\dump.sql"
 ```
 
 ```powershell title='Restore'
-docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch
-## Uncomment the next line and replace DB_DATA_LOCATION with your Postgres path to permanently reset the Postgres database
-# Remove-Item -Recurse -Force DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch
-## You should mount the backup (as a volume, example: - 'C:\path\to\backup\dump.sql':/dump.sql) into the immich_postgres container using the docker-compose.yml
-docker compose pull             # Update to latest version of Immich (if desired)
-docker compose create           # Create Docker containers for Immich apps without running them
+docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch.
+# Remove-Item -Recurse -Force DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch.
+docker compose pull     # Update to latest version of Immich (if desired)
+docker compose create   # Create Docker containers for Immich apps without running them.
 docker start immich_postgres    # Start Postgres server
-sleep 10                        # Wait for Postgres server to start up
-docker exec -it immich_postgres bash    # Enter the Docker shell and run the following command
-# Check the database user if you deviated from the default
-cat "/dump.sql" \
-| sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
-| psql --username=postgres      # Restore Backup
-exit                            # Exit the Docker shell
-docker compose up -d            # Start remainder of Immich apps
+sleep 10    # Wait for Postgres server to start up
+gc "C:\path\to\backup\dump.sql" | docker exec -i immich_postgres psql --username=postgres   # Restore Backup
+docker compose up -d    # Start remainder of Immich apps
 ```
 
 </TabItem>
 </Tabs>
 
-Note that for the database restore to proceed properly, it requires a completely fresh install (i.e. the Immich server has never run since creating the Docker containers). If the Immich app has run, Postgres conflicts may be encountered upon database restoration (relation already exists, violated foreign key constraints, multiple primary keys, etc.), in which case you need to delete the `DB_DATA_LOCATION` folder to reset the database.
+Note that for the database restore to proceed properly, it requires a completely fresh install (i.e. the Immich server has never run since creating the Docker containers). If the Immich app has run, Postgres conflicts may be encountered upon database restoration (relation already exists, violated foreign key constraints, multiple primary keys, etc.).
 
 :::tip
-Some deployment methods make it difficult to start the database without also starting the server. In these cases, you may set the environment variable `DB_SKIP_MIGRATIONS=true` before starting the services. This will prevent the server from running migrations that interfere with the restore process. Be sure to remove this variable and restart the services after the database is restored.
+Some deployment methods make it difficult to start the database without also starting the server or microservices. In these cases, you may set the environmental variable `DB_SKIP_MIGRATIONS=true` before starting the services. This will prevent the server from running migrations that interfere with the restore process. Note that both the server and microservices must have this variable set to prevent the migrations from running. Be sure to remove this variable and restart the services after the database is restored.
+:::
+
+The database dumps can also be automated (using [this image](https://github.com/prodrigestivill/docker-postgres-backup-local)) by editing the docker compose file to match the following:
+
+```yaml
+services:
+  ...
+  backup:
+    container_name: immich_db_dumper
+    image: prodrigestivill/postgres-backup-local:14
+    restart: always
+    env_file:
+      - .env
+    environment:
+      POSTGRES_HOST: database
+      POSTGRES_CLUSTER: 'TRUE'
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      SCHEDULE: "@daily"
+      POSTGRES_EXTRA_OPTS: '--clean --if-exists'
+      BACKUP_DIR: /db_dumps
+    volumes:
+      - ./db_dumps:/db_dumps
+    depends_on:
+      - database
+```
+
+Then you can restore with the same command but pointed at the latest dump.
+
+```bash title='Automated Restore'
