add extension to tmp path

re-add extends section

.dockerignore

@@ -23,7 +23,6 @@ server/node_modules/
 server/upload/
 server/dist/
 server/www/
-server/test/assets/
 
 web/node_modules/
 web/coverage/

.gitattributes

@@ -2,8 +2,6 @@ mobile/openapi/**/*.md -diff -merge
 mobile/openapi/**/*.md linguist-generated=true
 mobile/openapi/**/*.dart -diff -merge
 mobile/openapi/**/*.dart linguist-generated=true
-mobile/openapi/.openapi-generator/FILES -diff -merge
-mobile/openapi/.openapi-generator/FILES linguist-generated=true
 
 mobile/lib/**/*.g.dart -diff -merge
 mobile/lib/**/*.g.dart linguist-generated=true

.github/FUNDING.yml

@@ -1,5 +0,0 @@
-# These are supported funding model platforms
-
-github: immich-app
-liberapay: alex.tran1502
-custom: https://www.buymeacoffee.com/altran1502

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -87,6 +87,16 @@ body:
     validations:
       required: true
 
+  - type: textarea
+    id: logs
+    attributes:
+      label: Relevant log output
+      description: Please copy and paste any relevant logs below. (code formatting is
+        enabled, no need for backticks)
+      render: shell
+    validations:
+      required: false
+      
   - type: textarea
     attributes:
       label: Additional information

.github/workflows/build-mobile.yml

@@ -37,15 +37,15 @@ jobs:
 
       - uses: actions/setup-java@v4
         with:
-          distribution: "zulu"
-          java-version: "11.0.21+9"
-          cache: "gradle"
+          distribution: 'zulu'
+          java-version: '17'
+          cache: 'gradle'
 
       - name: Setup Flutter SDK
         uses: subosito/flutter-action@v2
         with:
-          channel: "stable"
-          flutter-version: "3.19.3"
+          channel: 'stable'
+          flutter-version: '3.22.0'
           cache: true
 
       - name: Create the Keystore

.github/workflows/docker-cleanup.yml

@@ -35,7 +35,7 @@ jobs:
     steps:
       - name: Clean temporary images
         if: "${{ env.TOKEN != '' }}"
-        uses: stumpylog/image-cleaner-action/ephemeral@v0.5.0
+        uses: stumpylog/image-cleaner-action/ephemeral@v0.6.0
         with:
           token: "${{ env.TOKEN }}"
           owner: "immich-app"
@@ -64,7 +64,7 @@ jobs:
     steps:
       - name: Clean untagged images
         if: "${{ env.TOKEN != '' }}"
-        uses: stumpylog/image-cleaner-action/untagged@v0.5.0
+        uses: stumpylog/image-cleaner-action/untagged@v0.6.0
         with:
           token: "${{ env.TOKEN }}"
           owner: "immich-app"

.github/workflows/pr-require-conventional-commit.yml

@@ -0,0 +1,15 @@
+name: PR Conventional Commit Validation
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, edited]
+
+jobs:
+  validate-pr-title:
+    runs-on: ubuntu-latest
+    steps:
+      - name: PR Conventional Commit Validation
+        uses:  ytanikin/PRConventionalCommits@1.2.0
+        with:
+          task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]'
+          add_label: 'false'

.github/workflows/static_analysis.yml

@@ -22,8 +22,8 @@ jobs:
       - name: Setup Flutter SDK
         uses: subosito/flutter-action@v2
         with:
-          channel: "stable"
-          flutter-version: "3.19.3"
+          channel: 'stable'
+          flutter-version: '3.22.0'
 
       - name: Install dependencies
         run: dart pub get

.github/workflows/test.yml

@@ -10,19 +10,6 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  server-e2e-jobs:
-    name: Server (e2e-jobs)
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          submodules: 'recursive'
-
-      - name: Run e2e tests
-        run: make server-e2e-jobs
-
   doc-tests:
     name: Docs
     runs-on: ubuntu-latest
@@ -221,7 +208,7 @@ jobs:
         uses: subosito/flutter-action@v2
         with:
           channel: 'stable'
-          flutter-version: '3.16.9'
+          flutter-version: '3.22.0'
       - name: Run tests
         working-directory: ./mobile
         run: flutter test -j 1
@@ -273,16 +260,27 @@ jobs:
     name: OpenAPI Clients
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install server dependencies
+        run: npm --prefix=server ci
+
+      - name: Build the app
+        run: npm --prefix=server run build
+
       - name: Run API generation
         run: make open-api
+
       - name: Find file changes
-        uses: tj-actions/verify-changed-files@v19
+        uses: tj-actions/verify-changed-files@v20
         id: verify-changed-files
         with:
           files: |
             mobile/openapi
             open-api/typescript-sdk
+            open-api/immich-openapi-specs.json
+
       - name: Verify files have not changed
         if: steps.verify-changed-files.outputs.files_changed == 'true'
         run: |
@@ -332,7 +330,7 @@ jobs:
         run: npm run typeorm:migrations:generate ./src/migrations/TestMigration
 
       - name: Find file changes
-        uses: tj-actions/verify-changed-files@v19
+        uses: tj-actions/verify-changed-files@v20
         id: verify-changed-files
         with:
           files: |
@@ -345,12 +343,12 @@ jobs:
           exit 1
 
       - name: Run SQL generation
-        run: npm run sql:generate
+        run: npm run sync:sql
         env:
           DB_URL: postgres://postgres:postgres@localhost:5432/immich
 
       - name: Find file changes
-        uses: tj-actions/verify-changed-files@v19
+        uses: tj-actions/verify-changed-files@v20
         id: verify-changed-sql-files
         with:
           files: |

.gitignore

@@ -14,7 +14,10 @@ mobile/gradle.properties
 mobile/openapi/pubspec.lock
 mobile/*.jks
 mobile/libisar.dylib
+mobile/openapi/test
+mobile/openapi/doc
+mobile/openapi/.openapi-generator/FILES
 
 open-api/typescript-sdk/build
 mobile/android/fastlane/report.xml
-mobile/ios/fastlane/report.xml
+mobile/ios/fastlane/report.xml

.gitmodules

@@ -2,5 +2,5 @@
 	path = mobile/.isar
 	url = https://github.com/isar/isar
 [submodule "server/test/assets"]
-	path = server/test/assets
+	path = e2e/test-assets
 	url = https://github.com/immich-app/test-assets

.vscode/settings.json

@@ -1,6 +1,16 @@
 {
   "editor.formatOnSave": true,
-  "[javascript][typescript][css]": {
+  "[javascript]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.tabSize": 2,
+    "editor.formatOnSave": true
+  },
+  "[typescript]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.tabSize": 2,
+    "editor.formatOnSave": true
+  },
+  "[css]": {
     "editor.defaultFormatter": "esbenp.prettier-vscode",
     "editor.tabSize": 2,
     "editor.formatOnSave": true
@@ -31,4 +41,4 @@
   "explorer.fileNesting.patterns": {
     "*.ts": "${capture}.spec.ts,${capture}.mock.ts"
   }
-}
+}

Makefile

@@ -16,9 +16,6 @@ stage:
 pull-stage:
 	docker compose -f ./docker/docker-compose.staging.yml pull
 
-server-e2e-jobs:
-	docker compose -f ./server/e2e/docker-compose.server-e2e.yml up --renew-anon-volumes --abort-on-container-exit --exit-code-from immich-server --remove-orphans --build
-
 .PHONY: e2e
 e2e:
 	docker compose -f ./e2e/docker-compose.yml up --build -V --remove-orphans
@@ -40,7 +37,7 @@ open-api-typescript:
 	cd ./open-api && bash ./bin/generate-open-api.sh typescript
 
 sql:
-	npm --prefix server run sql:generate
+	npm --prefix server run sync:sql
 
 attach-server:
 	docker exec -it docker_immich-server_1 sh

README.md

@@ -18,6 +18,7 @@
 </a>
 <br/>
 <p align="center">
+
   <a href="readme_i18n/README_ca_ES.md">Català</a>
   <a href="readme_i18n/README_es_ES.md">Español</a>
   <a href="readme_i18n/README_fr_FR.md">Français</a>
@@ -29,6 +30,8 @@
   <a href="readme_i18n/README_tr_TR.md">Türkçe</a>
   <a href="readme_i18n/README_zh_CN.md">中文</a>
   <a href="readme_i18n/README_ru_RU.md">Русский</a>
+  <a href="readme_i18n/README_pt_BR.md">Português Brasileiro</a>
+  <a href="readme_i18n/README_ar_JO.md">العربية</a>
 </p>
 
 ## Disclaimer
@@ -47,7 +50,6 @@
 - [Introduction](https://immich.app/docs/overview/introduction)
 - [Installation](https://immich.app/docs/install/requirements)
 - [Contribution Guidelines](https://immich.app/docs/overview/support-the-project)
-- [Support The Project](#support-the-project)
 
 ## Documentation
 
@@ -70,6 +72,7 @@ Spec: Free-tier Oracle VM - Amsterdam - 2.4Ghz quad-core ARM64 CPU, 24GB RAM
 ```
 
 ## Activities
+
 ![Activities](https://repobeats.axiom.co/api/embed/9e86d9dc3ddd137161f2f6d2e758d7863b1789cb.svg "Repobeats analytics image")
 
 ## Features
@@ -106,23 +109,6 @@ Spec: Free-tier Oracle VM - Amsterdam - 2.4Ghz quad-core ARM64 CPU, 24GB RAM
 | Read-only gallery                            | Yes    | Yes |
 | Stacked Photos                               | Yes    | Yes |
 
-## Support the project
-
-I've committed to this project, and I will not stop. I will keep updating the docs, adding new features, and fixing bugs. But I can't do it alone. So I need your help to give me additional motivation to keep going.
-
-As our hosts in the [selfhosted.show - In the episode 'The-organization-must-not-be-name is a Hostile Actor'](https://selfhosted.show/79?t=1418) said, this is a massive undertaking of what the team and I are doing. And I would love to someday be able to do this full-time, and I am asking for your help to make that happen.
-
-If you feel like this is the right cause and the app is something you are seeing yourself using for a long time, please consider supporting the project with the option below.
-
-### Donation
-
-- [Monthly donation](https://github.com/sponsors/immich-app) via GitHub Sponsors
-- [One-time donation](https://github.com/sponsors/immich-app?frequency=one-time&sponsor=alextran1502) via GitHub Sponsors
-- [Liberapay](https://liberapay.com/alex.tran1502/)
-- [buymeacoffee](https://www.buymeacoffee.com/altran1502)
-- Bitcoin: 3QVAb9dCHutquVejeNXitPqZX26Yg5kxb7
-- ZCash: u1smm4wvqegcp46zss2jf5xptchgeczp4rx7a0wu3mermf2wxahm26yyz5w9mw3f2p4emwlljxjumg774kgs8rntt9yags0whnzane4n67z4c7gppq4yyvcj404ne3r769prwzd9j8ntvqp44fa6d67sf7rmcfjmds3gmeceff4u8e92rh38nd30cr96xw6vfhk6scu4ws90ldzupr3sz
-
 ## Contributors
 
 <a href="https://github.com/alextran1502/immich/graphs/contributors">

cli/.nvmrc

@@ -0,0 +1 @@
+20.13

cli/Dockerfile

@@ -1,4 +1,4 @@
-FROM node:20-alpine3.19@sha256:7e227295e96f5b00aa79555ae166f50610940d888fc2e321cf36304cbd17d7d6 as core
+FROM node:20-alpine3.19@sha256:291e84d956f1aff38454bbd3da38941461ad569a185c20aa289f71f37ea08e23 as core
 
 WORKDIR /usr/src/open-api/typescript-sdk
 COPY open-api/typescript-sdk/package*.json open-api/typescript-sdk/tsconfig*.json ./

cli/package.json

@@ -28,8 +28,7 @@
     "eslint": "^8.56.0",
     "eslint-config-prettier": "^9.1.0",
     "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-unicorn": "^52.0.0",
-    "glob": "^10.3.1",
+    "eslint-plugin-unicorn": "^53.0.0",
     "mock-fs": "^5.2.0",
     "prettier": "^3.2.5",
     "prettier-plugin-organize-imports": "^3.2.4",
@@ -59,6 +58,10 @@
     "node": ">=20.0.0"
   },
   "dependencies": {
+    "fast-glob": "^3.3.2",
     "lodash-es": "^4.17.21"
+  },
+  "volta": {
+    "node": "20.13.1"
   }
 }

cli/src/commands/asset.ts

@@ -26,7 +26,7 @@ type Asset = { id: string; filepath: string };
 
 interface UploadOptionsDto {
   recursive?: boolean;
-  exclusionPatterns?: string[];
+  ignore?: string;
   dryRun?: boolean;
   skipHash?: boolean;
   delete?: boolean;
@@ -75,7 +75,7 @@ const scan = async (pathsToCrawl: string[], options: UploadOptionsDto) => {
   const files = await crawl({
     pathsToCrawl,
     recursive: options.recursive,
-    exclusionPatterns: options.exclusionPatterns,
+    exclusionPattern: options.ignore,
     includeHidden: options.includeHidden,
     extensions: [...image, ...video],
   });
@@ -141,7 +141,7 @@ const uploadFiles = async (files: string[], { dryRun, concurrency }: UploadOptio
 
   if (dryRun) {
     console.log(`Would have uploaded ${files.length} asset${s(files.length)} (${byteSize(totalSize)})`);
-    return [];
+    return files.map((filepath) => ({ id: '', filepath }));
   }
 
   const uploadProgress = new SingleBar(
@@ -244,7 +244,7 @@ const deleteFiles = async (files: string[], options: UploadOptionsDto): Promise<
   }
 
   if (options.dryRun) {
-    console.log(`Would now have deleted assets, but skipped due to dry run`);
+    console.log(`Would have deleted ${files.length} local asset${s(files.length)}`);
     return;
   }
 
@@ -285,7 +285,7 @@ const updateAlbums = async (assets: Asset[], options: UploadOptionsDto) => {
   if (dryRun) {
     // TODO print asset counts for new albums
     console.log(`Would have created ${newAlbums.size} new album${s(newAlbums.size)}`);
-    console.log(`Would have updated ${assets.length} asset${s(assets.length)}`);
+    console.log(`Would have updated albums of ${assets.length} asset${s(assets.length)}`);
     return;
   }
 

cli/src/commands/auth.ts

@@ -1,4 +1,4 @@
-import { getMyUserInfo } from '@immich/sdk';
+import { getMyUser } from '@immich/sdk';
 import { existsSync } from 'node:fs';
 import { mkdir, unlink } from 'node:fs/promises';
 import { BaseOptions, connect, getAuthFilePath, logError, withError, writeAuthFile } from 'src/utils';
@@ -10,13 +10,13 @@ export const login = async (url: string, key: string, options: BaseOptions) => {
 
   await connect(url, key);
 
-  const [error, userInfo] = await withError(getMyUserInfo());
+  const [error, user] = await withError(getMyUser());
   if (error) {
     logError(error, 'Failed to load user info');
     process.exit(1);
   }
 
-  console.log(`Logged in as ${userInfo.email}`);
+  console.log(`Logged in as ${user.email}`);
 
   if (!existsSync(configDir)) {
     // Create config folder if it doesn't exist

cli/src/commands/server-info.ts

@@ -1,4 +1,4 @@
-import { getAssetStatistics, getMyUserInfo, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
+import { getAssetStatistics, getMyUser, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
 import { BaseOptions, authenticate } from 'src/utils';
 
 export const serverInfo = async (options: BaseOptions) => {
@@ -8,7 +8,7 @@ export const serverInfo = async (options: BaseOptions) => {
     getServerVersion(),
     getSupportedMediaTypes(),
     getAssetStatistics({}),
-    getMyUserInfo(),
+    getMyUser(),
   ]);
 
   console.log(`Server Info (via ${userInfo.email})`);

cli/src/index.ts

@@ -44,7 +44,7 @@ program
   .description('Upload assets')
   .usage('[paths...] [options]')
   .addOption(new Option('-r, --recursive', 'Recursive').env('IMMICH_RECURSIVE').default(false))
-  .addOption(new Option('-i, --ignore [paths...]', 'Paths to ignore').env('IMMICH_IGNORE_PATHS').default([]))
+  .addOption(new Option('-i, --ignore <pattern>', 'Pattern to ignore').env('IMMICH_IGNORE_PATHS'))
   .addOption(new Option('-h, --skip-hash', "Don't hash files before upload").env('IMMICH_SKIP_HASH').default(false))
   .addOption(new Option('-H, --include-hidden', 'Include hidden folders').env('IMMICH_INCLUDE_HIDDEN').default(false))
   .addOption(
@@ -60,7 +60,8 @@ program
   .addOption(
     new Option('-n, --dry-run', "Don't perform any actions, just show what will be done")
       .env('IMMICH_DRY_RUN')
-      .default(false),
+      .default(false)
+      .conflicts('skipHash'),
   )
   .addOption(
     new Option('-c, --concurrency <number>', 'Number of assets to upload at the same time')

cli/src/utils.spec.ts

@@ -66,7 +66,7 @@ const tests: Test[] = [
     test: 'should exclude by file extension',
     options: {
       pathsToCrawl: ['/photos/'],
-      exclusionPatterns: ['**/*.tif'],
+      exclusionPattern: '**/*.tif',
     },
     files: {
       '/photos/image.jpg': true,
@@ -77,7 +77,7 @@ const tests: Test[] = [
     test: 'should exclude by file extension without case sensitivity',
     options: {
       pathsToCrawl: ['/photos/'],
-      exclusionPatterns: ['**/*.TIF'],
+      exclusionPattern: '**/*.TIF',
     },
     files: {
       '/photos/image.jpg': true,
@@ -88,7 +88,7 @@ const tests: Test[] = [
     test: 'should exclude by folder',
     options: {
       pathsToCrawl: ['/photos/'],
-      exclusionPatterns: ['**/raw/**'],
+      exclusionPattern: '**/raw/**',
       recursive: true,
     },
     files: {
@@ -218,7 +218,7 @@ const tests: Test[] = [
     test: 'should support ignoring full filename',
     options: {
       pathsToCrawl: ['/photos'],
-      exclusionPatterns: ['**/image2.jpg'],
+      exclusionPattern: '**/image2.jpg',
     },
     files: {
       '/photos/image1.jpg': true,
@@ -230,7 +230,7 @@ const tests: Test[] = [
     test: 'should support ignoring file extensions',
     options: {
       pathsToCrawl: ['/photos'],
-      exclusionPatterns: ['**/*.png'],
+      exclusionPattern: '**/*.png',
     },
     files: {
       '/photos/image1.jpg': true,
@@ -243,7 +243,7 @@ const tests: Test[] = [
     options: {
       pathsToCrawl: ['/photos'],
       recursive: true,
-      exclusionPatterns: ['**/raw/**'],
+      exclusionPattern: '**/raw/**',
     },
     files: {
       '/photos/image1.jpg': true,
@@ -258,7 +258,7 @@ const tests: Test[] = [
     options: {
       pathsToCrawl: ['/'],
       recursive: true,
-      exclusionPatterns: ['/images/**'],
+      exclusionPattern: '/images/**',
     },
     files: {
       '/photos/image1.jpg': true,

cli/src/utils.ts

@@ -1,9 +1,9 @@
-import { defaults, getMyUserInfo, isHttpError } from '@immich/sdk';
-import { glob } from 'glob';
+import { getMyUser, init, isHttpError } from '@immich/sdk';
+import { glob } from 'fast-glob';
 import { createHash } from 'node:crypto';
 import { createReadStream } from 'node:fs';
 import { readFile, stat, writeFile } from 'node:fs/promises';
-import { join } from 'node:path';
+import { join, resolve } from 'node:path';
 import yaml from 'yaml';
 
 export interface BaseOptions {
@@ -46,10 +46,9 @@ export const connect = async (url: string, key: string) => {
     // noop
   }
 
-  defaults.baseUrl = url;
-  defaults.headers = { 'x-api-key': key };
+  init({ baseUrl: url, apiKey: key });
 
-  const [error] = await withError(getMyUserInfo());
+  const [error] = await withError(getMyUser());
   if (isHttpError(error)) {
     logError(error, 'Failed to connect to server');
     process.exit(1);
@@ -104,11 +103,11 @@ export interface CrawlOptions {
   pathsToCrawl: string[];
   recursive?: boolean;
   includeHidden?: boolean;
-  exclusionPatterns?: string[];
+  exclusionPattern?: string;
   extensions: string[];
 }
 export const crawl = async (options: CrawlOptions): Promise<string[]> => {
-  const { extensions: extensionsWithPeriod, recursive, pathsToCrawl, exclusionPatterns, includeHidden } = options;
+  const { extensions: extensionsWithPeriod, recursive, pathsToCrawl, exclusionPattern, includeHidden } = options;
   const extensions = extensionsWithPeriod.map((extension) => extension.replace('.', ''));
 
   if (pathsToCrawl.length === 0) {
@@ -120,11 +119,12 @@ export const crawl = async (options: CrawlOptions): Promise<string[]> => {
 
   for await (const currentPath of pathsToCrawl) {
     try {
-      const stats = await stat(currentPath);
+      const absolutePath = resolve(currentPath);
+      const stats = await stat(absolutePath);
       if (stats.isFile() || stats.isSymbolicLink()) {
-        crawledFiles.push(currentPath);
+        crawledFiles.push(absolutePath);
       } else {
-        patterns.push(currentPath);
+        patterns.push(absolutePath);
       }
     } catch (error: any) {
       if (error.code === 'ENOENT') {
@@ -152,13 +152,13 @@ export const crawl = async (options: CrawlOptions): Promise<string[]> => {
 
   const globbedFiles = await glob(searchPattern, {
     absolute: true,
-    nocase: true,
-    nodir: true,
+    caseSensitiveMatch: false,
+    onlyFiles: true,
     dot: includeHidden,
-    ignore: exclusionPatterns,
+    ignore: [`**/${exclusionPattern}`],
   });
-
-  return [...crawledFiles, ...globbedFiles].sort();
+  globbedFiles.push(...crawledFiles);
+  return globbedFiles.sort();
 };
 
 export const sha1 = (filepath: string) => {

docker/docker-compose.dev.yml

@@ -4,32 +4,32 @@
 
 name: immich-dev
 
-x-server-build: &server-common
-  image: immich-server-dev:latest
-  build:
-    context: ../
-    dockerfile: server/Dockerfile
-    target: dev
-  restart: always
-  volumes:
-    - ../server:/usr/src/app
-    - ../open-api:/usr/src/open-api
-    - ${UPLOAD_LOCATION}/photos:/usr/src/app/upload
-    - ${UPLOAD_LOCATION}/photos/upload:/usr/src/app/upload/upload
-    - /usr/src/app/node_modules
-    - /etc/localtime:/etc/localtime:ro
-  env_file:
-    - .env
-  ulimits:
-    nofile:
-      soft: 1048576
-      hard: 1048576
-
 services:
   immich-server:
     container_name: immich_server
-    command: ['/usr/src/app/bin/immich-dev', 'immich']
-    <<: *server-common
+    command: ['/usr/src/app/bin/immich-dev']
+    image: immich-server-dev:latest
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    build:
+      context: ../
+      dockerfile: server/Dockerfile
+      target: dev
+    restart: always
+    volumes:
+      - ../server:/usr/src/app
+      - ../open-api:/usr/src/open-api
+      - ${UPLOAD_LOCATION}/photos:/usr/src/app/upload
+      - ${UPLOAD_LOCATION}/photos/upload:/usr/src/app/upload/upload
+      - /usr/src/app/node_modules
+      - /etc/localtime:/etc/localtime:ro
+    env_file:
+      - .env
+    ulimits:
+      nofile:
+        soft: 1048576
+        hard: 1048576
     ports:
       - 3001:3001
       - 9230:9230
@@ -37,19 +37,6 @@ services:
       - redis
       - database
 
-  immich-microservices:
-    container_name: immich_microservices
-    command: ['/usr/src/app/bin/immich-dev', 'microservices']
-    <<: *server-common
-    # extends:
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
-    ports:
-      - 9231:9230
-    depends_on:
-      - database
-      - immich-server
-
   immich-web:
     container_name: immich_web
     image: immich-web-dev:latest
@@ -97,7 +84,9 @@ services:
 
   redis:
     container_name: immich_redis
-    image: redis:6.2-alpine@sha256:3fcb624d83a9c478357f16dc173c58ded325ccc5fd2a4375f3916c04cc579f70
+    image: redis:6.2-alpine@sha256:e31ca60b18f7e9b78b573d156702471d4eda038803c0b8e6f01559f350031e93
+    healthcheck:
+      test: redis-cli ping || exit 1
 
   database:
     container_name: immich_postgres
@@ -108,11 +97,18 @@ services:
       POSTGRES_PASSWORD: ${DB_PASSWORD}
       POSTGRES_USER: ${DB_USERNAME}
       POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
     volumes:
       - ${UPLOAD_LOCATION}/postgres:/var/lib/postgresql/data
     ports:
       - 5432:5432
-  
+    healthcheck:
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT SUM(checksum_failures) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      interval: 5m
+      start_interval: 30s
+      start_period: 5m
+    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
+
   # set IMMICH_METRICS=true in .env to enable metrics
   # immich-prometheus:
   #   container_name: immich_prometheus

docker/docker-compose.prod.yml

@@ -1,39 +1,26 @@
 name: immich-prod
 
-x-server-build: &server-common
-  image: immich-server:latest
-  build:
-    context: ../
-    dockerfile: server/Dockerfile
-  volumes:
-    - ${UPLOAD_LOCATION}/photos:/usr/src/app/upload
-    - /etc/localtime:/etc/localtime:ro
-  env_file:
-    - .env
-  restart: always
-
 services:
   immich-server:
     container_name: immich_server
-    command: ['start.sh', 'immich']
-    <<: *server-common
+    image: immich-server:latest
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    build:
+      context: ../
+      dockerfile: server/Dockerfile
+    volumes:
+      - ${UPLOAD_LOCATION}/photos:/usr/src/app/upload
+      - /etc/localtime:/etc/localtime:ro
+    env_file:
+      - .env
     ports:
       - 2283:3001
     depends_on:
       - redis
       - database
-
-  immich-microservices:
-    container_name: immich_microservices
-    command: ['start.sh', 'microservices']
-    <<: *server-common
-    # extends:
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
-    depends_on:
-      - redis
-      - database
-      - immich-server
+    restart: always
 
   immich-machine-learning:
     container_name: immich_machine_learning
@@ -54,7 +41,9 @@ services:
 
   redis:
     container_name: immich_redis
-    image: redis:6.2-alpine@sha256:3fcb624d83a9c478357f16dc173c58ded325ccc5fd2a4375f3916c04cc579f70
+    image: redis:6.2-alpine@sha256:e31ca60b18f7e9b78b573d156702471d4eda038803c0b8e6f01559f350031e93
+    healthcheck:
+      test: redis-cli ping || exit 1
     restart: always
 
   database:
@@ -66,17 +55,25 @@ services:
       POSTGRES_PASSWORD: ${DB_PASSWORD}
       POSTGRES_USER: ${DB_USERNAME}
       POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
     volumes:
       - ${UPLOAD_LOCATION}/postgres:/var/lib/postgresql/data
     ports:
       - 5432:5432
+    healthcheck:
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT SUM(checksum_failures) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      interval: 5m
+      start_interval: 30s
+      start_period: 5m
+    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
+    restart: always
 
   # set IMMICH_METRICS=true in .env to enable metrics
   immich-prometheus:
     container_name: immich_prometheus
     ports:
       - 9090:9090
-    image: prom/prometheus@sha256:4f6c47e39a9064028766e8c95890ed15690c30f00c4ba14e7ce6ae1ded0295b1
+    image: prom/prometheus@sha256:5c435642ca4d8427ca26f4901c11114023004709037880cd7860d5b7176aa731
     volumes:
       - ./prometheus.yml:/etc/prometheus/prometheus.yml
       - prometheus-data:/prometheus
@@ -88,7 +85,7 @@ services:
     command: ['./run.sh', '-disable-reporting']
     ports:
       - 3000:3000
-    image: grafana/grafana:10.4.1-ubuntu@sha256:65e0e7d0f0b001cb0478bce5093bff917677dc308dd27a0aa4b3ac38e4fd877c
+    image: grafana/grafana:11.0.0-ubuntu@sha256:02e99d1ee0b52dc9d3000c7b5314e7a07e0dfd69cc49bb3f8ce323491ed3406b
     volumes:
       - grafana-data:/var/lib/grafana
 

docker/docker-compose.yml

@@ -12,7 +12,9 @@ services:
   immich-server:
     container_name: immich_server
     image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
-    command: ['start.sh', 'immich']
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
     volumes:
       - ${UPLOAD_LOCATION}:/usr/src/app/upload
       - /etc/localtime:/etc/localtime:ro
@@ -25,23 +27,6 @@ services:
       - database
     restart: always
 
-  immich-microservices:
-    container_name: immich_microservices
-    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
-    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/hardware-transcoding
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
-    command: ['start.sh', 'microservices']
-    volumes:
-      - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /etc/localtime:/etc/localtime:ro
-    env_file:
-      - .env
-    depends_on:
-      - redis
-      - database
-    restart: always
-
   immich-machine-learning:
     container_name: immich_machine_learning
     # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
@@ -58,18 +43,27 @@ services:
 
   redis:
     container_name: immich_redis
-    image: registry.hub.docker.com/library/redis:6.2-alpine@sha256:51d6c56749a4243096327e3fb964a48ed92254357108449cb6e23999c37773c5
+    image: docker.io/redis:6.2-alpine@sha256:e31ca60b18f7e9b78b573d156702471d4eda038803c0b8e6f01559f350031e93
+    healthcheck:
+      test: redis-cli ping || exit 1
     restart: always
 
   database:
     container_name: immich_postgres
-    image: registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
+    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
     environment:
       POSTGRES_PASSWORD: ${DB_PASSWORD}
       POSTGRES_USER: ${DB_USERNAME}
       POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_INITDB_ARGS: '--data-checksums'
     volumes:
       - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
+    healthcheck:
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT SUM(checksum_failures) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      interval: 5m
+      start_interval: 30s
+      start_period: 5m
+    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
     restart: always
 
 volumes:

docker/example.env

@@ -2,6 +2,8 @@
 
 # The location where your uploaded files are stored
 UPLOAD_LOCATION=./library
+# The location where your database files are stored
+DB_DATA_LOCATION=./postgres
 
 # The Immich version to use. You can pin this to a specific version like "v1.71.0"
 IMMICH_VERSION=release
@@ -11,9 +13,5 @@ DB_PASSWORD=postgres
 
 # The values below this line do not need to be changed
 ###################################################################################
-DB_HOSTNAME=immich_postgres
 DB_USERNAME=postgres
 DB_DATABASE_NAME=immich
-DB_DATA_LOCATION=./postgres
-
-REDIS_HOSTNAME=immich_redis

docker/hwaccel.ml.yml

@@ -1,9 +1,7 @@
-version: "3.8"
-
 # Configurations for hardware-accelerated machine learning
 
 # If using Unraid or another platform that doesn't allow multiple Compose files,
-# you can inline the config for a backend by copying its contents 
+# you can inline the config for a backend by copying its contents
 # into the immich-machine-learning service in the docker-compose.yml file.
 
 # See https://immich.app/docs/features/ml-hardware-acceleration for info on usage.
@@ -30,7 +28,7 @@ services:
 
   openvino:
     device_cgroup_rules:
-      - "c 189:* rmw"
+      - 'c 189:* rmw'
     devices:
       - /dev/dri:/dev/dri
     volumes:

docker/hwaccel.transcoding.yml

@@ -1,5 +1,3 @@
-version: "3.8"
-
 # Configurations for hardware-accelerated transcoding
 
 # If using Unraid or another platform that doesn't allow multiple Compose files,

docs/.nvmrc

@@ -0,0 +1 @@
+20.13

docs/README.md

@@ -1,17 +1,17 @@
 # Website
 
-This website is built using [Docusaurus 2](https://docusaurus.io/), a modern static website generator.
+This website is built using [Docusaurus](https://docusaurus.io/), a modern static website generator.
 
 ### Installation
 
 ```
-$ yarn
+$ npm install
 ```
 
 ### Local Development
 
 ```
-$ yarn start
+$ npm run start
 ```
 
 This command starts a local development server and opens up a browser window. Most changes are reflected live without having to restart the server.
@@ -19,7 +19,7 @@ This command starts a local development server and opens up a browser window. Mo
 ### Build
 
 ```
-$ yarn build
+$ npm run build
 ```
 
 This command generates static content into the `build` directory and can be served using any static contents hosting service.
@@ -29,13 +29,13 @@ This command generates static content into the `build` directory and can be serv
 Using SSH:
 
 ```
-$ USE_SSH=true yarn deploy
+$ USE_SSH=true npm run deploy
 ```
 
 Not using SSH:
 
 ```
-$ GIT_USER=<Your GitHub username> yarn deploy
+$ GIT_USER=<Your GitHub username> npm run deploy
 ```
 
 If you are using GitHub pages for hosting, this command is a convenient way to build the website and push to the `gh-pages` branch.

docs/blog/2024/immich-core-team-goes-fulltime.mdx

@@ -0,0 +1,75 @@
+---
+title: The Immich core team goes full-time
+authors: [alextran]
+tags: [update, announcement, futo]
+date: 2024-05-01T00:00
+---
+
+**Immich is joining [FUTO](https://futo.org/)!**
+
+Since the beginning of this adventure, my goal has always been to create a better world for my children. Memories are priceless, and privacy should not be a luxury. However, building quality open source has its challenges. Over the past two years, it has taken significant dedication, time, and effort.
+
+Recently, a company in Austin, Texas, called FUTO contacted the team. FUTO strives to develop quality and sustainable open software. They build software alternatives that focus on giving control to users. From their mission statement:
+
+“Computers should belong to you, the people. We develop and fund technology to give them back.”
+
+FUTO loved Immich and wanted to see if we’d consider working with them to take the project to the next level. In short, FUTO offered to:
+
+- Pay the core team to work on Immich full-time
+- Let us keep full autonomy about the project’s direction and leadership
+- Continue to license Immich under AGPL
+- Keep Immich’s development direction with no paywalled features
+- Keep Immich “built for the people” (no ads, data mining/selling, or alternative motives)
+- Provide us with financial, technical, legal, and administrative support
+
+After careful deliberation, the team decided that FUTO’s vision closely aligns with our own: to build a better future by providing a polished, performant, and privacy-preserving open-source software solution for photo and video management delivered in a sustainable way.
+
+Immich’s future has never looked brighter, and we look forward to realizing our vision for Immich as part of FUTO.
+
+If you have more questions, we’ll host a Q&A live stream on May 9th at 3PM UTC (10AM CST). [You can ask questions here](https://www.live-ask.com/event/01HWP2SB99A1K8EXFBDKZ5Z9CF), and the stream will be live [here on our YouTube channel](https://youtube.com/live/cwz2iZwYpgg).
+
+Cheers,
+
+The Immich Team
+
+---
+
+## FAQs
+
+### What is FUTO?
+
+[https://futo.org/what-is-futo/](https://futo.org/what-is-futo/)
+
+### Will the license change?
+
+No. Immich will continue to be licensed under AGPL without a CLA.
+
+### Will Immich continue to be free?
+
+Yes. The Immich source code will remain freely available under the AGPL license.
+
+### Is Immich getting VC funding?
+
+No. Venture capital implies investment in a business, often with the expectation of a future payout (exit plan). Immich is neither a business that can be acquired nor comes with a money-making exit plan.
+
+### I am currently supporting Immich through GitHub sponsors. What will happen to my donation?
+
+Effective immediately, all donations to the Immich organization will be canceled. In the future, we will offer an optional, modest payment option instead. Thank you to everyone who donated to help us get this far!
+
+### How is funding sustainable?
+
+Immich and FUTO believe a sustainable future requires a model that does not rely on users-as-a-product. To this end, FUTO advocates that users pay for good, open software. In keeping with this model, we will adopt a purchase price. This means we no longer accept donations, but — _without limiting features for those who do not pay_ — we will soon allow you to purchase Immich through a modest payment. We encourage you to pay for the high-quality software you use to foster a healthy software culture where developers build great applications without hidden motives for their users.
+
+### When does this change take effect?
+
+This change takes effect immediately.
+
+### What will change?
+
+The following things will change as Immich joins FUTO:
+
+- The brand, logo, and other Immich trademarks will be transferred to FUTO.
+- We will stop all donations to the project.
+- The core team can now dedicate our full attention to Immich
+- Before the end of the year, we plan to have a roadmap for what it will take to get Immich to a stable release.
+- Bugs will be squashed, and features will be delivered faster.

docs/docs/FAQ.mdx

@@ -6,7 +6,7 @@
 
 The admin password can be reset by running the [reset-admin-password](/docs/administration/server-commands.md) command on the immich-server.
 
-### How can I see list of all users in Immich?
+### How can I see a list of all users in Immich?
 
 You can see the list of all users by running [list-users](/docs/administration/server-commands.md) Command on the Immich-server.
 
@@ -24,22 +24,43 @@ You can see the list of all users by running [list-users](/docs/administration/s
 
 ### I cannot log into the application after an update. What can I do?
 
-First, verify that the mobile app and server are both running the same version (major and minor).
+Verify that the mobile app and server are both running the same version (major and minor).
 
 :::note
-App store updates sometimes take longer because the stores (Google play store and Apple app store)
-need to approve the update first which may take some time.
+App store updates sometimes take longer because the stores (Google Play Store and Apple App Store)
+need to approve the update first, and it can take some time.
 :::
 
-If you still cannot login to the app, try the following:
+If you still cannot log in to the app, try the following:
 
 - Check the mobile logs
 - Make sure login credentials are correct by logging in on the web app
 
+### Why does foreground backup stop when I navigate away from the app? Shouldn't it transfer the job to background backup?
+
+Foreground backup and background backup are two separate mechanisms. They don't communicate or interact with each other.
+
+Foreground backup is controlled by the user's action, while background backup is controlled by your device's operating system. When the app is put in the background, the invocation of background tasks is delegated to the device's operating system scheduler. It decides when the background task can run and how long it can run.
+
+The behaviors differ based on your device manufacturer and operating system, but most are related to battery-saving policies.
+
+### Why is background backup on iOS not working?
+
+On iOS (iPhone and iPad), the operating system determines if a particular app can invoke background tasks based on multiple factors, most of which the Immich app has no control over. To increase the likelihood that the background backup task is run, follow the steps below:
+
+- Enable Background App Refresh for Immich in the iOS settings at `Settings > General > Background App Refresh`.
+- Disable Background App Refresh for apps that don't need background tasks to run. This will reduce the competition for background task invocation for Immich.
+- Use the Immich app more often.
+
 ---
 
 ## Assets
 
+### Does Immich change the file?
+
+No, Immich does not touch the original file under any circumstances,  
+all edited metadata are saved in the companion sidecar file and the database.
+
 ### Can I add my existing photo library?
 
 Yes, with an [External Library](/docs/features/libraries.md).
@@ -50,11 +71,11 @@ Template changes will only apply to _new_ assets. To retroactively apply the tem
 
 ### Why are only photos and not videos being uploaded to Immich?
 
-This often happens when using a reverse proxy (such as nginx or Cloudflare tunnel) in front of Immich. Make sure to set your reverse proxy to allow large `POST` requests. In `nginx`, set `client_max_body_size 50000M;` or similar. Also check the disk space of your reverse proxy, in some cases proxies cache requests to disk before passing them on, and if disk space runs out the request fails.
+This often happens when using a reverse proxy (such as Nginx or Cloudflare tunnel) in front of Immich. Make sure to set your reverse proxy to allow large `POST` requests. In `nginx`, set `client_max_body_size 50000M;` or similar. Also, check the disk space of your reverse proxy. In some cases, proxies cache requests to disk before passing them on, and if disk space runs out, the request fails.
 
 ### Why are some photos stored in the file system with the wrong date?
 
-There are a few different scenarios that can lead to this situation. The solution is to run the storage migration job again. The job is only _automatically_ run once per asset, after upload. If metadata extraction originally failed, the jobs were cleared/cancelled, etc. the job may not have run automatically the first time.
+There are a few different scenarios that can lead to this situation. The solution is to rerun the storage migration job. The job is only automatically run once per asset after upload. If metadata extraction originally failed, the jobs were cleared/canceled, etc., the job may not have run automatically the first time.
 
 ### How can I hide photos from the timeline?
 
@@ -68,23 +89,27 @@ See [Backup and Restore](/docs/administration/backup-and-restore.md).
 
 No, it currently does not. There is an [open feature request on GitHub](https://github.com/immich-app/immich/discussions/4348).
 
-### Does Immich support filtering of NSFW images?
+### Does Immich support the filtering of NSFW images?
 
 No, it currently does not. There is an [open feature request on Github](https://github.com/immich-app/immich/discussions/2451).
 
 ### Why are there so many thumbnail generation jobs?
 
-There are three thubmanil jobs for each asset:
+There are three thumbnail jobs for each asset:
 
 - Blurred (thumbhash)
-- Small (webp)
-- Large (jpeg)
+- Preview (Webp)
+- Thumbnail (Jpeg)
 
 Also, there are additional jobs for person (face) thumbnails.
 
+### Why do files from WhatsApp not appear with the correct date?
+
+Files sent on WhatsApp are saved without metadata on the file. Therefore, Immich has no way of knowing the original date of the file when files are uploaded from WhatsApp, not the order of arrival on the device. [See #3527](https://github.com/immich-app/immich/issues/3527).
+
 ### What happens if an asset exists in more than one account?
 
-There are no requirements for assets to be unique across users. If multiple users upload the same image they are processed as if they were distinct assets and jobs run and thumbnails are generated accordingly.
+There are no requirements for assets to be unique across users. If multiple users upload the same image, it is processed as if it were a distinct asset, and jobs run and thumbnails are generated accordingly.
 
 ### Why do HDR videos appear pale in Immich player but look normal after download?
 
@@ -96,45 +121,46 @@ Immich always keeps your original files. Alongside that, it generates a transcod
 
 ### How can I delete transcoded videos without deleting the original?
 
-The transcoded version of an asset can be deleted by setting a transcode policy that makes it unnecessary, then running a transcoding job for that asset. This can be done on a per-asset basis by starting a transcoding job for a single asset with the _Refresh encoded videos_ button in the asset viewer options, or for all assets by running transcoding jobs for all assets from the administration page.
+The transcoded version of an asset can be deleted by setting a transcode policy that makes it unnecessary and then running a transcoding job for that asset. This can be done on a per-asset basis by starting a transcoding job for a single asset with the _Refresh encoded videos_ button in the asset viewer options or for all assets by running transcoding jobs for all assets from the administration page.
 
 To update the transcode policy, navigate to Administration > Video Transcoding Settings > Transcoding Policy and select a policy from the drop-down. This policy will determine whether an existing transcode will be deleted or overwritten in the transcoding job. If a video should be transcoded according to this policy, an existing transcode is overwritten. If not, then it is deleted.
 
 :::note
-For example, say you have existing transcodes with the policy "Videos higher than normal resolution or not in the desired format" and switch to a narrower policy: "Videos not in the desired format". If an asset was only transcoded due to its resolution, then running a transcoding job for it will now delete the existing transcode. This is because resolution is no longer part of the transcode policy and the transcode is unnecessary as a result. Likewise, if you set the policy to "Don't transcode any videos" and run transcoding jobs for all assets, this will delete all existing transcodes as they are all unnecessary.
+For example, say you have existing transcodes with the policy "Videos higher than normal resolution or not in the desired format" and switch to a narrower policy: "Videos not in the desired format." If an asset was only transcoded due to its resolution, running a transcoding job for it will delete the existing transcode. This is because resolution is no longer part of the transcode policy and the transcode is unnecessary. Likewise, if you set the policy to "Don't transcode any videos" and run transcoding jobs for all assets, this will delete all existing transcodes as they are unnecessary.
 :::
 
 ### Is it possible to compress images during backup?
 
-No. Our golden rule is that the original assets should always be untouched, so we don't think this feature is a good fit for Immich.
+No. Our design principle is that the original assets should always be untouched.
 
-### How can I move all data (photos, persons, albums) from one user to another?
+### How can I move all data (photos, persons, albums, libraries) from one user to another?
 
-This is not officially supported, but can be accomplished with some database updates. You can do this on the command line (in the PostgreSQL container using the `psql` command), or you can add for example an [Adminer](https://www.adminer.org/) container to the `docker-compose.yml` file, so that you can use a web-interface.
-
-:::warning
-This is an advanced operation. If you can't do it with the steps described here, this is not for you.
-:::
+This is not officially supported but can be accomplished with some database updates. You can do this on the command line (in the PostgreSQL container using the `psql` command), or you can add, for example, an [Adminer](https://www.adminer.org/) container to the `docker-compose.yml` file so that you can use a web interface.
 
 <details>
 <summary>Steps</summary>
 
 1. **MAKE A BACKUP** - See [backup and restore](/docs/administration/backup-and-restore.md).
 
-2. Find the id of both the 'source' and the 'destination' user (it's the id column in the users table)
+2. Find the ID of both the 'source' and the 'destination' user (it's the id column in the `users` table)
 
-3. Three tables need to be updated:
+3. Four tables need to be updated:
 