+gunzip < db_dumps/last/immich-latest.sql.gz \
+| sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
+| docker exec -i immich_postgres psql --username=postgres
+```
+
+:::note
+If you see the error `ERROR:  type "earth" does not exist`, or you have problems with Reverse Geocoding after a restore, add the following `sed` fragment to your restore command.
+
+Example: `gunzip < "/path/to/backup/dump.sql.gz" | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" | docker exec -i immich_postgres psql --username=postgres`
 :::
 
 ## Filesystem
@@ -142,7 +157,7 @@ for more info read the [release notes](https://github.com/immich-app/immich/rele
 
   - The Immich database containing all the information to allow the system to function properly.  
     **Note:** This folder will only appear to users who have made the changes mentioned in [v1.102.0](https://github.com/immich-app/immich/discussions/8930) (an optional, non-mandatory change) or who started with this version.
-  - Stored in `DB_DATA_LOCATION`.
+  - Stored in `UPLOAD_LOCATION/postgres`.
 
   :::danger
   A backup of this folder does not constitute a backup of your database!
@@ -176,7 +191,7 @@ When you turn off the storage template engine, it will leave the assets in `UPLO
   - Stored in `UPLOAD_LOCATION/profile/<userID>`.
 - **Thumbs Images:**
   - Preview images (blurred, small, large) for each asset and thumbnails for recognized faces.
-  - Stored in `UPLOAD_LOCATION/thumbs/<userID>`.
+  - Stored in `UPLOCAD_LOCATION/thumbs/<userID>`.
 - **Encoded Assets:**
   - Videos that have been re-encoded from the original for wider compatibility. The original is not removed.
   - Stored in `UPLOAD_LOCATION/encoded-video/<userID>`.
@@ -188,7 +203,7 @@ When you turn off the storage template engine, it will leave the assets in `UPLO
 
   - The Immich database containing all the information to allow the system to function properly.  
     **Note:** This folder will only appear to users who have made the changes mentioned in [v1.102.0](https://github.com/immich-app/immich/discussions/8930) (an optional, non-mandatory change) or who started with this version.
-  - Stored in `DB_DATA_LOCATION`.
+  - Stored in `UPLOAD_LOCATION/postgres`.
 
   :::danger
   A backup of this folder does not constitute a backup of your database!

docs/docs/administration/email-notification.mdx

@@ -8,20 +8,16 @@ Immich supports the option to send notifications via Email for the following eve
 
 ## SMTP settings
 
-You can access the settings panel from the web at `Administration -> Settings -> Notification settings`.
+You can access the settings panel from the web at `Administration -> Settings -> Notification settings`
 
-Under Email, enter the required details to connect with an SMTP server.
+Under Email, enter the following details to connect with SMTP servers.
 
-You can use [this guide](/docs/guides/smtp-gmail) to use Gmail's SMTP server.
+You can use the following [guide](/docs/guides/smtp-gmail) to use Gmail's SMTP server.
+
+<img src={require('./img/email-settings.png').default} width="80%" title="SMTP settings" />
 
 ## User's notifications settings
 
 Users can manage their email notification settings from their account settings page on the web. They can choose to turn email notifications on or off for the following events:
 
-<img src={require('./img/user-notifications-settings.webp').default} width="80%" title="User notification settings" />
-
-## Notification templates
-
-You can override the default notification text with custom templates in HTML format. You can use tags to show dynamic tags in your templates.
-
-<img src={require('./img/user-notifications-templates.webp').default} width="80%" title="User notification templates" />
+<img src={require('./img/user-notifications-settings.png').default} width="80%" title="User notification settings" />

docs/docs/administration/jobs-workers.md

@@ -22,7 +22,7 @@ Copy the entire `immich-server` block as a new service and make the following ch
 -   container_name: immich_server
 ...
 -   ports:
--     - 2283:2283
+-     - 2283:3001
 + immich-microservices:
 +   container_name: immich_microservices
 ```
@@ -48,4 +48,8 @@ When a new asset is uploaded it kicks off a series of jobs, which include metada
 