 ```sql
-// reassign albums
+BEGIN;
+-- reassign albums
 UPDATE albums SET "ownerId" = '<destinationId>' WHERE "ownerId" = '<sourceId>';
 
-// reassign people
+-- reassign people
 UPDATE person SET "ownerId" = '<destinationId>' WHERE "ownerId" = '<sourceId>';
 
-// reassign assets
+-- reassign assets
 UPDATE assets SET "ownerId" = '<destinationId>' WHERE "ownerId" = '<sourceId>'
  AND CHECKSUM NOT IN (SELECT CHECKSUM FROM assets WHERE "ownerId" = '<destinationId>');
+
+-- reassign external libraries
+UPDATE libraries SET "ownerId" = '<destinationId>' WHERE "ownerId" = '<sourceId>';
+COMMIT;
 ```
 
 4. There might be left-over assets in the 'source' user's library if they are skipped by the last query because of duplicate checksums. These are probably duplicates anyway, and can probably be removed.
@@ -159,7 +185,7 @@ No, not yet. For updates on this planned feature, follow the [GitHub discussion]
 
 ### Can I add an external library while keeping the existing album structure?
 
-We haven't put in an official mechanism to create albums from external libraries at the moment, but there are some [workarounds from the community](https://github.com/immich-app/immich/discussions/4279) to help you achieve that.
+We haven't implemented an official mechanism for creating albums from external libraries, but there are some [workarounds from the community](https://github.com/immich-app/immich/discussions/4279) to help you achieve that.
 
 ### What happens to duplicates in external libraries?
 
@@ -171,7 +197,7 @@ Duplicate checking only exists for upload libraries, using the file hash. Furthe
 
 ### How does smart search work?
 
-Immich uses CLIP models, for more information about CLIP and its capabilities read about it [here](https://openai.com/research/clip).
+Immich uses CLIP models. For more information about CLIP and its capabilities, read about it [here](https://openai.com/research/clip).
 
 ### How does facial recognition work?
 
@@ -189,33 +215,31 @@ However, disabling all jobs will not disable the machine learning service itself
 
 ### I'm getting errors about models being corrupt or failing to download. What do I do?
 
-You can delete the model cache volume, which is where models are downloaded to. This will give the service a clean environment to download the model again. If models are failing to download entirely, you can manually download them from [Huggingface](https://huggingface.co/immich-app) and place them in the cache folder.
-
-### Why did Immich decide to remove object detection?
-
-The feature added keywords to images for metadata search, but wasn't used for smart search. Smart search made it unnecessary as it isn't limited to exact keywords. Combined with it causing crashes on some devices, using many dependencies and causing user confusion as to how search worked, it was better to remove the job altogether.
-For more info see [here](https://github.com/immich-app/immich/pull/5903)
+You can delete the model cache volume, where models are downloaded. This will give the service a clean environment to download the model again. If models are failing to download entirely, you can manually download them from [Huggingface][huggingface] and place them in the cache folder.
 
 ### Can I use a custom CLIP model?
 
-No, this is not supported. Only models listed in the [Huggingface](https://huggingface.co/immich-app) page are compatible. Feel free to make a feature request if there's a model not listed here that you think should be added.
+No, this is not supported. Only models listed in the [Huggingface][huggingface] page are compatible. Feel free to make a feature request if there's a model not listed here that you think should be added.
 
 ### I want to be able to search in other languages besides English. How can I do that?
 
 You can change to a multilingual model listed [here](https://huggingface.co/collections/immich-app/multilingual-clip-654eb08c2382f591eeb8c2a7) by going to Administration > Machine Learning Settings > Smart Search and replacing the name of the model. Be sure to re-run Smart Search on all assets after this change. You can then search in over 100 languages.
 
 :::note
-Feel free to make a feature request if there's a model you want to use that isn't in [Immich Huggingface list](https://huggingface.co/immich-app).
+Feel free to make a feature request if there's a model you want to use that isn't in [Immich Huggingface list][huggingface].
 :::
 
-### Does Immich support Facial Recognition for videos ?
+### Does Immich support Facial Recognition for videos?
 
-Immich's machine learning feature operate on the generated thumbnail. If a face is visible in the video's thumbnail it will be picked up by facial recognition.
+Immich's machine learning feature operates on the generated thumbnail. If a face is visible in the video's thumbnail it will be picked up by facial recognition.
 Scanning the entire video for faces may be implemented in the future.
 
 ### Does Immich have animal recognition?
 
 No.
+:::tip
+You can use [Smart Search](/docs/features/smart-search.md) for this to some extent. For example, if you have a Golden Retriever and a Chihuahua, type these words in the smart search and watch the results.
+:::
 
 ### I'm getting a lot of "faces" that aren't faces, what can I do?
 
@@ -224,14 +248,19 @@ to increase the bar for what the algorithm considers a "core face" for that pers
 
 ### The immich_model-cache volume takes up a lot of space, what could be the problem?
 
-If you installed several models and chose not to use some of them, it might be worth deleting the old models that are in immich_model-cache.
+If you installed several models and chose not to use some of them, it might be worth deleting the old models that are in immich_model-cache. To do this you can mount the model cache and remove the undesired models.
 
-To do this you can run:
+<details>
+<summary>Steps</summary>
 
-- `docker run -it --rm -v immich_model-cache:/mnt ubuntu bash`
-- `cd mnt`
-- `ls`
-- and delete unused models with `rm -r <model_name>`.
+```bash
+docker run -it --rm -v immich_model-cache:/mnt-models alpine sh
+cd /mnt-models
+ls clip/ facial-recognition/
+# rm -r clip/ABC facial-recognition/DEF # delete unused models
+```
+
+</details>
 
 ---
 
@@ -248,13 +277,16 @@ The initial backup is the most intensive due to the number of jobs running. The
 - Lower the job concurrency for these jobs to 1.
 - Under Settings > Transcoding Settings > Threads, set the number of threads to a low number like 1 or 2.
 - Under Settings > Machine Learning Settings > Facial Recognition > Model Name, you can change the facial recognition model to `buffalo_s` instead of `buffalo_l`. The former is a smaller and faster model, albeit not as good.
-  - You _must_ re-run the Face Detection job for all images after this for facial recognition on new images to work properly.
-- If these changes are not enough, see [below](/docs/FAQ#how-can-i-disable-machine-learning) for how you can disable machine learning.
+- For facial recognition on new images to work properly, You must re-run the Face Detection job for all images after this.
+- If these changes are not enough, see [below](/docs/FAQ#how-can-i-disable-machine-learning) for instructions on how to disable machine learning.
 
 ### Can I limit the amount of CPU and RAM usage?
 
 By default, a container has no resource constraints and can use as much of a given resource as the host's kernel scheduler allows. To limit this, you can add the following to the `docker-compose.yml` block of any containers that you want to have limited resources.
 
+<details>
+<summary>docker-compose.yml</summary>
+
 ```yaml
 deploy:
   resources:
@@ -265,6 +297,7 @@ deploy:
       memory: '1G'
 ```
 
+</details>
 For more details, you can look at the [original docker docs](https://docs.docker.com/config/containers/resource_constraints/) or use this [guide](https://www.baeldung.com/ops/docker-memory-limit).
 
 ### How can I boost machine learning speed?
@@ -280,13 +313,17 @@ On a normal machine, 2 or 3 concurrent jobs can probably max the CPU. Beyond thi
 
 Do not exaggerate with the amount of jobs because you're probably thoroughly overloading the server.
 
-More detail can be found [here](https://discord.com/channels/979116623879368755/994044917355663450/1174711719994605708)
+More details can be found [here](https://discord.com/channels/979116623879368755/994044917355663450/1174711719994605708)
 :::
 
 ### Why is Immich using so much of my CPU?
 
-When a large amount of assets are uploaded to Immich it makes sense that the CPU and RAM will be heavily used due to machine learning work and creating image thumbnails.
-Once this process completes, the percentage of CPU usage will drop to around 3-5% usage
+When a large number of assets are uploaded to Immich, it makes sense that the CPU and RAM will be heavily used for machine learning work and creating image thumbnails.
+Once this process is completed, the percentage of CPU usage will drop to around 3-5% usage
+
+### My server shows Server Status Offline | Version Unknown what can I do?
+
+You need to enable Websocket on your reverse proxy.
 
 ---
 
@@ -309,24 +346,27 @@ The non-root user/group needs read/write access to the volume mounts, including
 
 For a further hardened system, you can add the following block to every container except for `immich_postgres`.
 
+<details>
+<summary>docker-compose.yml</summary>
+
 ```yaml
 security_opt:
-  # Prevent escalation of privileges after container is started
+  # Prevent escalation of privileges after the container is started
   - no-new-privileges:true
 cap_drop:
   # Prevent access to raw network traffic
   - NET_RAW
 ```
 
-### How can I **purge** data from Immich?
+</details>
+
+### How can I purge data from Immich?
 
 Data for Immich comes in two forms:
 
-1. **Metadata** stored in a postgres database, persisted via the `pg_data` volume
+1. **Metadata** stored in a Postgres database, stored in the `DB_DATA_LOCATION` folder (previously `pg_data` Docker volume).
 2. **Files** (originals, thumbs, profile, etc.), stored in the `UPLOAD_LOCATION` folder, more [info](/docs/administration/backup-and-restore#asset-types-and-storage-locations).
 
-To remove the **Metadata** you can stop Immich and delete the volume.
-
 :::warning
 This will destroy your database and reset your instance, meaning that you start from scratch.
 :::
@@ -335,13 +375,16 @@ This will destroy your database and reset your instance, meaning that you start
 docker compose down -v
 ```
 
+After removing the containers and volumes, there are a few directories that need to be deleted to reset Immich to a new installation. Once they are deleted, Immich can be started back up and will be a fresh installation.
+
+- `DB_DATA_LOCATION` contains the database, media info, and settings.
+- `UPLOAD_LOCATION` contains all the media uploaded to Immich.
+
 :::note Portainer
 If you use portainer, bring down the stack in portainer. Go into the volumes section  
 and remove all the volumes related to immich then restart the stack.
 :::
 
-After removing the containers and volumes, the **Files** should be removed from the `UPLOAD_LOCATION` to provide a clean start.
-
 ### Why does the machine learning service report workers crashing?
 
 :::note
@@ -356,6 +399,47 @@ If it mentions SIGILL (note the lack of a K) or error code 132, it most likely m
 
 If your version of Immich is below 1.92.0 and the crash occurs after logs about tracing or exporting a model, consider either upgrading or disabling the Tag Objects job.
 
-### Why does Immich log migration errors on startup?
+## Database
 
-Sometimes Immich logs errors such as "duplicate key value violates unique constraint" or "column (...) of relation (...) already exists". Because of Immich's container structure, this error can be seen when both immich and immich-microservices start at the same time and attempt to migrate or create the database structure. Since the database migration is run sequentially and inside of transactions, this error message does not cause harm to your installation of Immich and can safely be ignored. If needed, you can manually restart Immich by running `docker restart immich immich-microservices`.
+### Why am I getting database ownership errors?
+
+If you get database errors such as `FATAL:  data directory "/var/lib/postgresql/data" has wrong ownership` upon database startup, this is likely due to an issue with your filesystem.
+NTFS and ex/FAT/32 filesystems are not supported. See [here](/docs/install/environment-variables#supported-filesystems) for more details.
+
+### How can I verify the integrity of my database?
+
+If you installed Immich using v1.104.0 or later, you likely have database checksums enabled by default. You can check this by running the following command.
+A result of `on` means that checksums are enabled.
+
+<details>
+<summary>Check if checksums are enabled</summary>
+
+```bash
+docker exec -it immich_postgres psql --dbname=immich --username=<DB_USERNAME> --command="show data_checksums"
+ data_checksums
+----------------
+ on
+(1 row)
+```
+
+</details>
+
+If checksums are enabled, you can check the status of the database with the following command. A normal result is all zeroes.
+
+<details>
+<summary>Check for database corruption</summary>
+
+```bash
+docker exec -it immich_postgres psql --dbname=immich --username=<DB_USERNAME> --command="SELECT datname, checksum_failures, checksum_last_failure FROM pg_stat_database WHERE datname IS NOT NULL"
+  datname  | checksum_failures | checksum_last_failure
+-----------+-------------------+-----------------------
+ postgres  |                 0 |
+ immich    |                 0 |
+ template1 |                 0 |
+ template0 |                 0 |
+(4 rows)
+```
+
+</details>
+
+[huggingface]: https://huggingface.co/immich-app

docs/docs/administration/backup-and-restore.md

@@ -15,10 +15,14 @@ Immich saves [file paths in the database](https://github.com/immich-app/immich/d
 Refer to the official [postgres documentation](https://www.postgresql.org/docs/current/backup.html) for details about backing up and restoring a postgres database.
 :::
 
-The recommended way to backup and restore the Immich database is to use the `pg_dumpall` command.
+The recommended way to backup and restore the Immich database is to use the `pg_dumpall` command. When restoring, you need to delete the `DB_DATA_LOCATION` folder (if it exists) to reset the database.
+
+:::caution
+It is not recommended to directly backup the `DB_DATA_LOCATION` folder. Doing so while the database is running can lead to a corrupted backup that cannot be restored.
+:::
 
 <Tabs>
-  <TabItem value="Linux system based Backup" label="Linux system based Backup" default>
+  <TabItem value="Linux system" label="Linux system" default>
 
 ```bash title='Backup'
 docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgres | gzip > "/path/to/backup/dump.sql.gz"
@@ -26,16 +30,19 @@ docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgre
 
 ```bash title='Restore'
 docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch.
+# rm -rf DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch.
 docker compose pull     # Update to latest version of Immich (if desired)
 docker compose create   # Create Docker containers for Immich apps without running them.
 docker start immich_postgres    # Start Postgres server
 sleep 10    # Wait for Postgres server to start up
-gunzip < "/path/to/backup/dump.sql.gz" | docker exec -i immich_postgres psql --username=postgres    # Restore Backup
+gunzip < "/path/to/backup/dump.sql.gz" \
+| sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
+| docker exec -i immich_postgres psql --username=postgres    # Restore Backup
 docker compose up -d    # Start remainder of Immich apps
 ```
 
 </TabItem>
-  <TabItem value="Windows system based Backup" label="Windows system based Backup">
+  <TabItem value="Windows system (PowerShell)" label="Windows system (PowerShell)">
 
 ```powershell title='Backup'
 docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgres > "\path\to\backup\dump.sql"
@@ -43,11 +50,12 @@ docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgre
 
 ```powershell title='Restore'
 docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch.
+# Remove-Item -Recurse -Force DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch.
 docker compose pull     # Update to latest version of Immich (if desired)
 docker compose create   # Create Docker containers for Immich apps without running them.
 docker start immich_postgres    # Start Postgres server
 sleep 10    # Wait for Postgres server to start up
-gc "C:\path\to\backup\dump.sql" | docker exec -i immich_postgres psql --username=postgres    # Restore Backup
+gc "C:\path\to\backup\dump.sql" | docker exec -i immich_postgres psql --username=postgres   # Restore Backup
 docker compose up -d    # Start remainder of Immich apps
 ```
 
@@ -56,6 +64,10 @@ docker compose up -d    # Start remainder of Immich apps
 
 Note that for the database restore to proceed properly, it requires a completely fresh install (i.e. the Immich server has never run since creating the Docker containers). If the Immich app has run, Postgres conflicts may be encountered upon database restoration (relation already exists, violated foreign key constraints, multiple primary keys, etc.).
 
+:::tip
+Some deployment methods make it difficult to start the database without also starting the server or microservices. In these cases, you may set the environmental variable `DB_SKIP_MIGRATIONS=true` before starting the services. This will prevent the server from running migrations that interfere with the restore process. Note that both the server and microservices must have this variable set to prevent the migrations from running. Be sure to remove this variable and restart the services after the database is restored.
+:::
+
 The database dumps can also be automated (using [this image](https://github.com/prodrigestivill/docker-postgres-backup-local)) by editing the docker compose file to match the following:
 
 ```yaml
@@ -71,6 +83,7 @@ services:
       POSTGRES_CLUSTER: 'TRUE'
       POSTGRES_USER: ${DB_USERNAME}
       POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
       SCHEDULE: "@daily"
       POSTGRES_EXTRA_OPTS: '--clean --if-exists'
       BACKUP_DIR: /db_dumps
@@ -83,7 +96,9 @@ services:
 Then you can restore with the same command but pointed at the latest dump.
 