 Additionally, some jobs run on a schedule, which is every night at midnight. This schedule, with the exception of [External Libraries](/docs/features/libraries) scanning, cannot be changed.
 
-<img src={require('./img/admin-jobs.webp').default} width="60%" title="Admin jobs" />
+:::info
+Storage Migration job can be run after changing the [Storage Template](/docs/administration/storage-template.mdx), in order to apply the change to the existing library.
+:::
+
+<img src={require('./img/admin-jobs.png').default} width="80%" title="Admin jobs" />

docs/docs/administration/oauth.md

@@ -3,7 +3,7 @@
 This page contains details about using OAuth in Immich.
 
 :::tip
-Unable to set `app.immich:///oauth-callback` as a valid redirect URI? See [Mobile Redirect URI](#mobile-redirect-uri) for an alternative solution.
+Unable to set `app.immich:/` as a valid redirect URI? See [Mobile Redirect URI](#mobile-redirect-uri) for an alternative solution.
 :::
 
 ## Overview
@@ -11,7 +11,7 @@ Unable to set `app.immich:///oauth-callback` as a valid redirect URI? See [Mobil
 Immich supports 3rd party authentication via [OpenID Connect][oidc] (OIDC), an identity layer built on top of OAuth2. OIDC is supported by most identity providers, including:
 
 - [Authentik](https://goauthentik.io/integrations/sources/oauth/#openid-connect)
-- [Authelia](https://www.authelia.com/integration/openid-connect/immich/)
+- [Authelia](https://www.authelia.com/configuration/identity-providers/openid-connect/clients/)
 - [Okta](https://www.okta.com/openid-connect/)
 - [Google](https://developers.google.com/identity/openid-connect/openid-connect)
 
@@ -30,7 +30,7 @@ Before enabling OAuth in Immich, a new client application needs to be configured
 
    The **Sign-in redirect URIs** should include:
 
-   - `app.immich:///oauth-callback` - for logging in with OAuth from the [Mobile App](/docs/features/mobile-app.mdx)
+   - `app.immich:/` - for logging in with OAuth from the [Mobile App](/docs/features/mobile-app.mdx)
    - `http://DOMAIN:PORT/auth/login` - for logging in with OAuth from the Web Client
    - `http://DOMAIN:PORT/user-settings` - for manually linking OAuth in the Web Client
 
@@ -38,7 +38,7 @@ Before enabling OAuth in Immich, a new client application needs to be configured
 
    Mobile
 
-   - `app.immich:///oauth-callback` (You **MUST** include this for iOS and Android mobile apps to work properly)
+   - `app.immich:/` (You **MUST** include this for iOS and Android mobile apps to work properly)
 
    Localhost
 
@@ -96,16 +96,16 @@ When Auto Launch is enabled, the login page will automatically redirect the user
 
 ## Mobile Redirect URI
 
-The redirect URI for the mobile app is `app.immich:///oauth-callback`, which is a [Custom Scheme](https://developer.apple.com/documentation/xcode/defining-a-custom-url-scheme-for-your-app). If this custom scheme is an invalid redirect URI for your OAuth Provider, you can work around this by doing the following:
+The redirect URI for the mobile app is `app.immich:/`, which is a [Custom Scheme](https://developer.apple.com/documentation/xcode/defining-a-custom-url-scheme-for-your-app). If this custom scheme is an invalid redirect URI for your OAuth Provider, you can work around this by doing the following:
 
-1. Configure an http(s) endpoint to forwards requests to `app.immich:///oauth-callback`
+1. Configure an http(s) endpoint to forwards requests to `app.immich:/`
 2. Whitelist the new endpoint as a valid redirect URI with your provider.
 3. Specify the new endpoint as the `Mobile Redirect URI Override`, in the OAuth settings.
 
 With these steps in place, you should be able to use OAuth from the [Mobile App](/docs/features/mobile-app.mdx) without a custom scheme redirect URI.
 
 :::info
-Immich has a route (`/api/oauth/mobile-redirect`) that is already configured to forward requests to `app.immich:///oauth-callback`, and can be used for step 1.
+Immich has a route (`/api/oauth/mobile-redirect`) that is already configured to forward requests to `app.immich:/`, and can be used for step 1.
 :::
 
 ## Example Configuration
@@ -154,21 +154,21 @@ Configuration of Authorised redirect URIs (Google Console)
 
 Configuration of OAuth in Immich System Settings
 
-| Setting                      | Value                                                                        |
-| ---------------------------- | ---------------------------------------------------------------------------- |
-| Issuer URL                   | `https://accounts.google.com`                                                |
-| Client ID                    | 7\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***vuls.apps.googleusercontent.com |
-| Client Secret                | G\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***OO                              |
-| Scope                        | openid email profile                                                         |
-| Signing Algorithm            | RS256                                                                        |
-| Storage Label Claim          | preferred_username                                                           |
-| Storage Quota Claim          | immich_quota                                                                 |
-| Default Storage Quota (GiB)  | 0 (0 for unlimited quota)                                                    |
-| Button Text                  | Sign in with Google (optional)                                               |
-| Auto Register                | Enabled (optional)                                                           |
-| Auto Launch                  | Enabled                                                                      |
-| Mobile Redirect URI Override | Enabled (required)                                                           |
-| Mobile Redirect URI          | `https://example.immich.app/api/oauth/mobile-redirect`                       |
+| Setting                      | Value                                                                                                  |
+| ---------------------------- | ------------------------------------------------------------------------------------------------------ |
+| Issuer URL                   | [https://accounts.google.com](https://accounts.google.com)                                             |
+| Client ID                    | 7\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***vuls.apps.googleusercontent.com                           |
+| Client Secret                | G\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***OO                                                        |
+| Scope                        | openid email profile                                                                                   |
+| Signing Algorithm            | RS256                                                                                                  |
+| Storage Label Claim          | preferred_username                                                                                     |
+| Storage Quota Claim          | immich_quota                                                                                           |
+| Default Storage Quota (GiB)  | 0 (0 for unlimited quota)                                                                              |
+| Button Text                  | Sign in with Google (optional)                                                                         |
+| Auto Register                | Enabled (optional)                                                                                     |
+| Auto Launch                  | Enabled                                                                                                |
+| Mobile Redirect URI Override | Enabled (required)                                                                                     |
+| Mobile Redirect URI          | [https://demo.immich.app/api/oauth/mobile-redirect](https://demo.immich.app/api/oauth/mobile-redirect) |
 
 </details>
 

docs/docs/administration/postgres-standalone.md

@@ -13,9 +13,9 @@ Running with a pre-existing Postgres server can unlock powerful administrative f
 You must install pgvecto.rs into your instance of Postgres using their [instructions][vectors-install]. After installation, add `shared_preload_libraries = 'vectors.so'` to your `postgresql.conf`. If you already have some `shared_preload_libraries` set, you can separate each extension with a comma. For example, `shared_preload_libraries = 'pg_stat_statements, vectors.so'`.
 
 :::note
-Immich is known to work with Postgres versions 14, 15, and 16. Earlier versions are unsupported. Postgres 17 is nominally compatible, but pgvecto.rs does not have prebuilt images or packages for it as of writing.
+Immich is known to work with Postgres versions 14, 15, and 16. Earlier versions are unsupported.
 
-Make sure the installed version of pgvecto.rs is compatible with your version of Immich. The current accepted range for pgvecto.rs is `>= 0.2.0, < 0.4.0`.
+Make sure the installed version of pgvecto.rs is compatible with your version of Immich. For example, if your Immich version uses the dedicated database image `tensorchord/pgvecto-rs:pg14-v0.2.1`, you must install pgvecto.rs `>= 0.2.1, < 0.3.0`.
 :::
 
 ## Specifying the connection URL

docs/docs/administration/repair-page.md

@@ -0,0 +1,27 @@
+# Repair Page
+
+The repair page is designed to give information to the system administrator about files that are not tracked, or offline paths.
+
+## Natural State
+
+In this situation, everything is in its place and there is no problem that the system administrator should be aware of.
+
+<img src={require('./img/repair-page.png').default} title="server statistic" />
+
+## Any Other Situation
+
+:::note RAM Usage
+Several users report a situation where the page fails to load. In order to solve this problem you should try to allocate more RAM to Immich, if the problem continues, you should stop using the reverse proxy while loading the page.
+:::
+
+In any other situation, there are 3 different options that can appear:
+
+- MATCHES - These files are matched by their checksums.
+
+- OFFLINE PATHS - These files are the result of manually deleting files from immich or a failed file move in the past (losing track of a file).
+
+- UNTRACKED FILES - These files are not tracked by the application. They can be the result of failed moves, interrupted uploads, or left behind due to a bug.
+
+In addition, you can download the information from a page, mark everything (in order to check hashing) and correct the problem if a match is found in the hashing.
+
+<img src={require('./img/repair-page-1.png').default} title="server statistic" />

docs/docs/administration/reverse-proxy.md

@@ -6,10 +6,6 @@ Users can deploy a custom reverse proxy that forwards requests to Immich. This w
 The Repair page can take a long time to load. To avoid server timeouts or errors, we recommend specifying a timeout of at least 10 minutes on your proxy server.
 :::
 
-:::caution
-Immich does not support being served on a sub-path such as `location /immich {`. It has to be served on the root path of a (sub)domain.
-:::
-
 ### Nginx example config
 