 ```bash title='Automated Restore'
-gunzip < db_dumps/last/immich-latest.sql.gz | docker exec -i immich_postgres psql --username=postgres
+gunzip < db_dumps/last/immich-latest.sql.gz \
+| sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
+| docker exec -i immich_postgres psql --username=postgres
 ```
 
 :::note
@@ -94,12 +109,16 @@ Example: `gunzip < "/path/to/backup/dump.sql.gz" | sed "s/SELECT pg_catalog.set_
 
 ## Filesystem
 
-Immich stores two types of content in the filesystem: (1) original, unmodified content, and (2) generated content. Only the original content needs to be backed-up, which includes the following folders:
+Immich stores two types of content in the filesystem: (1) original, unmodified assets (photos and videos), and (2) generated content. Only the original content needs to be backed-up, which is stored in the following folders:
 
 1. `UPLOAD_LOCATION/library`
 2. `UPLOAD_LOCATION/upload`
 3. `UPLOAD_LOCATION/profile`
 
+:::caution
+If you moved some of these folders onto a different storage device, such as `profile/`, make sure to adjust the backup path to match your setup
+:::
+
 ### Asset Types and Storage Locations
 
 Some storage locations are impacted by the Storage Template. See below for more details.
@@ -108,7 +127,8 @@ Some storage locations are impacted by the Storage Template. See below for more
   <TabItem value="Storage Template Off (Default)." label="Storage Template Off (Default)." default>
 
 :::note
-`UPLOAD_LOCATION/library` folder is not used by default on new machines running version 1.92.0. These are if the system administrator activated the storage template engine, for [more info](https://github.com/immich-app/immich/releases/tag/v1.92.0#:~:text=the%20partner%E2%80%99s%20assets.-,Hardening%20storage%20template).
+The `UPLOAD_LOCATION/library` folder is not used by default on new machines running version 1.92.0. It is used only if the system administrator activated the storage template engine,
+for more info read the [release notes](https://github.com/immich-app/immich/releases/tag/v1.92.0#:~:text=the%20partner%E2%80%99s%20assets.-,Hardening%20storage%20template).
 :::
 
 **1. User-Specific Folders:**
@@ -120,16 +140,16 @@ Some storage locations are impacted by the Storage Template. See below for more
 
 - **Source Assets:**
   - Original assets uploaded through the browser interface & mobile & CLI.
-  - Stored in `/library/upload/<userID>`.
+  - Stored in `UPLOAD_LOCATION/upload/<userID>`.
 - **Avatar Images:**
   - User profile images.
-  - Stored in `/library/profile/<userID>`.
+  - Stored in `UPLOAD_LOCATION/profile/<userID>`.
 - **Thumbs Images:**
-  - Preview images (blurred, small, large) for each asset and thumbnails for recognized faces.
-  - Stored in `/library/thumbs/<userID>`.
+  - Preview images (small thumbnails and large previews) for each asset and thumbnails for recognized faces.
+  - Stored in `UPLOAD_LOCATION/thumbs/<userID>`.
 - **Encoded Assets:**
-  - By default, unless otherwise specified re-encoded video assets for wider compatibility.
-  - Stored in `/library/encoded-video/<userID>`.
+  - Videos that have been re-encoded from the original for wider compatibility. The original is not removed.
+  - Stored in `UPLOAD_LOCATION/encoded-video/<userID>`.
 
 </TabItem>
   <TabItem value="Storage Template On" label="Storage Template On">
@@ -137,34 +157,34 @@ Some storage locations are impacted by the Storage Template. See below for more
 :::note
 If you choose to activate the storage template engine, it will move all assets to `UPLOAD_LOCATION/library/<userID>`.
 
-When you turn off the storage template engine, it will leave the assets in `UPLOAD_LOCATION/library/<userID>` and will not return them to `/library/upload`.  
-**New assets** will be saved to `/library/upload`.
+When you turn off the storage template engine, it will leave the assets in `UPLOAD_LOCATION/library/<userID>` and will not return them to `UPLOAD_LOCATION/upload`.  
+**New assets** will be saved to `UPLOAD_LOCATION/upload`.
 :::
 
 **1. User-Specific Folders:**
 
 - Each user has a unique string representing them.
-  - The main user is "Admin" (but only for `UPLOAD_LOCATION/library`)
-  - Other users have different string identifiers.
-- You can find your user ID in Account Account Settings -> Account -> User ID.
+  - The administrator can set a Storage Label for a user, which will be used instead of `<userID>` for the `library/` folder.
+  - The Admin has a default storage label of `admin`.
+- You can find your user ID and Storage Label in Account Account Settings -> Account -> User ID.
 
 **2. Asset Types and Storage Locations:**
 
 - **Source Assets:**
-  - Original assets uploaded through the browser interface & mobile & CLI.
+  - Original assets uploaded through the browser interface, mobile, and CLI.
   - Stored in `UPLOAD_LOCATION/library/<userID>`.
 - **Avatar Images:**
   - User profile images.
-  - Stored in `/library/profile/<userID>`.
+  - Stored in `UPLOAD_LOCATION/profile/<userID>`.
 - **Thumbs Images:**
   - Preview images (blurred, small, large) for each asset and thumbnails for recognized faces.
-  - Stored in `/library/thumbs/<userID>`.
+  - Stored in `UPLOCAD_LOCATION/thumbs/<userID>`.
 - **Encoded Assets:**
-  - By default, unless otherwise specified re-encoded video assets for wider compatibility .
-  - Stored in `/library/encoded-video/<userID>`.
+  - Videos that have been re-encoded from the original for wider compatibility. The original is not removed.
+  - Stored in `UPLOAD_LOCATION/encoded-video/<userID>`.
 - **Files in Upload Queue (Mobile):**
   - Files uploaded through mobile apps.
-  - Temporarily located in `/library/upload/<userID>`.
+  - Temporarily located in `UPLOAD_LOCATION/upload/<userID>`.
   - Transferred to `UPLOAD_LOCATION/library/<userID>` upon successful upload.
 
 </TabItem>

docs/docs/administration/oauth.md

@@ -52,8 +52,8 @@ Before enabling OAuth in Immich, a new client application needs to be configured
 
    Hostname
 
-   - `https://immich.example.com/auth/login`)
-   - `https://immich.example.com/user-settings`)
+   - `https://immich.example.com/auth/login`
+   - `https://immich.example.com/user-settings`
 
 ## Enable OAuth
 
@@ -110,8 +110,44 @@ Immich has a route (`/api/oauth/mobile-redirect`) that is already configured to
 
 ## Example Configuration
 
+<details>
+<summary>Authentik Example</summary>
+
+### Authentik Example
+
 Here's an example of OAuth configured for Authentik:
 
-![OAuth Settings](./img/oauth-settings.png)
+<img src={require('./img/oauth-settings.png').default} title="OAuth settings" />
+
+</details>
+
+<details>
+<summary>Google Example</summary>
+
+### Google Example
+
+Configuration of Authorised redirect URIs (Google Console)
+
+<img src={require('./img/google-example.webp').default} width='50%' title="Authorised redirect URIs" />
+
+Configuration of OAuth in System Settings
+
+| Setting                      | Value                                                                                                  |
+| ---------------------------- | ------------------------------------------------------------------------------------------------------ |
+| Issuer URL                   | [https://accounts.google.com](https://accounts.google.com)                                             |
+| Client ID                    | 7\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***vuls.apps.googleusercontent.com                           |
+| Client Secret                | G\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***OO                                                        |
+| Scope                        | openid email profile                                                                                   |
+| Signing Algorithm            | RS256                                                                                                  |
+| Storage Label Claim          | preferred_username                                                                                     |
+| Storage Quota Claim          | immich_quota                                                                                           |
+| Default Storage Quota (GiB)  | 0 (0 for unlimited quota)                                                                              |
+| Button Text                  | Sign in with Google (optional)                                                                         |
+| Auto Register                | Enabled (optional)                                                                                     |
+| Auto Launch                  | Enabled                                                                                                |
+| Mobile Redirect URI Override | Enabled (required)                                                                                     |
+| Mobile Redirect URI          | [https://demo.immich.app/api/oauth/mobile-redirect](https://demo.immich.app/api/oauth/mobile-redirect) |
+
+</details>
 
 [oidc]: https://openid.net/connect/

docs/docs/administration/postgres-standalone.md

@@ -5,14 +5,16 @@ While not officially recommended, it is possible to run Immich using a pre-exist
 By default, Immich expects superuser permission on the Postgres database and requires certain extensions to be installed. This guide outlines the steps required to prepare a pre-existing Postgres server to be used by Immich.
 
 :::tip
-Running with a pre-existing Postgres server can unlock powerful administrative features, including logical replication, data page checksums, and streaming write-ahead log backups using programs like pgBackRest or Barman.
+Running with a pre-existing Postgres server can unlock powerful administrative features, including logical replication and streaming write-ahead log backups using programs like pgBackRest or Barman.
 :::
 
 ## Prerequisites
 
-You must install pgvecto.rs using their [instructions](https://docs.pgvecto.rs/getting-started/installation.html). After installation, add `shared_preload_libraries = 'vectors.so'` to your `postgresql.conf`. If you already have some `shared_preload_libraries` set, you can separate each extension with a comma. For example, `shared_preload_libraries = 'pg_stat_statements, vectors.so'`.
+You must install pgvecto.rs into your instance of Postgres using their [instructions][vectors-install]. After installation, add `shared_preload_libraries = 'vectors.so'` to your `postgresql.conf`. If you already have some `shared_preload_libraries` set, you can separate each extension with a comma. For example, `shared_preload_libraries = 'pg_stat_statements, vectors.so'`.
 
 :::note
+Immich is known to work with Postgres versions 14, 15, and 16. Earlier versions are unsupported.
+
 Make sure the installed version of pgvecto.rs is compatible with your version of Immich. For example, if your Immich version uses the dedicated database image `tensorchord/pgvecto-rs:pg14-v0.2.1`, you must install pgvecto.rs `>= 0.2.1, < 0.3.0`.
 :::
 
@@ -50,8 +52,7 @@ ALTER DATABASE <immichdatabasename> OWNER TO <immichdbusername>;
 CREATE EXTENSION vectors;
 CREATE EXTENSION earthdistance CASCADE;
 ALTER DATABASE <immichdatabasename> SET search_path TO "$user", public, vectors;
-GRANT USAGE ON SCHEMA vectors TO <immichdbusername>;
-ALTER DEFAULT PRIVILEGES IN SCHEMA vectors GRANT SELECT ON TABLES TO <immichdbusername>;
+ALTER SCHEMA vectors OWNER TO <immichdbusername>;
 COMMIT;
 ```
 
@@ -63,4 +64,6 @@ When installing a new version of pgvecto.rs, you will need to manually update th
 
 #### Permission denied for view
 
-If you get the error `driverError: error: permission denied for view pg_vector_index_stat`, you can fix this by connecting to the Immich database and running `GRANT SELECT ON TABLE pg_vector_index_stat to <immichdbusername>;`.
+If you get the error `driverError: error: permission denied for view pg_vector_index_stat`, you can fix this by connecting to the Immich database and running `GRANT SELECT ON TABLE pg_vector_index_stat TO <immichdbusername>;`.
+
+[vectors-install]: https://docs.pgvecto.rs/getting-started/installation.html

docs/docs/administration/repair-page.md

@@ -18,7 +18,7 @@ In any other situation, there are 3 different options that can appear:
 
 - MATCHES - These files are matched by their checksums.
 
-- OFFLINE PATHS - These files are the result of manually deleting files in the upload library or a failed file move in the past (losing track of a file).
+- OFFLINE PATHS - These files are the result of manually deleting files from immich or a failed file move in the past (losing track of a file).
 
 - UNTRACKED FILES - These files are not tracked by the application. They can be the result of failed moves, interrupted uploads, or left behind due to a bug.
 

docs/docs/administration/system-settings.md

@@ -37,9 +37,7 @@ You can set the scanning interval using the preset or cron format. For more info
 
 ## Logging
 
-By default logs are set to record at the log level, the network administrator can choose a deeper or lower level of logs according to his decision or according to the needs required by the Immich support team.
-
-Here you can [learn about the different error levels](https://sematext.com/blog/logging-levels/).
+The default Immich log level is `Log` (commonly known as `Info`). The Immich administrator can choose a higher or lower log level according to personal preference or as requested by the Immich support team.
 
 ## Machine Learning Settings
 

docs/docs/community-guides.mdx

@@ -0,0 +1,12 @@
+# Community Guides
+
+This page lists community guides that are written around Immich, but not officially supported by the development team.
+
+:::warning
+This list comes with no guarantees about security, performance, reliability, or accuracy. Use at your own risk.
+:::
+
+import CommunityGuides from '../src/components/community-guides.tsx';
+import React from 'react';
+
+<CommunityGuides />

docs/docs/developer/pr-checklist.md

@@ -9,7 +9,12 @@ When contributing code through a pull request, please check the following:
 - [ ] `npm run check:svelte` (Type checking via SvelteKit)
 - [ ] `npm test` (unit tests)
 
-:::tip
+## Documentation
+
+- [ ] `npm run format` (formatting via Prettier)
+- [ ] Update the `_redirects` file if you have renamed a page or removed it from the documentation.
+
+:::tip AIO
 Run all web checks with `npm run check:all`
 :::
 
@@ -20,10 +25,14 @@ Run all web checks with `npm run check:all`
 - [ ] `npm run check` (Type checking via `tsc`)
 - [ ] `npm test` (unit tests)
 
-:::tip
+:::tip AIO
 Run all server checks with `npm run check:all`
 :::
 
+:::info Auto Fix
+You can use `npm run __:fix` to potentially correct some issues automatically for `npm run format` and `lint`.
+:::
+
 ## OpenAPI
 
 The OpenAPI client libraries need to be regenerated whenever there are changes to the `immich-openapi-specs.json` file. Note that you should not modify this file directly as it is auto-generated. See [OpenAPI](/docs/developer/open-api.md) for more details.

docs/docs/developer/setup.md

@@ -16,7 +16,7 @@ Thanks for being interested in contributing 😊
 
 ## Environment
 
-### Server and web app
+### Services
 
 This environment includes the services below. Additional details are available in each service's README.
 
@@ -28,7 +28,7 @@ This environment includes the services below. Additional details are available i
 
 All the services are packaged to run as with single Docker Compose command.
 
-### Instructions
+### Server and web apps
 
 1. Clone the project repo.
 2. Run `cp docker/example.env docker/.env`.
@@ -47,13 +47,7 @@ You can access the web from `http://your-machine-ip:2283` or `http://localhost:2
 
 **Note:** the "web" development container runs with uid 1000. If that uid does not have read/write permissions on the mounted volumes, you may encounter errors
 
-### Mobile app
-
-The mobile app `(/mobile)` will required Flutter toolchain 3.13.x to be installed on your system.
-
-Please refer to the [Flutter's official documentation](https://flutter.dev/docs/get-started/install) for more information on setting up the toolchain on your machine.
-
-### Connect to a remote backend
+#### Connect web to a remote backend
 
 If you only want to do web development connected to an existing, remote backend, follow these steps:
 
@@ -66,6 +60,14 @@ If you only want to do web development connected to an existing, remote backend,
 IMMICH_SERVER_URL=https://demo.immich.app/ npm run dev
 ```
 
+### Mobile app
+
+The mobile app `(/mobile)` will required Flutter toolchain 3.13.x to be installed on your system.
+
+Please refer to the [Flutter's official documentation](https://flutter.dev/docs/get-started/install) for more information on setting up the toolchain on your machine.
+
+The mobile app asks you what backend to connect to. You can utilize the demo backend (https://demo.immich.app/) if you don't need to change server code or upload photos. Alternatively, you can run the server yourself per the instructions above.
+
 ## IDE setup
 
 ### Lint / format extensions

docs/docs/developer/testing.md

@@ -8,15 +8,24 @@ Unit are run by calling `npm run test` from the `server` directory.
 
 ### End to end tests
 
-The backend has two end-to-end test suites that can be called with the following two commands from the project root directory:
+The e2e tests can be run by first starting up a test production environment via:
 
-- `make server-e2e-api`
-- `make server-e2e-jobs`
+```bash
+make e2e
+```
 
-#### API (e2e)
+Once the test environment is running, the e2e tests can be run via:
 
-The API e2e tests spin up a test database and execute http requests against the server, validating the expected response codes and functionality for API endpoints.
+```bash
+cd e2e/
+npm test
+```
 
-#### Jobs (e2e)
+The tests check various things including:
 
-The Jobs e2e tests spin up a docker test environment where thumbnail generation, library scanning, and other _job_ workflows are validated.
+- Authentication and authorization
+- Query param, body, and url validation
+- Response codes
+- Thumbnail generation
+- Metadata extraction
+- Library scanning

docs/docs/features/command-line-interface.md

@@ -44,11 +44,11 @@ Please modify the `IMMICH_INSTANCE_URL` and `IMMICH_API_KEY` environment variabl
 
 ## Usage
 
-```
-immich
-```
+<details>
+<summary>Usage</summary>
 
 ```
+$ immich
 Usage: immich [options] [command]
 
 Command line interface for Immich
@@ -69,44 +69,46 @@ Commands:
   help [command]                      display help for command
 ```
 
+</details>
+
 ## Commands
 
 The upload command supports the following options:
 
+<details>
+<summary>Options</summary>
+
 ```
 Usage: immich upload [paths...] [options]
 
 Upload assets
 
 Arguments:
-  paths                       One or more paths to assets to be uploaded
+paths                       One or more paths to assets to be uploaded
 
 Options:
-  -r, --recursive             Recursive (default: false, env: IMMICH_RECURSIVE)
-  -i, --ignore [paths...]     Paths to ignore (default: [], env: IMMICH_IGNORE_PATHS)
-  -h, --skip-hash             Don't hash files before upload (default: false, env: IMMICH_SKIP_HASH)
-  -H, --include-hidden        Include hidden folders (default: false, env: IMMICH_INCLUDE_HIDDEN)
-  -a, --album                 Automatically create albums based on folder name (default: false, env: IMMICH_AUTO_CREATE_ALBUM)
-  -A, --album-name <name>     Add all assets to specified album (env: IMMICH_ALBUM_NAME)
-  -n, --dry-run               Don't perform any actions, just show what will be done (default: false, env: IMMICH_DRY_RUN)
-  -c, --concurrency <number>  Number of assets to upload at the same time (default: 4, env: IMMICH_UPLOAD_CONCURRENCY)
-  --delete                    Delete local assets after upload (env: IMMICH_DELETE_ASSETS)
-  --help                      display help for command
+-r, --recursive             Recursive (default: false, env: IMMICH_RECURSIVE)
+-i, --ignore [paths...]     Paths to ignore (default: [], env: IMMICH_IGNORE_PATHS)
+-h, --skip-hash             Don't hash files before upload (default: false, env: IMMICH_SKIP_HASH)
+-H, --include-hidden        Include hidden folders (default: false, env: IMMICH_INCLUDE_HIDDEN)
+-a, --album                 Automatically create albums based on folder name (default: false, env: IMMICH_AUTO_CREATE_ALBUM)
+-A, --album-name <name>     Add all assets to specified album (env: IMMICH_ALBUM_NAME)
+-n, --dry-run               Don't perform any actions, just show what will be done (default: false, env: IMMICH_DRY_RUN)
+-c, --concurrency <number>  Number of assets to upload at the same time (default: 4, env: IMMICH_UPLOAD_CONCURRENCY)
+--delete                    Delete local assets after upload (env: IMMICH_DELETE_ASSETS)
+--help                      display help for command
 ```
 
+</details>
+
 Note that the above options can read from environment variables as well.
 
 ## Quick Start
 
-You begin by authenticating to your Immich server.
-
-```bash
-immich login [url] [key]
-```
-
-For instance,
+You begin by authenticating to your Immich server. For instance:
 
 ```bash
+# immich login [url] [key]
 immich login http://192.168.1.216:2283/api HFEJ38DNSDUEG
 ```
 

docs/docs/features/hardware-transcoding.md

@@ -22,7 +22,8 @@ You do not need to redo any transcoding jobs after enabling hardware acceleratio
 - WSL2 does not support Quick Sync.
 - Raspberry Pi is currently not supported.
 - Two-pass mode is only supported for NVENC. Other APIs will ignore this setting.
-- Only encoding is currently hardware accelerated, so the CPU is still used for software decoding and tone-mapping.
+- By default, only encoding is currently hardware accelerated. This means the CPU is still used for software decoding and tone-mapping.
+  - NVENC and RKMPP can be fully accelerated by enabling hardware decoding in the video transcoding settings.
 - Hardware dependent
   - Codec support varies, but H.264 and HEVC are usually supported.
     - Notably, NVIDIA and AMD GPUs do not support VP9 encoding.
@@ -33,7 +34,7 @@ You do not need to redo any transcoding jobs after enabling hardware acceleratio
 #### NVENC
 
 - You must have the official NVIDIA driver installed on the server.
-- On Linux (except for WSL2), you also need to have [NVIDIA Container Runtime][nvcr] installed.
+- On Linux (except for WSL2), you also need to have [NVIDIA Container Toolkit][nvct] installed.
 
 #### QSV
 
@@ -65,6 +66,7 @@ For RKMPP to work:
 
 3. Redeploy the `immich-microservices` container with these updated settings.
 4. In the Admin page under `Video transcoding settings`, change the hardware acceleration setting to the appropriate option and save.
+5. (Optional) If using a compatible backend, you may enable hardware decoding for optimal performance.
 
 #### Single Compose File
 
@@ -102,7 +104,14 @@ Once this is done, you can continue to step 3 of "Basic Setup".
 
 #### All-In-One - Unraid Setup
 
-##### NVENC - NVIDIA GPUs
+##### QSV
+
+1. Unraid > Docker > (Stop) Immich container > Edit
+2. Scroll down and select `Add another Path, Port, Variable, Label or Device`
+3. In the drop-down menu, select `Device` and an entry with any name and the value `/dev/dri`.
+4. Continue to step 4 of "Basic Setup".
+
+##### NVENC
 
 1. In the container app, add this environmental variable: Key=`NVIDIA_VISIBLE_DEVICES` Value=`all`
 2. While still in the container app, change the container from Basic Mode to Advanced Mode and add the following parameter to the Extra Parameters field: `--runtime=nvidia`
@@ -115,7 +124,7 @@ Once this is done, you can continue to step 3 of "Basic Setup".
 - While you can use VAAPI with NVIDIA and Intel devices, prefer the more specific APIs since they're more optimized for their respective devices
 
 [hw-file]: https://github.com/immich-app/immich/releases/latest/download/hwaccel.transcoding.yml
-[nvcr]: https://github.com/NVIDIA/nvidia-container-runtime/
+[nvct]: https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/install-guide.html
 [jellyfin-lp]: https://jellyfin.org/docs/general/administration/hardware-acceleration/intel/#configure-and-verify-lp-mode-on-linux
 [jellyfin-kernel-bug]: https://jellyfin.org/docs/general/administration/hardware-acceleration/intel/#known-issues-and-limitations
 [libmali-rockchip]: https://github.com/tsukumijima/libmali-rockchip/releases

docs/docs/features/libraries.md

@@ -4,13 +4,9 @@
 
 Immich supports the creation of libraries which is a top-level asset container. Currently, there are two types of libraries: traditional upload libraries that can sync with a mobile device, and external libraries, that keeps up to date with files on disk. Libraries are different from albums in that an asset can belong to multiple albums but only one library, and deleting a library deletes all assets contained within. As of August 2023, this is a new feature and libraries have a lot of potential for future development beyond what is documented here. This document attempts to describe the current state of libraries.
 
-## The Upload Library
-
-Immich comes preconfigured with an upload library for each user. All assets uploaded to Immich are added to this library. This library can be renamed, but not deleted. The upload library is the only library that can be synced with a mobile device. No items in an upload library is allowed to have the same sha1 hash as another item in the same library in order to prevent duplicates.
-
 ## External Libraries
 
-External libraries tracks assets stored outside of immich, i.e. in the file system. Immich will only read data from the files, and will not modify them in any way. Therefore, the delete button is disabled for external assets. When the external library is scanned, immich will read the metadata from the file and create an asset in the library for each image or video file. These items will then be shown in the main timeline, and they will look and behave like any other asset, including viewing on the map, adding to albums, etc.
+External libraries tracks assets stored outside of Immich, i.e. in the file system. When the external library is scanned, Immich will read the metadata from the file and create an asset in the library for each image or video file. These items will then be shown in the main timeline, and they will look and behave like any other asset, including viewing on the map, adding to albums, etc.
 
 If a file is modified outside of Immich, the changes will not be reflected in immich until the library is scanned again. There are different ways to scan a library depending on the use case:
 
@@ -161,7 +157,7 @@ The christmas trip library will now be scanned in the background. In the meantim
 
 - Click on Create External Library.
 
-:::info Note
+:::note
 If you get an error here, please rename the other external library to something else. This is a bug that will be fixed in a future release.
 :::
 
@@ -175,3 +171,14 @@ If you get an error here, please rename the other external library to something
 - Click on Scan Library Files
 
 Within seconds, the assets from the old-pics and videos folders should show up in the main timeline.
+
+### Set Custom Scan Interval
+
+:::note
+Only an admin can do this.
+:::
+
+You can define a custom interval for the trigger external library rescan under Administration -> Settings -> Library.  
+You can set the scanning interval using the preset or cron format. For more information you can refer to [Crontab Guru](https://crontab.guru/).
+
+<img src={require('./img/library-custom-scan-interval.png').default} width="75%" title='Set custom scan interval for external library' />

docs/docs/features/ml-hardware-acceleration.md

@@ -10,15 +10,14 @@ You do not need to redo any machine learning jobs after enabling hardware accele
 ## Supported Backends
 
 - ARM NN (Mali)
-- CUDA (NVIDIA)
-- OpenVINO (Intel)
+- CUDA (NVIDIA GPUs with [compute capability](https://developer.nvidia.com/cuda-gpus) 5.2 or higher)
+- OpenVINO (Intel discrete GPUs such as Iris Xe and Arc)
 
 ## Limitations
 
 - The instructions and configurations here are specific to Docker Compose. Other container engines may require different configuration.
 - Only Linux and Windows (through WSL2) servers are supported.
 - ARM NN is only supported on devices with Mali GPUs. Other Arm devices are not supported.
-- There is currently an upstream issue with OpenVINO, so whether it will work is device-dependent.
 - Some models may not be compatible with certain backends. CUDA is the most reliable.
 
 ## Prerequisites
@@ -36,8 +35,15 @@ You do not need to redo any machine learning jobs after enabling hardware accele
 
 #### CUDA
 
-- You must have the official NVIDIA driver installed on the server.
-- On Linux (except for WSL2), you also need to have [NVIDIA Container Runtime][nvcr] installed.
+- The GPU must have compute capability 5.2 or greater.
+- The server must have the official NVIDIA driver installed.
+- The installed driver must be >= 535 (it must support CUDA 12.2).
+- On Linux (except for WSL2), you also need to have [NVIDIA Container Toolkit][nvct] installed.
+
+#### OpenVINO
+
+- The server must have a discrete GPU, i.e. Iris Xe or Arc. Expect issues when attempting to use integrated graphics.
+- Ensure the server's kernel version is new enough to use the device for hardware accceleration.
 
 ## Setup
 
@@ -89,11 +95,11 @@ immich-machine-learning:
 Once this is done, you can redeploy the `immich-machine-learning` container.
 
 :::info
-You can confirm the device is being recognized and used by checking its utilization (via `nvtop` for CUDA, `intel_gpu_top` for OpenVINO, etc.). You can also enable debug logging by setting `LOG_LEVEL=debug` in the `.env` file and restarting the `immich-machine-learning` container. When a Smart Search or Face Detection job begins, you should see a log for `Available ORT providers` containing the relevant provider. In the case of ARM NN, the absence of a `Could not load ANN shared libraries` log entry means it loaded successfully.
+You can confirm the device is being recognized and used by checking its utilization (via `nvtop` for CUDA, `intel_gpu_top` for OpenVINO, etc.). You can also enable debug logging by setting `IMMICH_LOG_LEVEL=debug` in the `.env` file and restarting the `immich-machine-learning` container. When a Smart Search or Face Detection job begins, you should see a log for `Available ORT providers` containing the relevant provider. In the case of ARM NN, the absence of a `Could not load ANN shared libraries` log entry means it loaded successfully.
 :::
 
 [hw-file]: https://github.com/immich-app/immich/releases/latest/download/hwaccel.ml.yml
-[nvcr]: https://github.com/NVIDIA/nvidia-container-runtime/
+[nvct]: https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/install-guide.html
 
 ## Tips
 

docs/docs/features/shared-albums.md

@@ -0,0 +1,252 @@
+# Shared Albums & Assets
+
+## Shared Albums
+
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+Album sharing allows you to share assets with other users or with people from around the world via a link or invitation (for system users).
+
+When sharing shared albums, whats shared is:
+
+- The selected assets.
+- Metadata of the assets (Can be removed by sharing via link).
+
+## Shared Album Features
+
+- Download all assets as zip file (Web only).
+  :::info Archive size limited.
+  If the size of the album exceeds 4GB, the archive files will be divided into 4GB each.
+  :::
+- Add a description to the album (Web only).
+- Slideshow view (Web only).
+- Add or remove photos to an album.
+- Comment on the album (for system users only).
+
+:::info
+When you create an album and it is not shared with anyone, it will be added to the Albums category.
+:::
+
+<Tabs>
+  <TabItem value="Computer" label="Computer" default>
+
+### Create a Shared Album
+
+1. Select the assets (Shift can be used for multiple selection).
+2. Click on the + on the top right -> add to a shared album.
+3. Name the new album and add the album.
+
+## Sharing Between Users
+
+### Shared Album Options
+
+- Add or remove users from the album.
+  :::info remove user(s)
+  When a user is removed from the album, the photos he uploaded will still appear in the album.
+  :::
+- Enable or disable comments & likes.
+- Replace the album cover.
+- Display order (newest first / oldest first).
+
+To change these settings click on the 3 dots on the right -> options.
+
+:::info Known bug
+Currently it is not possible to remove people through the options.
+This is a [known problem and it has a temporary solution](https://github.com/immich-app/immich/issues/7954)
+:::
+
+## Share Album via Link
+
+:::info
+When wanting to share with people outside the home network via a link, Immich needs to be exposed to the world wide web, read more to [learn the ways to do this](/docs/guides/remote-access.md).
+:::
+
+1. Enter the shared album.
+2. Click on the share icon.
+3. Click on Create link.
+
+You can edit the link properties, options include;
+
+- **Description -** adding a description to the album (optional)
+- **Password -** adding a password to the album (optional), it is required to activate Require password.
+- **Show metadata -** whether to show metadata to whoever the link will be shared with (optional).
+- **Allow public user to download -** whether to allow whoever has the link to download all the images or a certain image (optional).
+- **Allow public user to upload -** whether to allow whoever has the link to upload assets to the album (optional).
+  :::info
+  whoever has the link and have uploaded files cannot delete them.
+  :::
+- **Expire after -** adding an expiration date to the link (optional).
+
+## Share Specific Assets
+
+A user can share specific assets without linking them to a specific album.
+in order to do so;
+
+1. Go to the timeline
+2. Select the assets (Shift can be used for multiple selection)
+3. Click the share button
+
+:::info
+Assets shared in this way will not be displayed in the Sharing category, in order to expect to remove or change the link settings of assets shared in this way, you must use the Manage generated links option.
+:::
+
+:::tip
+For temporary sharing, you can add an expiration date to assets shared this way.
+:::
+
+## Manage generated links
+
+A user can copy, delete and change the link settings he created for specific albums or assets, in order to do so;
+
+1. Go to the Immich home page.
+2. Select the Sharing category.
+3. On the top right, select Shared links.
+
+:::info remove links/users.
+When making a shared album private, the added photos will **still** be saved in the album.
+:::
+
+## Activity
+
+:::info
+Activity is not visible when sharing an album via external link.
+New users added to the album will be able to see previous activity.
+:::
+
+### Add a Comment or Like to the Album
+
+1. Enter the shared album.
+2. From the bottom right you can add comment(s) or delete old comments.
+3. To add a like (heart) to the album, click the heart button to the left of the "say something" button.
+
+#### Add a Comment or Like to a Specific Photo
+
+:::info Activity
+Activity of a comment or heart on a specific photo will appear in the general activity of the album.
+:::
+
+1. Enter the shared album.
+2. Enter the picture.
+3. From the bottom right you can add comment(s) or delete old comments.
+4. To add a like (heart) to the album, click the heart button to the left of the "say something" button.
+
+### Viewing Activity in the Album
+
+To view album activity on comments or likes
+
+1. Enter the shared album
+2. On the bottom right click on the message icon
+
+</TabItem>
+  <TabItem value="Mobile" label="Mobile">
+
+:::note mobile app
+Some of the features are not available on mobile, to understand what the full features of shared albums are, it is recommended to additionally read the explanation for the computer version.
+:::
+
+### Create a Shared Album
+
+1. Select the assets.
+2. Swipe up and click on Create new album.
+3. Name the new album and add the album.
+
+## Sharing Between Users
+
+#### Add or remove users from the album.
+
+:::info remove user(s)
+When a user is removed from the album, the photos he uploaded will still appear in the album.
+:::
+
+After creating the album, click the Add User button and select the user you want to share with.
+
+### Shared Album Options
+
+- Enable or disable comments & likes.
+- Add or remove users
+
+To change these settings click on the 3 dots on the top right -> options.
+
+## Share Album via Link
+
+:::info
+When wanting to share with people outside the home network via a link, Immich needs to be exposed to the world wide web, read more to [learn the ways to do this](/docs/guides/remote-access.md).
+:::
+
+1. Enter the shared album.
+2. Click 3 dots on the top right.
+3. Click on Share.
+
+You can edit the link properties, options include;
+
+- **Description -** adding a description to the album (optional)
+- **Password -** adding a password to the album (optional)
+- **Show metadata -** whether to show metadata to whoever the link will be shared with (optional).
+- **Allow public user to download -** whether to allow whoever has the link to download all the images or a certain image (optional).
+- **Allow public user to upload -** whether to allow whoever has the link to upload assets to the album (optional).
+  ::: info
+  whoever has the link and have uploaded files cannot delete them.
+  :::
+- **Expire after -** adding an expiration date to the link (optional).
+
+## Share Specific Assets
+
+A user can share specific assets without linking them to a specific album.
+in order to do so;
+
+1. Go to the timeline
+2. Select the assets.
+3. Click the share button
+
+:::info
+Assets shared in this way will not be displayed in the Sharing category, in order to expect to remove or change the link settings of assets shared in this way, you must use the Manage generated links option.
+:::
+
+:::tip
+For temporary sharing, you can add an expiration date to assets shared this way.
+:::
+
+## Manage generated links
+
+A user can copy, delete and change the link settings he created for specific albums or assets, in order to do so;
+
+1. Go to Sharing category.
+2. Select Shared links at the top right.
+
+:::info remove links/users.
+When making a shared album private, the added photos will **still** be saved in the album.
+:::
+
+## Activity
+
+:::info
+Activity is not visible when sharing an album via external link.
+New users added to the album will be able to see previous activity.
+:::
+
+### Add a Comment or Like to the Album
+
+1. Enter the shared album.
+2. From the top right you can add comment(s) or delete old comments.
+3. To add a like (heart) to the album, click the heart button to the right of the "say something" button.
+
+#### Add a Comment or Like to a Specific Photo
+
+:::info Activity
+Activity of a comment or heart on a specific photo will appear in the general activity of the album.
+:::
+
+1. Enter the shared album.
+2. Enter the picture.
+3. From the top right you can add comment(s) or delete old comments.
+4. To add a like (heart) to the album, click the heart button to the right of the "say something" button.
+
+### Viewing Activity in the Album
+
+To view album activity on comments or likes
+
+1. Enter the shared album
+2. On the top right click on the message icon
+
+</TabItem>
+</Tabs>

docs/docs/features/supported-formats.md

@@ -3,7 +3,7 @@
 Immich supports a number of image and video formats, the most common of which are outlined here.
 
 :::note
-For the full list, you can refer to the [Immich source code](https://github.com/immich-app/immich/blob/main/server/src/utils/mime-types.ts).
+For the full list, refer to the [Immich source code](https://github.com/immich-app/immich/blob/main/server/src/utils/mime-types.ts).
 :::
 
 ## Image formats

docs/docs/guides/custom-locations.md

@@ -0,0 +1,63 @@
+# Files Custom Locations
+
+This guide explains storing generated and raw files with docker's volume mount in different locations.
+
+:::caution Backup
+It is important to remember to update the backup settings after following the guide to back up the new backup paths if using automatic backup tools, especially `profile/`.
+:::
+
+In our `.env` file, we will define variables that will help us in the future when we want to move to a more advanced server in the future
+
+```diff title=".env"
+# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
+
+# Custom location where your uploaded, thumbnails, and transcoded video files are stored
+- UPLOAD_LOCATION=./library
++ UPLOAD_LOCATION=/custom/location/on/your/system/immich/immich_files
++ THUMB_LOCATION=/custom/location/on/your/system/immich/thumbs
++ ENCODED_VIDEO_LOCATION=/custom/location/on/your/system/immich/encoded-video
++ PROFILE_LOCATION=/custom/location/on/your/system/immich/profile
+...
+```
+
+After defining the locations for these files, we will edit the `docker-compose.yml` file accordingly and add the new variables to the `immich-server` and `immich-microservices` containers.
+
+```diff title="docker-compose.yml"
+services:
+  immich-server:
+      volumes:
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
++     - ${THUMB_LOCATION}:/usr/src/app/upload/thumbs
++     - ${ENCODED_VIDEO_LOCATION}:/usr/src/app/upload/encoded-video
++     - ${PROFILE_LOCATION}:/usr/src/app/upload/profile
+      - /etc/localtime:/etc/localtime:ro
+
+...
+
+  immich-microservices:
+      volumes:
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
++     - ${THUMB_LOCATION}:/usr/src/app/upload/thumbs
++     - ${ENCODED_VIDEO_LOCATION}:/usr/src/app/upload/encoded-video
++     - ${PROFILE_LOCATION}:/usr/src/app/upload/profile
+      - /etc/localtime:/etc/localtime:ro
+```
+
+Restart Immich to register the changes.
+
+```
+docker compose down
+docker compose up -d
+```
+
+:::note
+Because of the underlying properties of docker bind mounts, it is not recommended to mount the `upload/` and `library/` folders as separate bind mounts if they are on the same device.
+For this reason, we mount the HDD or network storage to `/usr/src/app/upload` and then mount the folders we want quick access to below this folder.
+
+The `thumbs/` folder contains both the small thumbnails shown in the timeline, and the larger previews shown when clicking into an image. These cannot be split up.
+
+The storage metrics of the Immich server will track the storage available at `UPLOAD_LOCATION`,
+so the administrator should setup some kind of monitoring to make sure the SSD does not run out of space. The `profile/` folder is much smaller, typically less than 1 MB.
+:::
+
+Thanks to [Jrasm91](https://github.com/immich-app/immich/discussions/2110#discussioncomment-5477767) for writing the guide.

docs/docs/guides/custom-map-styles.md

@@ -0,0 +1,16 @@
+# Create Custom Map Styles for Immich Using Maptiler
+
+You may decide that you'd like to modify the style document which is used to draw the maps in Immich. This can be done easily using Maptiler, if you do not want to write an entire JSON document by hand.
+
+## Steps
+
+1. Create a free account at https://cloud.maptiler.com
+2. Once logged in, you can either create a brand new map by clicking on **New Map**, selecting a starter map, and then clicking **Customize**, OR by selecting a **Standard Map** and customizing it from there.
+3. The **editor** interface is self-explanatory. You can change colors, remove visible layers, or add optional layers (e.g., administrative, topo, hydro, etc.) in the composer.
+4. Once you have your map composed, click on **Save** at the top right. Give it a unique name to save it to your account.
+5. Next, **Publish** your style using the **Publish** button at the top right. This will deploy it to production, which means it is able to be exposed over the Internet. Maptiler will present an interactive side-by-side map with the original and your changes prior to publication.<br/>![Maptiler Publication Settings](img/immich_map_styles_publish.png)
+6. Maptiler will warn you that changing the map will change it across all apps using the map. Since no apps are using the map yet, this is okay.
+7. Clicking on the name of your new map at the top left will bring you to the item's **details** page. From here, copy the link to the JSON style under **Use vector style**. This link will automatically contain your personal API key to Maptiler.
+8. In **Immich**, navigate to **Administration --> Settings --> Map & GPS Settings** and expand the **Map Settings** subsection.
+9. Paste the link to your JSON style in either the **Light Style** or **Dark Style**. (You can add different styles which will help make the map style more appropriate depending on whether you set **Immich** to Light or Dark mode.
+10. Save your selections. Reload the map, and enjoy your custom map style!

docs/docs/guides/database-gui.md

@@ -2,48 +2,52 @@
 
 A short guide on connecting [pgAdmin](https://www.pgadmin.org/) to Immich.
 
-:::note
-
-In order to connect to the database the immich_postgres container **must be running**.
-
-The passwords and usernames used below match the ones specified in the example `.env` file. If changed, please use actual values instead.
-
-**Optional:** To connect to the database **outside** of your Docker's network:
-
-- Expose port 5432 in your `docker-compose.yml` file.
-- Edit the PostgreSQL [`pg_hba.conf`](https://www.postgresql.org/docs/current/auth-pg-hba-conf.html) file.
-- Make sure your firewall does not block access to port 5432.
-  Note that exposing the database port increases the risk of getting attacked by hackers.  
-  Make sure to remove the binding port after finishing the database's tasks.
-
-:::
-
 ## 1. Install pgAdmin
 
-Download and install [pgAdmin](https://www.pgadmin.org/download/) following the official documentation.
+Add a file `docker-compose-pgadmin.yml` next to your `docker-compose.yml` with the following content:
+
+```
+name: immich
+
+services:
+  pgadmin:
+    image: dpage/pgadmin4
+    container_name: pgadmin4_container
+    restart: always
+    ports:
+      - "8888:80"
+    environment:
+      PGADMIN_DEFAULT_EMAIL: user-name@domain-name.com
+      PGADMIN_DEFAULT_PASSWORD: strong-password
+    volumes:
+      - pgadmin-data:/var/lib/pgadmin
+
+volumes:
+  pgadmin-data:
+```
+
+Change the values of `PGADMIN_DEFAULT_EMAIL` and `PGADMIN_DEFAULT_PASSWORD` in this file.
+
+Run `docker compose -f docker-compose.yml -f docker-compose-pgadmin.yml up` to start immich along with `pgAdmin`.
 
 ## 2. Add a Server
 
-Open pgAdmin and click "Add New Server".
+Open [localhost:8888](http://localhost:8888) and login with the default credentials from above.
 
-<img src={require('./img/add-new-server-option.png').default} width="50%" title="new server option" />
+Right click on `Servers` and click on `Register >> Server..` then enter the values below in the `Connection` tab.
 
-## 3. Enter Connection Details
+<img src={require('./img/pgadmin-add-new-server.png').default} width="50%" title="new server option" />
 
-| Name                 | Value       |
-| -------------------- | ----------- |
-| Host name/address    | `localhost` |
-| Port                 | `5432`      |
-| Maintenance database | `immich`    |
-| Username             | `postgres`  |
-| Password             | `postgres`  |
+:::note
+The parameters used here match those specified in the example `.env` file. If you have changed your `.env` file, you'll need to adjust accordingly.
+:::
 
-<img src={require('./img/Connection-Pgadmin.png').default} width="75%" title="Connection" />
-
-## 4. Save Connection
+| Name                 | Value             |
+| -------------------- | ----------------- |
+| Host name/address    | `immich_postgres` |
+| Port                 | `5432`            |
+| Maintenance database | `immich`          |
+| Username             | `postgres`        |
+| Password             | `postgres`        |
 
 Click on "Save" to connect to the Immich database.
-
-:::tip
-View [Database Queries](https://immich.app/docs/guides/database-queries/) for common database queries.
-:::

docs/docs/guides/database-queries.md

@@ -17,7 +17,7 @@ The `"originalFileName"` column is the name of the file at time of upload, inclu
 :::
 
 ```sql title="Find by original filename"
-SELECT * FROM "assets" WHERE "originalFileName" = 'PXL_20230903_232542848';
+SELECT * FROM "assets" WHERE "originalFileName" = 'PXL_20230903_232542848.jpg';
 SELECT * FROM "assets" WHERE "originalFileName" LIKE 'PXL_%'; -- all files starting with PXL_
 SELECT * FROM "assets" WHERE "originalFileName" LIKE '%_2023_%'; -- all files with _2023_ in the middle
 ```
@@ -27,21 +27,40 @@ SELECT * FROM "assets" WHERE "originalPath" = 'upload/library/admin/2023/2023-09
 SELECT * FROM "assets" WHERE "originalPath" LIKE 'upload/library/admin/2023/%';
 ```
 
-```sql title="Find by checksum" (sha1)
+:::note
+You can calculate the checksum for a particular file by using the command `sha1sum <filename>`.
+:::
+
+```sql title="Find by checksum (SHA-1)"
 SELECT encode("checksum", 'hex') FROM "assets";
 SELECT * FROM "assets" WHERE "checksum" = decode('69de19c87658c4c15d9cacb9967b8e033bf74dd1', 'hex');
+SELECT * FROM "assets" WHERE "checksum" = '\x69de19c87658c4c15d9cacb9967b8e033bf74dd1'; -- alternate notation
 ```
 
 ```sql title="Live photos"
-SELECT * FROM "assets" where "livePhotoVideoId" IS NOT NULL;
+SELECT * FROM "assets" WHERE "livePhotoVideoId" IS NOT NULL;
+```
+
+```sql title="By description"
+SELECT "assets".*, "exif"."description" FROM "exif"
+  JOIN "assets" ON "assets"."id" = "exif"."assetId"
+  WHERE TRIM("exif"."description") <> ''; -- all files with a description
+SELECT "assets".*, "exif"."description" FROM "exif"
+  JOIN "assets" ON "assets"."id" = "exif"."assetId"
+  WHERE "exif"."description" ILIKE '%string to match%'; -- search by string
 ```
 
 ```sql title="Without metadata"
-SELECT "assets".* FROM "exif"  LEFT JOIN "assets" ON "assets"."id" = "exif"."assetId" WHERE "exif"."assetId" IS NULL;
+SELECT "assets".* FROM "exif"
+  LEFT JOIN "assets" ON "assets"."id" = "exif"."assetId"
+  WHERE "exif"."assetId" IS NULL;
 ```
 
 ```sql title="size < 100,000 bytes, smallest to largest"
-SELECT * FROM "assets" JOIN "exif" ON "assets"."id" = "exif"."assetId" WHERE "exif"."fileSizeInByte" < 100000 ORDER BY "exif"."fileSizeInByte" ASC;
+SELECT * FROM "assets"
+  JOIN "exif" ON "assets"."id" = "exif"."assetId"
+  WHERE "exif"."fileSizeInByte" < 100000
+  ORDER BY "exif"."fileSizeInByte" ASC;
 ```
 
 ```sql title="Without thumbnails"
@@ -54,20 +73,14 @@ SELECT * FROM "assets" WHERE "assets"."type" = 'IMAGE';
 ```
 
 ```sql title="Count by type"
-SELECT "assets"."type", count(*) FROM "assets" GROUP BY "assets"."type";
+SELECT "assets"."type", COUNT(*) FROM "assets" GROUP BY "assets"."type";
 ```
 
 ```sql title="Count by type (per user)"
-SELECT
-  "users"."email", "assets"."type", COUNT(*)
-FROM
-  "assets"
-JOIN
-  "users" ON "assets"."ownerId" = "users"."id"
-GROUP BY
-  "assets"."type", "users"."email"
-ORDER BY
-  "users"."email";
+SELECT "users"."email", "assets"."type", COUNT(*) FROM "assets"
+  JOIN "users" ON "assets"."ownerId" = "users"."id"
+  GROUP BY "assets"."type", "users"."email"
+  ORDER BY "users"."email";
 ```
 
 ```sql title="Failed file movements"
@@ -76,14 +89,20 @@ SELECT * FROM "move_history";
 
 ## Users
 
-```sql title="List"
+```sql title="List all users"
 SELECT * FROM "users";
 ```
 
 ## System Config
 
 ```sql title="Custom settings"
-SELECT "key", "value" FROM "system_config";
+SELECT "key", "value" FROM "system_metadata" WHERE "key" = 'system-config';
 ```
 
 (Only used when not using the [config file](/docs/install/config-file))
+
+## Persons
+
+```sql title="Delete person and unset it for the faces it was associated with"
+DELETE FROM "person" WHERE "name" = 'PersonNameHere';
+```

docs/docs/guides/external-library.md

@@ -6,21 +6,19 @@ in a directory on the same machine.
 
 # Mount the directory into the containers.
 
-Edit `docker-compose.yml` to add two new mount points under `volumes:`
+Edit `docker-compose.yml` to add two new mount points in the sections `immich-server:` and `immich-microservices:` under `volumes:`
 
-```
-  immich-server:
+```diff
+immich-server:
     volumes:
-      - ${EXTERNAL_PATH}:/usr/src/app/external
-```
++       - ${EXTERNAL_PATH}:/usr/src/app/external
 
-```
-  immich-microservices:
+immich-microservices:
     volumes:
-      - ${EXTERNAL_PATH}:/usr/src/app/external
++       - ${EXTERNAL_PATH}:/usr/src/app/external
 ```
 
-Be sure to add exactly the same line to both `immich-server:` and `immich-microservices:`.
+Be sure to add exactly the same path to both services.
 