 Below is an example config for nginx. Make sure to set `public_url` to the front-facing URL of your instance, and `backend_url` to the path of the Immich server.
@@ -44,26 +40,6 @@ server {
 }
 ```
 
-#### Compatibility with Let's Encrypt
-
-In the event that your nginx configuration includes a section for Let's Encrypt, it's likely that you have a segment similar to the following:
-
-```nginx
-location ~ /.well-known {
-    ...
-}
-```
-
-This particular `location` directive can inadvertently prevent mobile clients from reaching the `/.well-known/immich` path, which is crucial for discovery. Usual error message for this case is: "Your app major version is not compatible with the server". To remedy this, you should introduce an additional location block specifically for this path, ensuring that requests are correctly proxied to the Immich server:
-
-```nginx
-location = /.well-known/immich {
-    proxy_pass http://<backend_url>:2283;
-}
-```
-
-By doing so, you'll maintain the functionality of Let's Encrypt while allowing mobile clients to access the necessary Immich path without obstruction.
-
 ### Caddy example config
 
 As an alternative to nginx, you can also use [Caddy](https://caddyserver.com/) as a reverse proxy (with automatic HTTPS configuration). Below is an example config.
@@ -88,43 +64,3 @@ Below is an example config for Apache2 site configuration.
    ProxyPreserveHost On
 </VirtualHost>
 ```
-
-### Traefik Proxy example config
-
-The example below is for Traefik version 3.
-
-The most important is to increase the `respondingTimeouts` of the entrypoint used by immich. In this example of entrypoint `websecure` for port `443`. Per default it's set to 60s which leeds to videos stop uploading after 1 minute (Error Code 499). With this config it will fail after 10 minutes which is in most cases enough. Increase it if needed.
-
-`traefik.yaml`
-
-```yaml
-[...]
-entryPoints:
-  websecure:
-    address: :443
-    # this section needs to be added
-    transport:
-      respondingTimeouts:
-        readTimeout: 600s
-        idleTimeout: 600s
-        writeTimeout: 600s
-```
-
-The second part is in the `docker-compose.yml` file where immich is in. Add the Traefik specific labels like in the example.
-
-`docker-compose.yml`
-
-```yaml
-services:
-  immich-server:
-    [...]
-    labels:
-      traefik.enable: true
-      # increase readingTimeouts for the entrypoint used here
-      traefik.http.routers.immich.entrypoints: websecure
-      traefik.http.routers.immich.rule: Host(`immich.your-domain.com`)
-      traefik.http.services.immich.loadbalancer.server.port: 2283
-```
-
-Keep in mind, that Traefik needs to communicate with the network where immich is in, usually done
-by adding the Traefik network to the `immich-server`.

docs/docs/administration/server-stats.md

@@ -1,9 +1,13 @@
 # Server Stats
 
-Server statistics to show the total number of videos, photos, usage and quota per user.
+Server statistics to show the total number of videos, photos, and usage per user.
 
-:::info External library
-External libraries are not included in the storage quota due to custom mount points.
+:::info
+If a storage quota has been defined for the user, the usage number will be displayed as a percentage of the total storage quota allocated to them.
 :::
 
-<img src={require('./img/server-stats.webp').default} title="server statistic" />
+:::info External library
+External library is not included in the storage quota.
+:::
+
+<img src={require('./img/server-stats.png').default} title="server statistic" />

docs/docs/administration/system-integrity.md

@@ -1,49 +0,0 @@
-# System Integrity
-
-## Folder checks
-
-:::info
-The folders considered for these checks include: `upload/`, `library/`, `thumbs/`, `encoded-video/`, `profile/`, `backups/`
-:::
-
-When Immich starts, it performs a series of checks in order to validate that it can read and write files to the volume mounts used by the storage system. If it cannot perform all the required operations, it will fail to start. The checks include:
-
-- Creating an initial hidden file (`.immich`) in each folder
-- Reading a hidden file (`.immich`) in each folder
-- Overwriting a hidden file (`.immich`) in each folder
-
-The checks are designed to catch the following situations:
-
-- Incorrect permissions (cannot read/write files)
-- Missing volume mount (`.immich` files should exist, but are missing)
-
-### Common issues
-
-:::note
-`.immich` files serve as markers and help keep track of volume mounts being used by Immich. Except for the situations listed below, they should never be manually created or deleted.
-:::
-
-#### Missing `.immich` files
-
-```
-Verifying system mount folder checks (enabled=true)
-...
-ENOENT: no such file or directory, open 'upload/encoded-video/.immich'
-```
-
-The above error messages show that the server has previously (successfully) written `.immich` files to each folder, but now does not detect them. This could be because any of the following:
-
-- Permission error - unable to read the file, but it exists
-- File does not exist - volume mount has changed and should be corrected
-- File does not exist - user manually deleted it and should be manually re-created (`touch .immich`)
-- File does not exist - user restored from a backup, but did not restore each folder (user should restore all folders or manually create `.immich` in any missing folders)
-
-### Ignoring the checks
-
-:::warning
-The checks are designed to catch common problems that we have seen users have in the past, and often indicate there's something wrong that you should solve. If you know what you're doing and you want to disable them you can set the following environment variable:
-:::
-
-```
-IMMICH_IGNORE_MOUNT_CHECK_ERRORS=true
-```

docs/docs/administration/system-settings.md

@@ -1,6 +1,10 @@
 # System Settings
 
-The admin user can manage settings for the Immich instance here.
+On the system settings page, the administrator can manage global settings for the Immich instance.
+
+:::note
+Viewing and modifying the system settings is restricted to the Administrator.
+:::
 
 :::tip
 You can always return to the default settings by clicking the `Reset to default` button.
@@ -100,7 +104,8 @@ You can choose to disable a certain type of machine learning, for example smart
 
 ### Smart Search
 
-The [smart search](/docs/features/searching) settings allow you to change the [CLIP model](https://openai.com/research/clip). Larger models will typically provide [more accurate search results](https://github.com/immich-app/immich/discussions/11862) but consume more processing power and RAM. When [changing the CLIP model](/docs/FAQ#can-i-use-a-custom-clip-model) it is mandatory to re-run the Smart Search job on all images to fully apply the change.
+The smart search settings are designed to allow the search tool to be used using [CLIP](https://openai.com/research/clip) models that [can be changed](/docs/FAQ#can-i-use-a-custom-clip-model), different models will necessarily give better results but may consume more processing power, when changing a model it is mandatory to re-run the
+Smart Search job on all images to fully apply the change.
 
 :::info Internet connection
 Changing models requires a connection to the Internet to download the model.
@@ -108,23 +113,15 @@ After downloading, there is no need for Immich to connect to the network
 Unless version checking has been enabled in the settings.
 :::
 
-### Duplicate Detection
-
-Use CLIP embeddings to find likely duplicates. The maximum detection distance can be configured in order to improve / reduce the level of accuracy.
-
-- **Maximum detection distance -** Maximum distance between two images to consider them duplicates, ranging from 0.001-0.1. Higher values will detect more duplicates, but may result in false positives.
-
 ### Facial Recognition
 
 Under these settings, you can change the facial recognition settings
 Editable settings:
 
-- **Facial Recognition Model**
-- **Min Detection Score**
-- **Max Recognition Distance**
-- **Min Recognized Faces**
-
-You can learn more about these options on the [Facial Recognition page](/docs/features/facial-recognition#how-face-detection-works)
+- **Facial Recognition Model -** Models are listed in descending order of size. Larger models are slower and use more memory, but produce better results. Note that you must re-run the Face Detection job for all images upon changing a model.
+- **Min Detection Score -** Minimum confidence score for a face to be detected from 0-1. Lower values will detect more faces but may result in false positives.
+- **Max Recognition Distance -** Maximum distance between two faces to be considered the same person, ranging from 0-2. Lowering this can prevent labeling two people as the same person, while raising it can prevent labeling the same person as two different people. Note that it is easier to merge two people than to split one person in two, so err on the side of a lower threshold when possible.
+- **Min Recognized Faces -** The minimum number of recognized faces for a person to be created (AKA: Core face). Increasing this makes Facial Recognition more precise at the cost of increasing the chance that a face is not assigned to a person.
 