 Edit `.env` to define `EXTERNAL_PATH`, substituting in the correct path for your computer:
 

docs/docs/guides/remote-machine-learning.md

@@ -6,12 +6,16 @@ To alleviate [performance issues on low-memory systems](/docs/FAQ.mdx#why-is-imm
 - Copy the following `docker-compose.yml` to your ML system.
 - Start the container by running `docker compose up -d`.
 
-:::note Info
+:::info
 Starting with version v1.93.0 face detection work and face recognize were split. From now on face detection is done in the immich_machine_learning service, but facial recognition is done in the immich_microservices service.
 :::
 
+:::note
+The [hwaccel.ml.yml](https://github.com/immich-app/immich/releases/latest/download/hwaccel.ml.yml) file also needs to be in the same folder if trying to use [hardware acceleration](/docs/features/ml-hardware-acceleration).
+:::
+
 ```yaml
-version: '3.8'
+name: immich_remote_ml
 
 services:
   immich-machine-learning:

docs/docs/install/config-file.md

@@ -7,6 +7,9 @@ A config file can be provided as an alternative to the UI configuration.
 In JSON format, create a new config file (e.g. `immich.json`) and put it in a location that can be accessed by Immich.
 The default configuration looks like this:
 
+<details>
+<summary>immich.json</summary>
+
 ```json
 {
   "ffmpeg": {
@@ -74,6 +77,10 @@ The default configuration looks like this:
       "enabled": true,
       "modelName": "ViT-B-32__openai"
     },
+    "duplicateDetection": {
+      "enabled": false,
+      "maxDistance": 0.03
+    },
     "facialRecognition": {
       "enabled": true,
       "modelName": "buffalo_l",
@@ -120,7 +127,8 @@ The default configuration looks like this:
     "previewFormat": "jpeg",
     "previewSize": 1440,
     "quality": 80,
-    "colorspace": "p3"
+    "colorspace": "p3",
+    "extractEmbedded": false
   },
   "newVersionCheck": {
     "enabled": true
@@ -149,13 +157,12 @@ The default configuration looks like this:
   "server": {
     "externalDomain": "",
     "loginPageMessage": ""
-  },
-  "user": {
-    "deleteDelay": 7
   }
 }
 ```
 
+</details>
+
 :::tip
 In Administration > Settings is a button to copy the current configuration to your clipboard.
 So you can just grab it from there, paste it into a file and you're pretty much good to go.

docs/docs/install/docker-compose.mdx

@@ -7,7 +7,8 @@ import ExampleEnv from '!!raw-loader!../../../docker/example.env';
 
 # Docker Compose [Recommended]
 
-Docker Compose is the recommended method to run Immich in production. Below are the steps to deploy Immich with Docker Compose.
+Docker Compose is the recommended method to run Immich in production. Below are the steps to deploy Immich with Docker Compose.  
+Immich requires Docker Compose version 2.x.
 
 ### Step 1 - Download the required files
 
@@ -66,7 +67,7 @@ docker compose up -d
 ```
 
 :::info Docker version
-If you get an error `unknown shorthand flag: 'd' in -d`, you are probably running the wrong Docker version. (This happens, for example, with the docker.io package in Ubuntu 22.04.3 LTS.) You can correct the problem by `apt remove`ing Ubuntu's docker.io package and installing docker and docker-compose via [Docker's official repository](https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository).
+If you get an error `unknown shorthand flag: 'd' in -d`, you are probably running the wrong Docker version. (This happens, for example, with the docker.io package in Ubuntu 22.04.3 LTS.) You can correct the problem by `apt remove`ing Ubuntu's docker.io package and installing docker and docker-compose via [Docker's official repository][docker-repo].
 
 Note that the correct command really is `docker compose`, not `docker-compose`. If you try the latter on vanilla Ubuntu 22.04 it will fail in a different way:
 
@@ -83,27 +84,31 @@ For more information on how to use the application, please refer to the [Post In
 :::
 
 :::note GitHub Authentication
-Downloading container images might require you to authenticate to the GitHub Container Registry ([steps here](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry#authenticating-to-the-container-registry)).
+Downloading container images might require you to authenticate to the GitHub Container Registry ([steps here][container-auth]).
 :::
 
 ### Step 4 - Upgrading
 
 :::danger Breaking Changes
-It is important to follow breaking updates to avoid problems. You can see versions that had breaking changes [here](https://github.com/immich-app/immich/discussions?discussions_q=label%3Abreaking-change+sort%3Adate_created).
+It is important to follow breaking updates to avoid problems. You can see versions that had breaking changes [here][breaking].
 :::
 
 If `IMMICH_VERSION` is set, it will need to be updated to the latest or desired version.
 
-When a new version of Immich is [released](https://github.com/immich-app/immich/releases), the application can be upgraded with the following commands, run in the directory with the `docker-compose.yml` file:
+When a new version of Immich is [released][releases], the application can be upgraded with the following commands, run in the directory with the `docker-compose.yml` file:
 
 ```bash title="Upgrade Immich"
 docker compose pull && docker compose up -d
 ```
 
 :::caution Automatic Updates
-Immich is currently under heavy development, which means you can expect [breaking changes](https://github.com/immich-app/immich/discussions?discussions_q=label%3Abreaking-change+sort%3Adate_created) and bugs. Therefore, we recommend reading the release notes prior to updating and to take special care when using automated tools like [Watchtower][watchtower].
+Immich is currently under heavy development, which means you can expect [breaking changes][breaking] and bugs. Therefore, we recommend reading the release notes prior to updating and to take special care when using automated tools like [Watchtower][watchtower].
 :::
 
 [compose-file]: https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
 [env-file]: https://github.com/immich-app/immich/releases/latest/download/example.env
 [watchtower]: https://containrrr.dev/watchtower/
+[breaking]: https://github.com/immich-app/immich/discussions?discussions_q=label%3Abreaking-change+sort%3Adate_created
+[container-auth]: https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry#authenticating-to-the-container-registry
+[releases]: https://github.com/immich-app/immich/releases
+[docker-repo]: https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository

docs/docs/install/environment-variables.md

@@ -17,80 +17,92 @@ If this should not work, try running `docker compose up -d --force-recreate`.
 
 ## Docker Compose
 
-| Variable          | Description           |  Default  | Services                                |
-| :---------------- | :-------------------- | :-------: | :-------------------------------------- |
-| `IMMICH_VERSION`  | Image tags            | `release` | server, microservices, machine learning |
-| `UPLOAD_LOCATION` | Host Path for uploads |           | server, microservices                   |
+| Variable           | Description                     |  Default  | Services                                |
+| :----------------- | :------------------------------ | :-------: | :-------------------------------------- |
+| `IMMICH_VERSION`   | Image tags                      | `release` | server, microservices, machine learning |
+| `UPLOAD_LOCATION`  | Host Path for uploads           |           | server, microservices                   |
+| `DB_DATA_LOCATION` | Host Path for Postgres database |           | database                                |
 
 :::tip
-
 These environment variables are used by the `docker-compose.yml` file and do **NOT** affect the containers directly.
-
 :::
 
+### Supported filesystems
+
+The Immich Postgres database (`DB_DATA_LOCATION`) must be located on a filesystem that supports user/group
+ownership and permissions (EXT2/3/4, ZFS, APFS, BTRFS, XFS, etc.). It will not work on any filesystem formatted in NTFS or ex/FAT/32.
+It will not work in WSL (Windows Subsystem for Linux) when using a mounted host directory (commonly under `/mnt`).
+If this is an issue, you can change the bind mount to a Docker volume instead.
+
+Regardless of filesystem, it is not recommended to use a network share for your database location due to performance and possible data loss issues.
+
 ## General
 
-| Variable                        | Description                                  |       Default        | Services                                |
-| :------------------------------ | :------------------------------------------- | :------------------: | :-------------------------------------- |
-| `TZ`                            | Timezone                                     |                      | microservices                           |
-| `NODE_ENV`                      | Environment (production, development)        |     `production`     | server, microservices, machine learning |
-| `LOG_LEVEL`                     | Log Level (verbose, debug, log, warn, error) |        `log`         | server, microservices, machine learning |
-| `IMMICH_MEDIA_LOCATION`         | Media Location                               |      `./upload`      | server, microservices                   |
-| `IMMICH_CONFIG_FILE`            | Path to config file                          |                      | server, microservices                   |
-| `IMMICH_WEB_ROOT`               | Path of root index.html                      |  `/usr/src/app/www`  | server                                  |
-| `IMMICH_REVERSE_GEOCODING_ROOT` | Path of reverse geocoding dump directory     | `/usr/src/resources` | microservices                           |
+| Variable                        | Description                                  |         Default          | Services                                |
+| :------------------------------ | :------------------------------------------- | :----------------------: | :-------------------------------------- |
+| `TZ`                            | Timezone                                     |                          | microservices                           |
+| `IMMICH_ENV`                    | Environment (production, development)        |       `production`       | server, microservices, machine learning |
+| `IMMICH_LOG_LEVEL`              | Log Level (verbose, debug, log, warn, error) |          `log`           | server, microservices, machine learning |
+| `IMMICH_MEDIA_LOCATION`         | Media Location                               | `./upload`<sup>\*1</sup> | server, microservices                   |
+| `IMMICH_CONFIG_FILE`            | Path to config file                          |                          | server, microservices                   |
+| `IMMICH_WEB_ROOT`               | Path of root index.html                      |    `/usr/src/app/www`    | server                                  |
+| `IMMICH_REVERSE_GEOCODING_ROOT` | Path of reverse geocoding dump directory     |   `/usr/src/resources`   | microservices                           |
+
+\*1: With the default `WORKDIR` of `/usr/src/app`, this path will resolve to `/usr/src/app/upload`.
+It only need to be set if the Immich deployment method is changing.
 
 :::tip
-`TZ` should be set to a `TZ identifier` from [this list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). For example, `TZ="Etc/UTC"`.
+`TZ` should be set to a `TZ identifier` from [this list][tz-list]. For example, `TZ="Etc/UTC"`.
 
 `TZ` is only used by `exiftool`, which is present in the microservices container, as a fallback in case the timezone cannot be determined from the image metadata.
 :::
 
 ## Ports
 
-| Variable                | Description           |  Default  | Services         |
-| :---------------------- | :-------------------- | :-------: | :--------------- |
-| `SERVER_PORT`           | Server Port           |  `3001`   | server           |
-| `MICROSERVICES_PORT`    | Microservices Port    |  `3002`   | microservices    |
-| `MACHINE_LEARNING_HOST` | Machine Learning Host | `0.0.0.0` | machine learning |
-| `MACHINE_LEARNING_PORT` | Machine Learning Port |  `3003`   | machine learning |
+| Variable      | Description    |                Default                 |
+| :------------ | :------------- | :------------------------------------: |
+| `IMMICH_HOST` | Listening host |               `0.0.0.0`                |
+| `IMMICH_PORT` | Listening port | 3001 (server), 3003 (machine learning) |
 
 ## Database
 
-| Variable                            | Description                                                   |   Default    | Services              |
-| :---------------------------------- | :------------------------------------------------------------ | :----------: | :-------------------- |
-| `DB_URL`                            | Database URL                                                  |              | server, microservices |
-| `DB_HOSTNAME`                       | Database Host                                                 | `localhost`  | server, microservices |
-| `DB_PORT`                           | Database Port                                                 |    `5432`    | server, microservices |
-| `DB_USERNAME`                       | Database User                                                 |  `postgres`  | server, microservices |
-| `DB_PASSWORD`                       | Database Password                                             |  `postgres`  | server, microservices |
-| `DB_DATABASE_NAME`                  | Database Name                                                 |   `immich`   | server, microservices |
-| `DB_VECTOR_EXTENSION`<sup>\*1</sup> | Database Vector Extension (one of [`pgvector`, `pgvecto.rs`]) | `pgvecto.rs` | server, microservices |
+| Variable                            | Description                                                              |   Default    | Services                                      |
+| :---------------------------------- | :----------------------------------------------------------------------- | :----------: | :-------------------------------------------- |
+| `DB_URL`                            | Database URL                                                             |              | server, microservices                         |
+| `DB_HOSTNAME`                       | Database Host                                                            |  `database`  | server, microservices                         |
+| `DB_PORT`                           | Database Port                                                            |    `5432`    | server, microservices                         |
+| `DB_USERNAME`                       | Database User                                                            |  `postgres`  | server, microservices, database<sup>\*1</sup> |
+| `DB_PASSWORD`                       | Database Password                                                        |  `postgres`  | server, microservices, database<sup>\*1</sup> |
+| `DB_DATABASE_NAME`                  | Database Name                                                            |   `immich`   | server, microservices, database<sup>\*1</sup> |
+| `DB_VECTOR_EXTENSION`<sup>\*2</sup> | Database Vector Extension (one of [`pgvector`, `pgvecto.rs`])            | `pgvecto.rs` | server, microservices                         |
+| `DB_SKIP_MIGRATIONS`                | Whether to skip running migrations on startup (one of [`true`, `false`]) |   `false`    | server, microservices                         |
 
-\*1: This setting cannot be changed after the server has successfully started up
+\*1: The values of `DB_USERNAME`, `DB_PASSWORD`, and `DB_DATABASE_NAME` are passed to the Postgres container as the variables `POSTGRES_USER`, `POSTGRES_PASSWORD`, and `POSTGRES_DB` in `docker-compose.yml`.
+
+\*2: This setting cannot be changed after the server has successfully started up.
 
 :::info
 
-When `DB_URL` is defined, the other database (`DB_*`) variables are ignored.
+When `DB_URL` is defined, the `DB_HOSTNAME`, `DB_PORT`, `DB_USERNAME`, `DB_PASSWORD` and `DB_DATABASE_NAME` database variables are ignored.
 
 :::
 
 ## Redis
 
-| Variable         | Description    |    Default     | Services              |
-| :--------------- | :------------- | :------------: | :-------------------- |
-| `REDIS_URL`      | Redis URL      |                | server, microservices |
-| `REDIS_HOSTNAME` | Redis Host     | `immich_redis` | server, microservices |
-| `REDIS_PORT`     | Redis Port     |     `6379`     | server, microservices |
-| `REDIS_DBINDEX`  | Redis DB Index |      `0`       | server, microservices |
-| `REDIS_USERNAME` | Redis Username |                | server, microservices |
-| `REDIS_PASSWORD` | Redis Password |                | server, microservices |
-| `REDIS_SOCKET`   | Redis Socket   |                | server, microservices |
+| Variable         | Description    | Default | Services              |
+| :--------------- | :------------- | :-----: | :-------------------- |
+| `REDIS_URL`      | Redis URL      |         | server, microservices |
+| `REDIS_HOSTNAME` | Redis Host     | `redis` | server, microservices |
+| `REDIS_PORT`     | Redis Port     | `6379`  | server, microservices |
+| `REDIS_DBINDEX`  | Redis DB Index |   `0`   | server, microservices |
+| `REDIS_USERNAME` | Redis Username |         | server, microservices |
+| `REDIS_PASSWORD` | Redis Password |         | server, microservices |
+| `REDIS_SOCKET`   | Redis Socket   |         | server, microservices |
 
 :::info
 
 `REDIS_URL` must start with `ioredis://` and then include a `base64` encoded JSON string for the configuration.
-More info can be found in the upstream [ioredis](https://ioredis.readthedocs.io/en/latest/API/) documentation.
+More info can be found in the upstream [ioredis][redis-api] documentation.
 
 - When `REDIS_URL` is defined, the other redis (`REDIS_*`) variables are ignored.
 - When `REDIS_SOCKET` is defined, the other redis (`REDIS_*`) variables are ignored.
@@ -99,6 +111,9 @@ More info can be found in the upstream [ioredis](https://ioredis.readthedocs.io/
 
 Redis (Sentinel) URL example JSON before encoding:
 
+<details>
+<summary>JSON</summary>
+
 ```json
 {
   "sentinels": [
@@ -119,6 +134,8 @@ Redis (Sentinel) URL example JSON before encoding:
 }
 ```
 
+</details>
+
 ## Machine Learning
 
 | Variable                                         | Description                                                          |       Default       | Services         |
@@ -158,7 +175,7 @@ Other machine learning parameters can be tuned from the admin UI.
 
 ## Docker Secrets
 
-The following variables support the use of [Docker secrets](https://docs.docker.com/engine/swarm/secrets/) for additional security.
+The following variables support the use of [Docker secrets][docker-secrets] for additional security.
 
 To use any of these, replace the regular environment variable with the equivalent `_FILE` environment variable. The value of
 the `_FILE` variable should be set to the path of a file containing the variable value.
@@ -172,8 +189,14 @@ the `_FILE` variable should be set to the path of a file containing the variable
 | `DB_URL`           | `DB_URL_FILE`<sup>\*1</sup>                 |
 | `REDIS_PASSWORD`   | `REDIS_PASSWORD_FILE`<sup>\*2</sup>         |
 
-\*1: See the [official documentation](https://github.com/docker-library/docs/tree/master/postgres#docker-secrets) for
+\*1: See the [official documentation][docker-secrets-docs] for
 details on how to use Docker Secrets in the Postgres image.
 
-\*2: See [this comment](https://github.com/docker-library/redis/issues/46#issuecomment-335326234) for an example of how
+\*2: See [this comment][docker-secrets-example] for an example of how
 to use use a Docker secret for the password in the Redis container.
+
+[tz-list]: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
+[docker-secrets-example]: https://github.com/docker-library/redis/issues/46#issuecomment-335326234
+[docker-secrets-docs]: https://github.com/docker-library/docs/tree/master/postgres#docker-secrets
+[docker-secrets]: https://docs.docker.com/engine/swarm/secrets/
+[redis-api]: https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository

docs/docs/install/kubernetes.md

@@ -4,9 +4,9 @@ sidebar_position: 40
 
 # Kubernetes
 
-You can deploy Immich on Kubernetes using [the official Helm chart](https://github.com/immich-app/immich-charts/tree/main/charts/immich).
+You can deploy Immich on Kubernetes using [the official Helm chart](https://github.com/immich-app/immich-charts/blob/main/README.md).
 
-If you want examples of how other people run Immich on Kubernetes, using the official chart or otherwise, you can find them at https://nanne.dev/k8s-at-home-search/#/immich.
+You can view some [examples](https://kubesearch.dev/#/immich) of how other people run Immich on Kubernetes, using the official chart or otherwise.
 
 :::caution DNS in Alpine containers
 Immich makes use of Alpine container images. These can encounter [a DNS resolution bug](https://stackoverflow.com/a/65593511) on Kubernetes clusters if the host

docs/docs/install/portainer.md

@@ -8,7 +8,7 @@ Install Immich using Portainer's Stack feature.
 
 1. Go to "**Stacks**" in the left sidebar.
 2. Click on "**Add stack**".
-3. Give the stack a name (i.e. Immich), and select "**Web Editor**" as the build method.
+3. Give the stack a name (i.e. immich), and select "**Web Editor**" as the build method.
 4. Copy the content of the `docker-compose.yml` file from the [GitHub repository](https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml).
 5. Replace `.env` with `stack.env` for all containers that need to use environment variables in the web editor.
 