 :::info
 When changing the values in Min Detection Score, Max Recognition Distance, and Min Recognized Faces.
@@ -152,15 +149,11 @@ Immich supports [Reverse Geocoding](/docs/features/reverse-geocoding) using data
 
 SMTP server setup, for user creation notifications, new albums, etc. More information can be found [here](/docs/administration/email-notification)
 
-## Notification Templates
-
-Override the default notifications text with notification templates. More information can be found [here](/docs/administration/email-notification)
-
 ## Server Settings
 
 ### External Domain
 
-Overrides the domain name in shared links and email notifications. The URL should not include a trailing slash.
+When set, will override the domain name used when viewing and copying a shared link.
 
 ### Welcome Message
 
@@ -204,68 +197,4 @@ When this option is enabled the `immich-server` will periodically make requests
 
 ## Video Transcoding Settings
 
-The system administrator can configure which video files will be converted to different formats. The settings can be changed in depth, to learn more about the terminology used here, refer to FFmpeg documentation for [H.264](https://trac.ffmpeg.org/wiki/Encode/H.264) codec, [HEVC](https://trac.ffmpeg.org/wiki/Encode/H.265) codec and [VP9](https://trac.ffmpeg.org/wiki/Encode/VP9) codec.
-
-Which streams of a video file will be transcoded is determined by the [Transcode Policy](#ffmpeg.transcode). Streams that are transcoded use the following settings (config file name in brackets). Streams that are not transcoded are untouched and preserve their original settings.
-
-### Accepted containers (`ffmpeg.acceptedContainers`) {#ffmpeg.acceptedContainers}
-
-If the video asset's container format is not in this list, it will be remuxed to MP4 even if no streams need to be transcoded.
-
-The default set of accepted container formats is `mov`, `ogg` and `webm`.
-
-### Preset (`ffmpeg.preset`) {#ffmpeg.preset}
-
-The amount of "compute effort" to put into transcoding. These use [the preset names from h264](https://trac.ffmpeg.org/wiki/Encode/H.264#Preset) and will be converted to appropriate values for encoders that configure effort in different ways.
-
-The default value is `ultrafast`.
-
-### Audio codec (`ffmpeg.targetAudioCodec`) {#ffmpeg.targetAudioCodec}
-
-Which audio codec to use when the audio stream is being transcoded. Can be one of `mp3`, `aac`, `libopus`.
-
-The default value is `aac`.
-
-### Video Codec (`ffmpeg.targetVideoCodec`) {#ffmpeg.targetVideoCodec}
-
-Which video codec to use when the video stream is being transcoded. Can be one of `h264`, `hevc`, `vp9` or `av1`.
-
-The default value is `h264`.
-
-### Target resolution (`ffmpeg.targetResolution`) {#ffmpeg.targetResolution}
-
-When transcoding a video stream, downscale the largest dimension to this value while preserving aspect ratio. Videos are never upscaled.
-
-The default value is `720`.
-
-### Transcode policy (`ffmpeg.transcode`) {#ffmpeg.transcode}
-
-The transcoding policy configures which streams of a video asset will be transcoded. The transcoding decision is made independently for video streams and audio streams. This means that if a video stream needs to be transcoded, but an audio stream does not, then the video stream will be transcoded while the audio stream will be copied. If the transcoding policy does not require any stream to be transcoded and does not require the video to be remuxed, then no separate video file will be created.
-
-The default policy is `required`.
-
-#### All videos (`all`) {#ffmpeg.transcode-all}
-
-Videos are always transcoded. This ensures consistency during video playback.
-
-#### Don't transcode any videos (`disabled`) {#ffmpeg.transcode-disabled}
-
-Videos are never transcoded. This saves space and resources on the server, but may prevent playback on devices that don't support the source format (especially web browsers) or result in high bandwidth usage when playing high-bitrate files.
-
-#### Only videos not in an accepted format (`required`) {#ffmpeg.transcode-required}
-
-Video streams are transcoded when any of the following conditions are met:
-
-- The video is HDR.
-- The video is not in the yuv420p pixel format.
-- The video codec is not in `acceptedVideoCodecs`.
-
-Audio is transcoded if the audio codec is not in `acceptedAudioCodecs`.
-
-#### Videos higher than max bitrate or not in an accepted format (`bitrate`) {#ffmpeg.transcode-bitrate}
-
-In addition to the conditions in `required`, video streams are also transcoded if their bitrate is over `maxBitrate`.
-
-#### Videos higher than target resolution or not in an accepted format (`optimal`) {#ffmpeg.transcode-optimal}
-
-In addition to the conditions in `required`, video streams are also transcoded if the horizontal **and** vertical dimensions are higher than [`targetResolution`](#ffmpeg.targetResolution).
+The system administrator can define parameters according to which video files will be converted to different formats (depending on the settings). The settings can be changed in depth, to learn more about the terminology used here, refer to FFmpeg documentation for [H.264](https://trac.ffmpeg.org/wiki/Encode/H.264) codec, [HEVC](https://trac.ffmpeg.org/wiki/Encode/H.265) codec and [VP9](https://trac.ffmpeg.org/wiki/Encode/VP9) codec.