@@ -38,8 +38,9 @@ style={{border: '1px solid #ddd'}}
 alt="Dot Env Example"
 />
 
-- Populate custom database information if necessary.
-- Populate `UPLOAD_LOCATION` with your preferred location for storing backup assets.
+- Change the default `DB_PASSWORD`, and add custom database connection information if necessary.
+- Change `DB_DATA_LOCATION` to a folder where the database will be saved to disk.
+- Change `UPLOAD_LOCATION` to a folder where media (uploaded and generated) will be stored.
 
 11. Click on "**Deploy the stack**".
 

docs/docs/install/requirements.md

@@ -15,12 +15,15 @@ Hardware and software requirements for Immich
 Immich requires the command `docker compose` - the similarly named `docker-compose` is [deprecated](https://docs.docker.com/compose/migrate/) and is no longer compatible with Immich.
 :::
 
-:::info Podman
-You can also use Podman to run the application. However, additional configuration might be required.
-:::
-
 ## Hardware
 
-- **OS**: Preferred unix-based operating system (Ubuntu, Debian, MacOS, etc). Windows works too, with [Docker Desktop on Windows](https://docs.docker.com/desktop/install/windows-install/)
-- **RAM**: At least 4GB, preferred 6GB.
-- **CPU**: At least 2 cores, preferred 4 cores.
+- **OS**: Recommended Linux operating system (Ubuntu, Debian, etc).
+  - Windows is supported with [Docker Desktop on Windows](https://docs.docker.com/desktop/install/windows-install/) or [WSL 2](https://docs.docker.com/desktop/wsl/).
+  - macOS is supported with [Docker Desktop on Mac](https://docs.docker.com/desktop/install/mac-install/).
+- **RAM**: Minimum 4GB, recommended 6GB.
+- **CPU**: Minimum 2 cores, recommended 4 cores.
+- **Storage**: Recommended Unix-compatible filesystem (EXT4, ZFS, APFS, etc.) with support for user/group ownership and permissions.
+  - This can present an issue for Windows users. See [here](/docs/install/environment-variables#supported-filesystems)
+    for more details and alternatives.
+  - The generation of thumbnails and transcoded video can increase the size of the photo library by 10-20% on average.
+  - Network shares are supported for the storage of image and video assets only.

docs/docs/overview/support-the-project.md

@@ -4,24 +4,8 @@ sidebar_position: 5
 
 # Support The Project
 
-I am committed to this project, and I will not stop. I will keep updating the docs, adding new features, and fixing bugs. But I can't do it alone, so I need your help to give me additional motivation to keep going.
-
-As our hosts in the [selfhosted.show - In the episode 'The-organization-which-must-not-be-named is a Hostile Actor'](https://selfhosted.show/79?t=1418) said, this is a massive undertaking that the team and I are doing. I would love to someday be able to do this full-time, and I am asking for your help to make that happen.
-
-If you feel like this is the right cause and the app is something you see yourself using for a long time, please consider supporting the project with one of the options below.
-
-## Donation
-
-- Monthly donation via [GitHub Sponsors](https://github.com/sponsors/immich-app)
-- One-time donation via [GitHub Sponsors](https://github.com/sponsors/immich-app?frequency=one-time)
-- [Librepay](https://liberapay.com/alex.tran1502/)
-- [buymeacoffee](https://www.buymeacoffee.com/altran1502)
-- Bitcoin: 3QVAb9dCHutquVejeNXitPqZX26Yg5kxb7
-
 ## Contributing
 
-There are lots of non-monetary ways to contribute to Immich as well.
-
 1. Testing - Using Immich and reporting bugs is a great way to help support the project. Found a bug? [Open an issue on GitHub][github-issue].
 1. Translations - The Immich mobile app has been translated into [17 languages][github-langs] so far! To contribute with translations, email me at alex.tran1502@gmail.com or send me a message on discord.
 1. Development - If you are a programmer or developer, take a look at Immich's [technology stack](/docs/developer/architecture.mdx) and consider fixing bugs or building new features. The team and I are always looking for new contributors. For information about how to contribute as a developer, see the [Developer](/docs/developer/architecture.mdx) section.

docs/docs/partials/_storage-template.md

@@ -1,4 +1,4 @@
-Immich allows the admin user to set the uploaded filename pattern. Both at the directory and filename level.
+Immich allows the admin user to set the uploaded filename pattern at the directory and filename level as well as the [storage label for a user](/docs/administration/user-management/#set-storage-label-for-user).
 