docs/docs/administration/user-management.mdx

@@ -41,7 +41,7 @@ The system administrator can see the usage quota percentage of all users in Serv
 External libraries don't take up space from the storage quota.
 :::
 
-<img src={require('./img/user-quota-size.webp').default} width="40%" title="Set Quota Size" />
+<img src={require('./img/user-quota-size.png').default} width="40%" title="Set Quota Size" />
 
 ## Set Storage Label For User
 
@@ -51,13 +51,13 @@ To apply a storage template, go to the Administration page -> click on the penci
 To apply the Storage Label to previously uploaded assets, run the Storage Migration Job.
 :::
 
-<img src={require('./img/user-storage-label.webp').default} width="40%" title="Delete User" />
+<img src={require('./img/user-storage-label.png').default} width="40%" title="Delete User" />
 
 ## Password Reset
 
 To reset a user's password, click the pencil icon to edit a user, then click "Reset Password". The user's password will be reset to random password and they have to change it next time the sign in.
 
-<img src={require('./img/user-management-update.webp').default} width="40%" title="Reset Password" />
+<img src={require('./img/user-management-update.png').default} width="40%" title="Reset Password" />
 
 ## Delete a User
 
@@ -72,7 +72,7 @@ You can customize the time of the deletion of the users from the Administration
 The user deletion job runs at midnight to check for users that are ready for deletion. Changes to this setting will be evaluated at the next execution.
 :::
 
-<img src={require('./img/customize-delete-user.webp').default} width="80%" title="Customize Delete User" />
+<img src={require('./img/customize-delete-user.png').default} width="80%" title="Customize Delete User" />
 
 ### Immediately Remove User
 
@@ -80,4 +80,4 @@ You can choose to delete a user immediately by checking the box
 `Queue user and assets for immediate deletion` in the deletion process, this will immediately remove the user and all assets.
 This cannot be undone and the files cannot be recovered.
 
-<img src={require('./img/immediately-remove-user.webp').default} width="40%" title="Customize Delete User" />
+<img src={require('./img/immediately-remove-user.png').default} width="40%" title="Customize Delete User" />

docs/docs/developer/architecture.mdx

@@ -2,8 +2,7 @@
 sidebar_position: 1
 ---
 
-import AppArchitecture from './img/app-architecture.webp';
-import MobileArchitecture from './img/immich_mobile_architecture.svg';
+import AppArchitecture from './img/app-architecture.png';
 
 # Architecture
 
@@ -29,14 +28,7 @@ All three clients use [OpenAPI](./open-api.md) to auto-generate rest clients for
 
 ### Mobile App
 
-The mobile app is written in [Dart](https://dart.dev/) using [Flutter](https://flutter.dev/). Below is an architecture overview:
-
-<MobileArchitecture className="p-4 dark:bg-immich-dark-primary my-4" />
-
-The diagrams shows the target architecture, the current state of the code-base is not always following the architecture yet. New code and contributions should follow this architecture.
-Currently, it uses [Isar Database](https://isar.dev/) for a local database and [Riverpod](https://riverpod.dev/) for state management (providers).
-Entities and Models are the two types of data classes used. While entities are stored in the on-device database, models are ephemeral and only kept in memory.
-The Repositories should be the only place where other data classes are used internally (such as OpenAPI DTOs). However, their interfaces must not use foreign data classes!
+The mobile app is written in [Flutter](https://flutter.dev/). It uses [Isar Database](https://isar.dev/) for a local database and [Riverpod](https://riverpod.dev/) for state management.
 
 ### Web Client