 :::note new version
 On new machines running version 1.92.0 storage template engine is off by default, for [more info](https://github.com/immich-app/immich/releases/tag/v1.92.0#:~:text=the%20partner%E2%80%99s%20assets.-,Hardening%20storage%20template,-We%20have%20further).
@@ -14,6 +14,12 @@ The admin user can set the template by using the template builder in the `Admini
 Year/Year-Month-Day/Filename.Extension
 ```
 
+If you want to change the storage template during the initial setup, first enable the feature.
+
+<img src={require('./img/enable-storage-template.png').default} width="100%" title="Enable Storage Template Setting" />
+
+Then, customize your storage template.
+
 <img src={require('./img/storage-template.png').default} width="100%" title="Storage Template Setting" />
 
 :::tip

docs/docs/partials/_user-create.md

@@ -1,3 +1,9 @@
-If you have friends or family members who want to use the application as well, you can create addition accounts. The default password is `password`, and the user can change their password after logging in to the application for the first time.
+If you have friends or family members who want to use the application as well, you can create additional accounts for them.
 
-<img src={require('./img/create-new-user.png').default} title='Admin Registration' />
+<img src={require('./img/create-new-user.png').default} width="90%" title='New User Registration' />
+
+In the Administration panel, you can click on the **Create user** button, and you'll be presented with the following dialog:
+
+<img src={require('./img/create-new-user-dialog.png').default} width="90%" title='New User Registration Dialog' />
+
+You can then set an initial password. If you'd like, you can use an easy password like `password`, and keep the setting **Require user to change password on first login** active. This will prompt the user to change their password on first login, to a password that they choose.

docs/docusaurus.config.js

@@ -119,6 +119,11 @@ const config = {
             label: 'GitHub',
             position: 'right',
           },
+          {
+            href: 'https://discord.gg/D8JsnBEuKb',
+            label: 'Discord',
+            position: 'right',
+          },
         ],
       },
       footer: {
@@ -144,6 +149,10 @@ const config = {
                 label: 'Discord',
                 href: 'https://discord.com/invite/D8JsnBEuKb',
               },
+              {
+                label: 'Reddit',
+                href: 'https://www.reddit.com/r/immich/',
+              },
             ],
           },
           {
@@ -157,6 +166,10 @@ const config = {
                 label: 'GitHub',
                 href: 'https://github.com/immich-app/immich',
               },
+              {
+                label: 'YouTube',
+                href: 'https://www.youtube.com/@immich-app',
+              },
             ],
           },
         ],

docs/package.json

@@ -16,8 +16,8 @@
     "write-heading-ids": "docusaurus write-heading-ids"
   },
   "dependencies": {
-    "@docusaurus/core": "^3.1.0",
-    "@docusaurus/preset-classic": "^3.1.0",
+    "@docusaurus/core": "^3.2.1",
+    "@docusaurus/preset-classic": "^3.2.1",
     "@mdi/js": "^7.3.67",
     "@mdi/react": "^1.6.1",
     "@mdx-js/react": "^3.0.0",
@@ -25,7 +25,7 @@
     "classnames": "^2.3.2",
     "clsx": "^2.0.0",
     "docusaurus-lunr-search": "^3.3.2",
-    "docusaurus-preset-openapi": "^0.7.3",
+    "docusaurus-preset-openapi": "^0.7.5",
     "postcss": "^8.4.25",
     "prism-react-renderer": "^2.3.1",
     "raw-loader": "^4.0.2",
@@ -53,6 +53,9 @@
     ]
   },
   "engines": {
-    "node": ">=16.14"
+    "node": ">=20"
+  },
+  "volta": {
+    "node": "20.13.1"
   }
 }

docs/src/components/community-guides.tsx

@@ -0,0 +1,76 @@
+import Link from '@docusaurus/Link';
+import React from 'react';
+
+interface CommunityGuidesProps {
+  title: string;
+  description: string;
+  url: string;
+}
+
+const guides: CommunityGuidesProps[] = [
+  {
+    title: 'Cloudflare Tunnels with SSO/OAuth',
+    description: `Setting up Cloudflare Tunnels and a SaaS App for Immich.`,
+    url: 'https://github.com/immich-app/immich/discussions/8299',
+  },
+  {
+    title: 'Database backup in TrueNAS',
+    description: `Create a database backup with pgAdmin in TrueNAS.`,
+    url: 'https://github.com/immich-app/immich/discussions/8809',
+  },
+  {
+    title: 'Unraid backup scripts',
+    description: `Back up your assets in Unraid with a pre-prepared script.`,
+    url: 'https://github.com/immich-app/immich/discussions/8416',
+  },
+  {
+    title: 'Sync folders with albums',
+    description: `synchronize folders in imported library with albums having the folders name.`,
+    url: 'https://github.com/immich-app/immich/discussions/3382',
+  },
+  {
+    title: 'Podman/Quadlets Install',
+    description: 'Documentation for simple podman setup using quadlets.',
+    url: 'https://github.com/tbelway/immich-podman-quadlets/blob/main/docs/install/podman-quadlet.md',
+  },
+  {
+    title: 'Google Photos import + albums',
+    description: 'Import your Google Photos files into Immich and add your albums',
+    url: 'https://github.com/immich-app/immich/discussions/1340',
+  },
+];
+
+function CommunityGuide({ title, description, url }: CommunityGuidesProps): JSX.Element {
+  return (
+    <section className="flex flex-col gap-4 justify-between dark:bg-immich-dark-gray bg-immich-gray dark:border-0 border-gray-200 border border-solid rounded-2xl p-4">
+      <div className="flex flex-col gap-2">
+        <p className="m-0 items-start flex gap-2">
+          <span>{title}</span>
+        </p>
+
+        <p className="m-0 text-sm text-gray-600 dark:text-gray-300">{description}</p>
+        <p className="m-0 text-sm text-gray-600 dark:text-gray-300">
+          <a href={url}>{url}</a>
+        </p>
+      </div>
+      <div className="flex">
+        <Link
+          className="px-4 py-2 bg-immich-primary/10 dark:bg-gray-300  rounded-full hover:no-underline text-immich-primary dark:text-immich-dark-bg font-bold uppercase"
+          to={url}
+        >
+          View Guide
+        </Link>
+      </div>
+    </section>
+  );
+}
+
+export default function CommunityGuides(): JSX.Element {
+  return (
+    <div className="grid grid-cols-1 xl:grid-cols-2 gap-4">
+      {guides.map((guides) => (
+        <CommunityGuide {...guides} />
+      ))}
+    </div>
+  );
+}

docs/src/components/community-projects.tsx

@@ -10,7 +10,7 @@ interface CommunityProjectProps {
 const projects: CommunityProjectProps[] = [
   {
     title: 'immich-go',
-    description: `An alternative to the immich-CLI command that doesn't depend on nodejs installation. It tries its best for importing google photos takeout archives.`,
+    description: `An alternative to the immich-CLI that doesn't depend on nodejs. It specializes in importing Google Photos Takeout archives.`,
     url: 'https://github.com/simulot/immich-go',
   },
   {
@@ -25,8 +25,8 @@ const projects: CommunityProjectProps[] = [
   },
   {
     title: 'Remove offline files',
-    description: 'A Python script to remove offline files.',
-    url: 'https://gist.github.com/Thoroslives/ca5d8e1efd15111febc1e7b34ac72668',
+    description: 'A simple way to remove orphaned offline assets from the Immich database',
+    url: 'https://github.com/Thoroslives/immich_remove_offline_files',
   },
   {
     title: 'Create albums from folders',
@@ -34,9 +34,34 @@ const projects: CommunityProjectProps[] = [
     url: 'https://github.com/Salvoxia/immich-folder-album-creator',
   },
   {
-    title: 'Podman/Quadlets Install',
-    description: 'Documentation for simple podman setup using quadlets.',
-    url: 'https://github.com/tbelway/immich-podman-quadlets/blob/main/docs/install/podman-quadlet.md',
+    title: 'Immich-Tools',
+    description: 'Provides scripts for handling problems on the repair page.',
+    url: 'https://github.com/clumsyCoder00/Immich-Tools',
+  },
+  {
+    title: 'Lightroom Publisher: mi.Immich.Publisher',
+    description: 'Lightroom plugin to publish photos from Lightroom collections to Immich albums.',
+    url: 'https://github.com/midzelis/mi.Immich.Publisher',
+  },
+  {
+    title: 'Immich Duplicate Finder',
+    description: 'Webapp that uses machine learning to identify near-duplicate images.',
+    url: 'https://github.com/vale46n1/immich_duplicate_finder',
+  },
+  {
+    title: 'Immich-Tiktok-Remover',
+    description: 'Script to search for and remove TikTok videos from your Immich library.',
+    url: 'https://github.com/mxc2/immich-tiktok-remover',
+  },
+  {
+    title: 'Immich Android TV',
+    description: 'Unofficial Immich Android TV app.',
+    url: 'https://github.com/giejay/Immich-Android-TV',
+  },
+  {
+    title: 'Powershell Module PSImmich',
+    description: 'Powershell Module for the Immich API',
+    url: 'https://github.com/hanpq/PSImmich',
   },
 ];
 

docs/src/components/timeline.tsx

@@ -7,7 +7,7 @@ export interface Item {
   icon: string;
   title: string;
   description?: string;
-  release: string;
+  release?: string;
   tag?: string;
   date: Date;
   dateType: DateType;
@@ -70,10 +70,10 @@ export default function Timeline({ items }: Props): JSX.Element {
                       target="_blank"
                       rel="noopener"
                     >
-                      [{item.release}]{' '}
+                      [{item.release ?? item.tag}]{' '}
                     </a>
                   ) : (
-                    <span>[{item.release}]</span>
+                    item.release && <span>[{item.release}]</span>
                   )}
                 </span>
               </div>

docs/src/css/custom.css

@@ -19,8 +19,8 @@ button {
 :root {
   --ifm-color-primary: #4250af;
   --ifm-color-primary-dark: #4250af;
-  --ifm-color-primary-darker: 4250af;
-  --ifm-color-primary-darkest: 4250af;
+  --ifm-color-primary-darker: #4250af;
+  --ifm-color-primary-darkest: #4250af;
   --ifm-color-primary-light: #4250af;
   --ifm-color-primary-lighter: #4250af;
   --ifm-color-primary-lightest: #4250af;
@@ -41,6 +41,10 @@ button {
   --docusaurus-highlighted-code-line-bg: rgba(0, 0, 0, 0.3);
 }
 
+div[class^='announcementBar_'] {
+  height: 2rem;
+}
+
 .navbar__brand .navbar__title {
   @apply font-immich-title text-2xl font-normal text-immich-primary dark:text-immich-dark-primary;
 }

docs/src/pages/index.tsx

@@ -34,14 +34,12 @@ function HomepageHeader() {
             Demo portal
           </Link>
 
-          <a
-            href="https://github.com/sponsors/immich-app"
-            target="_blank"
-            rel="noreferrer"
-            className="flex place-items-center place-content-center py-3 px-8 border bg-immich-sponsor rounded-full no-underline hover:no-underline text-white dark:text-immich-dark-bg dark:bg-immich-sponsor hover:text-white font-bold uppercase"
+          <Link
+            className="flex place-items-center place-content-center py-3 px-8 border bg-immich-dark-primary dark:bg-immich-primary  rounded-full hover:no-underline text-immich-primary dark:text-immich-dark-bg font-bold uppercase"
+            to="https://discord.gg/D8JsnBEuKb"
           >
-            Sponsor
-          </a>
+            Discord
+          </Link>
         </div>
         <img src="/img/immich-screenshots.png" alt="screenshots" width={'70%'} />
         <div className="flex flex-col sm:flex-row place-items-center place-content-center mt-4 gap-1">

docs/src/pages/milestones.tsx

@@ -51,12 +51,60 @@ import {
   mdiVideo,
   mdiWeb,
   mdiScaleBalance,
+  mdiMagnifyScan,
+  mdiChartBoxMultipleOutline,
+  mdiAccountGroupOutline,
+  mdiFlowerPoppy,
+  mdiHandshakeOutline,
 } from '@mdi/js';
 import Layout from '@theme/Layout';
 import React from 'react';
 import Timeline, { DateType, Item } from '../components/timeline';
 
 const items: Item[] = [
+  {
+    icon: mdiHandshakeOutline,
+    description: 'Joined Futo and Immich core team goes full-time',
+    title: 'Immich joins FUTO!',
+    date: new Date(2024, 4, 1),
+    dateType: DateType.DATE,
+  },
+  {
+    icon: mdiStar,
+    description: 'Reached 30K Stars on GitHub!',
+    title: '30,000 Stars',
+    release: 'v1.102.0',
+    tag: 'v1.102.0',
+    date: new Date(2024, 3, 15),
+    dateType: DateType.RELEASE,
+  },
+  {
+    icon: mdiChartBoxMultipleOutline,
+    description: 'OpenTelemetry metrics for local evaluation and advanced debugging',
+    title: 'OpenTelemetry metrics',
+    release: 'v1.99.0',
+    tag: 'v1.99.0',
+    date: new Date(2024, 2, 20),
+    dateType: DateType.RELEASE,
+  },
+  {
+    icon: mdiFlowerPoppy,
+    description: 'Immich got its new logo',
+    title: 'New logo',
+    release: 'v1.98.0',
+    tag: 'v1.98.0',
+    date: new Date(2024, 2, 7),
+    dateType: DateType.RELEASE,
+  },
+  {
+    icon: mdiMagnifyScan,
+    description: 'Advanced search with filters by date, location and more',
+    title: 'Search enhancement with advanced filters',
+    release: 'v1.95.0',
+    tag: 'v1.95.0',
+    date: new Date(2024, 1, 20),
+    dateType: DateType.RELEASE,
+  },
   {
     icon: mdiScaleBalance,
     description: 'Immich switches to AGPLv3 license',
@@ -84,6 +132,15 @@ const items: Item[] = [
     date: new Date(2024, 0, 31),
     dateType: DateType.RELEASE,
   },
+  {
+    icon: mdiAccountGroupOutline,
+    description: '250 amazing people contributed to Immich',
+    title: '250 unique contributors',
+    release: 'v1.93.0',
+    tag: 'v1.93.0',
+    date: new Date(2024, 0, 19),
+    dateType: DateType.RELEASE,
+  },
   {
     icon: mdiMatrix,
     description: 'Moved the search from typesense to pgvecto.rs',
@@ -132,7 +189,7 @@ const items: Item[] = [
   },
   {
     icon: mdiStar,
-    description: 'Reach 20K Stars on GitHub!',
+    description: 'Reached 20K Stars on GitHub!',
     title: '20,000 Stars',
     release: 'v1.83.0',
     tag: 'v1.83.0',
@@ -393,7 +450,7 @@ const items: Item[] = [
   },
   {
     icon: mdiStar,
-    description: 'Reach 10K Stars on GitHub!',
+    description: 'Reached 10K Stars on GitHub!',
     title: '10,000 Stars',
     release: 'v1.54.0',
     tag: 'v1.54.0',

docs/tailwind.config.js

@@ -20,8 +20,6 @@ module.exports = {
         'immich-dark-bg': 'black',
         'immich-dark-fg': '#e5e7eb',
         'immich-dark-gray': '#212121',
-
-        'immich-sponsor': '#db61a2',
       },
       fontFamily: {
         'immich-title': ['Snowburst One', 'cursive'],

e2e/.nvmrc

@@ -0,0 +1 @@
+20.13

e2e/docker-compose.yml

@@ -2,41 +2,32 @@ version: '3.8'
 
 name: immich-e2e
 
-x-server-build: &server-common
-  image: immich-server:latest
-  build:
-    context: ../
-    dockerfile: server/Dockerfile
-  environment:
-    - DB_HOSTNAME=database
-    - DB_USERNAME=postgres
-    - DB_PASSWORD=postgres
-    - DB_DATABASE_NAME=immich
-    - REDIS_HOSTNAME=redis
-    - IMMICH_MACHINE_LEARNING_ENABLED=false
-    - IMMICH_METRICS=true
-  volumes:
-    - upload:/usr/src/app/upload
-    - ../server/test/assets:/data/assets
-  depends_on:
-    - redis
-    - database
-
 services:
   immich-server:
     container_name: immich-e2e-server
-    command: ['./start.sh', 'immich']
-    <<: *server-common
+    command: ['./start.sh']
+    image: immich-server:latest
+    build:
+      context: ../
+      dockerfile: server/Dockerfile
+    environment:
+      - DB_HOSTNAME=database
+      - DB_USERNAME=postgres
+      - DB_PASSWORD=postgres
+      - DB_DATABASE_NAME=immich
+      - IMMICH_MACHINE_LEARNING_ENABLED=false
+      - IMMICH_METRICS=true
+    volumes:
+      - upload:/usr/src/app/upload
+      - ./test-assets:/test-assets
+    depends_on:
+      - redis
+      - database
     ports:
       - 2283:3001
 
-  immich-microservices:
-    container_name: immich-e2e-microservices
-    command: ['./start.sh', 'microservices']
-    <<: *server-common
-
   redis:
-    image: redis:6.2-alpine@sha256:3fcb624d83a9c478357f16dc173c58ded325ccc5fd2a4375f3916c04cc579f70
+    image: redis:6.2-alpine@sha256:e31ca60b18f7e9b78b573d156702471d4eda038803c0b8e6f01559f350031e93
 
   database:
     image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0

e2e/package.json

@@ -1,6 +1,6 @@
 {
   "name": "immich-e2e",
-  "version": "1.101.0",
+  "version": "1.105.1",
   "description": "",
   "main": "index.js",
   "type": "module",
@@ -21,7 +21,7 @@
   "devDependencies": {
     "@immich/cli": "file:../cli",
     "@immich/sdk": "file:../open-api/typescript-sdk",
-    "@playwright/test": "^1.41.2",
+    "@playwright/test": "^1.44.1",
     "@types/luxon": "^3.4.2",
     "@types/node": "^20.11.17",
     "@types/pg": "^8.11.0",
@@ -33,16 +33,20 @@
     "eslint": "^8.57.0",
     "eslint-config-prettier": "^9.1.0",
     "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-unicorn": "^52.0.0",
-    "exiftool-vendored": "^24.5.0",
+    "eslint-plugin-unicorn": "^53.0.0",
+    "exiftool-vendored": "^26.0.0",
     "luxon": "^3.4.4",
     "pg": "^8.11.3",
     "pngjs": "^7.0.0",
     "prettier": "^3.2.5",
     "prettier-plugin-organize-imports": "^3.2.4",
     "socket.io-client": "^4.7.4",
-    "supertest": "^6.3.4",
+    "supertest": "^7.0.0",
     "typescript": "^5.3.3",
+    "utimes": "^5.2.1",
     "vitest": "^1.3.0"
+  },
+  "volta": {
+    "node": "20.13.1"
   }
 }

e2e/src/api/specs/activity.e2e-spec.ts

@@ -1,6 +1,7 @@
 import {
   ActivityCreateDto,
   AlbumResponseDto,
+  AlbumUserRole,
   AssetFileUploadResponseDto,
   LoginResponseDto,
   ReactionType,
@@ -13,7 +14,7 @@ import { app, asBearerAuth, utils } from 'src/utils';
 import request from 'supertest';
 import { beforeAll, beforeEach, describe, expect, it } from 'vitest';
 
-describe('/activity', () => {
+describe('/activities', () => {
   let admin: LoginResponseDto;
   let nonOwner: LoginResponseDto;
   let asset: AssetFileUploadResponseDto;
@@ -33,7 +34,7 @@ describe('/activity', () => {
         createAlbumDto: {
           albumName: 'Album 1',
           assetIds: [asset.id],
-          sharedWithUserIds: [nonOwner.userId],
+          albumUsers: [{ userId: nonOwner.userId, role: AlbumUserRole.Editor }],
         },
       },
       { headers: asBearerAuth(admin.accessToken) },
@@ -44,22 +45,24 @@ describe('/activity', () => {
     await utils.resetDatabase(['activity']);
   });
 
-  describe('GET /activity', () => {
+  describe('GET /activities', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get('/activity');
+      const { status, body } = await request(app).get('/activities');
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should require an albumId', async () => {
-      const { status, body } = await request(app).get('/activity').set('Authorization', `Bearer ${admin.accessToken}`);
+      const { status, body } = await request(app)
+        .get('/activities')
+        .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(400);
       expect(body).toEqual(errorDto.badRequest(expect.arrayContaining(['albumId must be a UUID'])));
     });
 
     it('should reject an invalid albumId', async () => {
       const { status, body } = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: uuidDto.invalid })
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(400);
@@ -68,7 +71,7 @@ describe('/activity', () => {
 
     it('should reject an invalid assetId', async () => {
       const { status, body } = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: uuidDto.notFound, assetId: uuidDto.invalid })
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(400);
@@ -77,7 +80,7 @@ describe('/activity', () => {
 
     it('should start off empty', async () => {
       const { status, body } = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: album.id })
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(body).toEqual([]);
@@ -101,7 +104,7 @@ describe('/activity', () => {
       ]);
 
       const { status, body } = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: album.id })
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(200);
@@ -120,7 +123,7 @@ describe('/activity', () => {
       ]);
 
       const { status, body } = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: album.id, type: 'comment' })
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(200);
@@ -139,7 +142,7 @@ describe('/activity', () => {
       ]);
 
       const { status, body } = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: album.id, type: 'like' })
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(200);
@@ -151,7 +154,7 @@ describe('/activity', () => {
       const reaction = await createActivity({ albumId: album.id, type: ReactionType.Like });
 
       const response1 = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: album.id, userId: uuidDto.notFound })
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
@@ -159,7 +162,7 @@ describe('/activity', () => {
       expect(response1.body.length).toBe(0);
 
       const response2 = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: album.id, userId: admin.userId })
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
@@ -179,7 +182,7 @@ describe('/activity', () => {
       ]);
 
       const { status, body } = await request(app)
-        .get('/activity')
+        .get('/activities')
         .query({ albumId: album.id, assetId: asset.id })
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(200);
@@ -188,16 +191,16 @@ describe('/activity', () => {
     });
   });
 
-  describe('POST /activity', () => {
+  describe('POST /activities', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post('/activity');
+      const { status, body } = await request(app).post('/activities');
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should require an albumId', async () => {
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ albumId: uuidDto.invalid });
       expect(status).toEqual(400);
@@ -206,7 +209,7 @@ describe('/activity', () => {
 
     it('should require a comment when type is comment', async () => {
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ albumId: uuidDto.notFound, type: 'comment', comment: null });
       expect(status).toEqual(400);
@@ -215,7 +218,7 @@ describe('/activity', () => {
 
     it('should add a comment to an album', async () => {
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({
           albumId: album.id,
@@ -235,7 +238,7 @@ describe('/activity', () => {
 
     it('should add a like to an album', async () => {
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ albumId: album.id, type: 'like' });
       expect(status).toEqual(201);
@@ -252,7 +255,7 @@ describe('/activity', () => {
     it('should return a 200 for a duplicate like on the album', async () => {
       const reaction = await createActivity({ albumId: album.id, type: ReactionType.Like });
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ albumId: album.id, type: 'like' });
       expect(status).toEqual(200);
@@ -266,7 +269,7 @@ describe('/activity', () => {
         type: ReactionType.Like,
       });
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ albumId: album.id, type: 'like' });
       expect(status).toEqual(201);
@@ -275,7 +278,7 @@ describe('/activity', () => {
 
     it('should add a comment to an asset', async () => {
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({
           albumId: album.id,
@@ -296,7 +299,7 @@ describe('/activity', () => {
 
     it('should add a like to an asset', async () => {
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ albumId: album.id, assetId: asset.id, type: 'like' });
       expect(status).toEqual(201);
@@ -318,7 +321,7 @@ describe('/activity', () => {
       });
 
       const { status, body } = await request(app)
-        .post('/activity')
+        .post('/activities')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ albumId: album.id, assetId: asset.id, type: 'like' });
       expect(status).toEqual(200);
@@ -326,16 +329,16 @@ describe('/activity', () => {
     });
   });
 
-  describe('DELETE /activity/:id', () => {
+  describe('DELETE /activities/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).delete(`/activity/${uuidDto.notFound}`);
+      const { status, body } = await request(app).delete(`/activities/${uuidDto.notFound}`);
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should require a valid uuid', async () => {
       const { status, body } = await request(app)
-        .delete(`/activity/${uuidDto.invalid}`)
+        .delete(`/activities/${uuidDto.invalid}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toBe(400);
       expect(body).toEqual(errorDto.badRequest(['id must be a UUID']));
@@ -348,7 +351,7 @@ describe('/activity', () => {
         comment: 'This is a test comment',
       });
       const { status } = await request(app)
-        .delete(`/activity/${reaction.id}`)
+        .delete(`/activities/${reaction.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(204);
     });
@@ -359,7 +362,7 @@ describe('/activity', () => {
         type: ReactionType.Like,
       });
       const { status } = await request(app)
-        .delete(`/activity/${reaction.id}`)
+        .delete(`/activities/${reaction.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(204);
     });
@@ -372,7 +375,7 @@ describe('/activity', () => {
       });
 
       const { status } = await request(app)
-        .delete(`/activity/${reaction.id}`)
+        .delete(`/activities/${reaction.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toEqual(204);
@@ -386,7 +389,7 @@ describe('/activity', () => {
       });
 
       const { status, body } = await request(app)
-        .delete(`/activity/${reaction.id}`)
+        .delete(`/activities/${reaction.id}`)
         .set('Authorization', `Bearer ${nonOwner.accessToken}`);
 
       expect(status).toBe(400);
@@ -404,7 +407,7 @@ describe('/activity', () => {
       );
 
       const { status } = await request(app)
-        .delete(`/activity/${reaction.id}`)
+        .delete(`/activities/${reaction.id}`)
         .set('Authorization', `Bearer ${nonOwner.accessToken}`);
 
       expect(status).toBe(204);

e2e/src/api/specs/album.e2e-spec.ts

@@ -1,12 +1,13 @@
 import {
+  addAssetsToAlbum,
   AlbumResponseDto,
+  AlbumUserRole,
   AssetFileUploadResponseDto,
   AssetOrder,
+  deleteUserAdmin,
+  getAlbumInfo,
   LoginResponseDto,
   SharedLinkType,
-  addAssetsToAlbum,
-  deleteUser,
-  getAlbumInfo,
 } from '@immich/sdk';
 import { createUserDto, uuidDto } from 'src/fixtures';
 import { errorDto } from 'src/responses';
@@ -14,14 +15,15 @@ import { app, asBearerAuth, utils } from 'src/utils';
 import request from 'supertest';
 import { beforeAll, beforeEach, describe, expect, it } from 'vitest';
 
-const user1SharedUser = 'user1SharedUser';
+const user1SharedEditorUser = 'user1SharedEditorUser';
+const user1SharedViewerUser = 'user1SharedViewerUser';
 const user1SharedLink = 'user1SharedLink';
 const user1NotShared = 'user1NotShared';
 const user2SharedUser = 'user2SharedUser';
 const user2SharedLink = 'user2SharedLink';
 const user2NotShared = 'user2NotShared';
 
-describe('/album', () => {
+describe('/albums', () => {
   let admin: LoginResponseDto;
   let user1: LoginResponseDto;
   let user1Asset1: AssetFileUploadResponseDto;
@@ -47,11 +49,10 @@ describe('/album', () => {
       utils.createAsset(user1.accessToken),
     ]);
 
-    const albums = await Promise.all([
-      // user 1
+    user1Albums = await Promise.all([
       utils.createAlbum(user1.accessToken, {
-        albumName: user1SharedUser,
-        sharedWithUserIds: [user2.userId],
+        albumName: user1SharedEditorUser,
+        albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Editor }],
         assetIds: [user1Asset1.id],
       }),
       utils.createAlbum(user1.accessToken, {
@@ -62,31 +63,36 @@ describe('/album', () => {
         albumName: user1NotShared,
         assetIds: [user1Asset1.id, user1Asset2.id],
       }),
-
-      // user 2
-      utils.createAlbum(user2.accessToken, {
-        albumName: user2SharedUser,
-        sharedWithUserIds: [user1.userId],
-      }),
-      utils.createAlbum(user2.accessToken, { albumName: user2SharedLink }),
-      utils.createAlbum(user2.accessToken, { albumName: user2NotShared }),
-
-      // user 3
-      utils.createAlbum(user3.accessToken, {
-        albumName: 'Deleted',
-        sharedWithUserIds: [user1.userId],
+      utils.createAlbum(user1.accessToken, {
+        albumName: user1SharedViewerUser,
+        albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Viewer }],
+        assetIds: [user1Asset1.id],
       }),
     ]);
 
+    user2Albums = await Promise.all([
+      utils.createAlbum(user2.accessToken, {
+        albumName: user2SharedUser,
+        albumUsers: [
+          { userId: user1.userId, role: AlbumUserRole.Editor },
+          { userId: user3.userId, role: AlbumUserRole.Editor },
+        ],
+      }),
+      utils.createAlbum(user2.accessToken, { albumName: user2SharedLink }),
+      utils.createAlbum(user2.accessToken, { albumName: user2NotShared }),
+    ]);
+
+    await utils.createAlbum(user3.accessToken, {
+      albumName: 'Deleted',
+      albumUsers: [{ userId: user1.userId, role: AlbumUserRole.Editor }],
+    });
+
     await addAssetsToAlbum(
-      { id: albums[3].id, bulkIdsDto: { ids: [user1Asset1.id] } },
+      { id: user2Albums[0].id, bulkIdsDto: { ids: [user1Asset1.id] } },
       { headers: asBearerAuth(user1.accessToken) },
     );
 
-    albums[3] = await getAlbumInfo({ id: albums[3].id }, { headers: asBearerAuth(user2.accessToken) });
-
-    user1Albums = albums.slice(0, 3);
-    user2Albums = albums.slice(3, 6);
+    user2Albums[0] = await getAlbumInfo({ id: user2Albums[0].id }, { headers: asBearerAuth(user2.accessToken) });
 
     await Promise.all([
       // add shared link to user1SharedLink album
@@ -101,19 +107,19 @@ describe('/album', () => {
       }),
     ]);
 
-    await deleteUser({ id: user3.userId, deleteUserDto: {} }, { headers: asBearerAuth(admin.accessToken) });
+    await deleteUserAdmin({ id: user3.userId, userAdminDeleteDto: {} }, { headers: asBearerAuth(admin.accessToken) });
   });
 
-  describe('GET /album', () => {
+  describe('GET /albums', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get('/album');
+      const { status, body } = await request(app).get('/albums');
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should reject an invalid shared param', async () => {
       const { status, body } = await request(app)
-        .get('/album?shared=invalid')
+        .get('/albums?shared=invalid')
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toEqual(400);
       expect(body).toEqual(errorDto.badRequest(['shared must be a boolean value']));
@@ -121,7 +127,7 @@ describe('/album', () => {
 
     it('should reject an invalid assetId param', async () => {
       const { status, body } = await request(app)
-        .get('/album?assetId=invalid')
+        .get('/albums?assetId=invalid')
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toEqual(400);
       expect(body).toEqual(errorDto.badRequest(['assetId must be a UUID']));
@@ -129,7 +135,7 @@ describe('/album', () => {
 
     it("should not show other users' favorites", async () => {
       const { status, body } = await request(app)
-        .get(`/album/${user1Albums[0].id}?withoutAssets=false`)
+        .get(`/albums/${user1Albums[0].id}?withoutAssets=false`)
         .set('Authorization', `Bearer ${user2.accessToken}`);
       expect(status).toEqual(200);
       expect(body).toEqual({
@@ -140,11 +146,11 @@ describe('/album', () => {
 
     it('should not return shared albums with a deleted owner', async () => {
       const { status, body } = await request(app)
-        .get('/album?shared=true')
+        .get('/albums?shared=true')
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
-      expect(body).toHaveLength(3);
+      expect(body).toHaveLength(4);
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({
@@ -154,7 +160,12 @@ describe('/album', () => {
           }),
           expect.objectContaining({
             ownerId: user1.userId,
-            albumName: user1SharedUser,
+            albumName: user1SharedEditorUser,
+            shared: true,
+          }),
+          expect.objectContaining({
+            ownerId: user1.userId,
+            albumName: user1SharedViewerUser,
             shared: true,
           }),
           expect.objectContaining({
@@ -167,14 +178,19 @@ describe('/album', () => {
     });
 
     it('should return the album collection including owned and shared', async () => {
-      const { status, body } = await request(app).get('/album').set('Authorization', `Bearer ${user1.accessToken}`);
+      const { status, body } = await request(app).get('/albums').set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
-      expect(body).toHaveLength(3);
+      expect(body).toHaveLength(4);
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({
             ownerId: user1.userId,
-            albumName: user1SharedUser,
+            albumName: user1SharedEditorUser,
+            shared: true,
+          }),
+          expect.objectContaining({
+            ownerId: user1.userId,
+            albumName: user1SharedViewerUser,
             shared: true,
           }),
           expect.objectContaining({
@@ -193,15 +209,20 @@ describe('/album', () => {
 
     it('should return the album collection filtered by shared', async () => {
       const { status, body } = await request(app)
-        .get('/album?shared=true')
+        .get('/albums?shared=true')
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
-      expect(body).toHaveLength(3);
+      expect(body).toHaveLength(4);
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({
             ownerId: user1.userId,
-            albumName: user1SharedUser,
+            albumName: user1SharedEditorUser,
+            shared: true,
+          }),
+          expect.objectContaining({
+            ownerId: user1.userId,
+            albumName: user1SharedViewerUser,
             shared: true,
           }),
           expect.objectContaining({
@@ -220,7 +241,7 @@ describe('/album', () => {
 
     it('should return the album collection filtered by NOT shared', async () => {
       const { status, body } = await request(app)
-        .get('/album?shared=false')
+        .get('/albums?shared=false')
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
       expect(body).toHaveLength(1);
@@ -237,7 +258,7 @@ describe('/album', () => {
 
     it('should return the album collection filtered by assetId', async () => {
       const { status, body } = await request(app)
-        .get(`/album?assetId=${user1Asset2.id}`)
+        .get(`/albums?assetId=${user1Asset2.id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
       expect(body).toHaveLength(1);
@@ -245,31 +266,31 @@ describe('/album', () => {
 
     it('should return the album collection filtered by assetId and ignores shared=true', async () => {
       const { status, body } = await request(app)
-        .get(`/album?shared=true&assetId=${user1Asset1.id}`)
+        .get(`/albums?shared=true&assetId=${user1Asset1.id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
-      expect(body).toHaveLength(4);
+      expect(body).toHaveLength(5);
     });
 
     it('should return the album collection filtered by assetId and ignores shared=false', async () => {
       const { status, body } = await request(app)
-        .get(`/album?shared=false&assetId=${user1Asset1.id}`)
+        .get(`/albums?shared=false&assetId=${user1Asset1.id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
-      expect(body).toHaveLength(4);
+      expect(body).toHaveLength(5);
     });
   });
 
-  describe('GET /album/:id', () => {
+  describe('GET /albums/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get(`/album/${user1Albums[0].id}`);
+      const { status, body } = await request(app).get(`/albums/${user1Albums[0].id}`);
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should return album info for own album', async () => {
       const { status, body } = await request(app)
-        .get(`/album/${user1Albums[0].id}?withoutAssets=false`)
+        .get(`/albums/${user1Albums[0].id}?withoutAssets=false`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
@@ -279,21 +300,27 @@ describe('/album', () => {
       });
     });
 
-    it('should return album info for shared album', async () => {
+    it('should return album info for shared album (editor)', async () => {
       const { status, body } = await request(app)
-        .get(`/album/${user2Albums[0].id}?withoutAssets=false`)
+        .get(`/albums/${user2Albums[0].id}?withoutAssets=false`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
-      expect(body).toEqual({
-        ...user2Albums[0],
-        assets: [expect.objectContaining({ id: user2Albums[0].assets[0].id })],
-      });
+      expect(body).toMatchObject({ id: user2Albums[0].id });
+    });
+
+    it('should return album info for shared album (viewer)', async () => {
+      const { status, body } = await request(app)
+        .get(`/albums/${user1Albums[3].id}?withoutAssets=false`)
+        .set('Authorization', `Bearer ${user2.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({ id: user1Albums[3].id });
     });
 
     it('should return album info with assets when withoutAssets is undefined', async () => {
       const { status, body } = await request(app)
-        .get(`/album/${user1Albums[0].id}`)
+        .get(`/albums/${user1Albums[0].id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
@@ -305,7 +332,7 @@ describe('/album', () => {
 
     it('should return album info without assets when withoutAssets is true', async () => {
       const { status, body } = await request(app)
-        .get(`/album/${user1Albums[0].id}?withoutAssets=true`)
+        .get(`/albums/${user1Albums[0].id}?withoutAssets=true`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
@@ -317,33 +344,33 @@ describe('/album', () => {
     });
   });
 
-  describe('GET /album/count', () => {
+  describe('GET /albums/count', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get('/album/count');
+      const { status, body } = await request(app).get('/albums/count');
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should return total count of albums the user has access to', async () => {
       const { status, body } = await request(app)
-        .get('/album/count')
+        .get('/albums/count')
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
-      expect(body).toEqual({ owned: 3, shared: 3, notShared: 1 });
+      expect(body).toEqual({ owned: 4, shared: 4, notShared: 1 });
     });
   });
 
-  describe('POST /album', () => {
+  describe('POST /albums', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post('/album').send({ albumName: 'New album' });
+      const { status, body } = await request(app).post('/albums').send({ albumName: 'New album' });
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should create an album', async () => {
       const { status, body } = await request(app)
-        .post('/album')
+        .post('/albums')
         .send({ albumName: 'New album' })
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(201);
@@ -356,7 +383,7 @@ describe('/album', () => {
         description: '',
         albumThumbnailAssetId: null,
         shared: false,
-        sharedUsers: [],
+        albumUsers: [],
         hasSharedLink: false,
         assets: [],
         assetCount: 0,
@@ -367,9 +394,9 @@ describe('/album', () => {
     });
   });
 
-  describe('PUT /album/:id/assets', () => {
+  describe('PUT /albums/:id/assets', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).put(`/album/${user1Albums[0].id}/assets`);
+      const { status, body } = await request(app).put(`/albums/${user1Albums[0].id}/assets`);
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
@@ -377,7 +404,7 @@ describe('/album', () => {
     it('should be able to add own asset to own album', async () => {
       const asset = await utils.createAsset(user1.accessToken);
       const { status, body } = await request(app)
-        .put(`/album/${user1Albums[0].id}/assets`)
+        .put(`/albums/${user1Albums[0].id}/assets`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
         .send({ ids: [asset.id] });
 
@@ -388,19 +415,44 @@ describe('/album', () => {
     it('should be able to add own asset to shared album', async () => {
       const asset = await utils.createAsset(user1.accessToken);
       const { status, body } = await request(app)
-        .put(`/album/${user2Albums[0].id}/assets`)
+        .put(`/albums/${user2Albums[0].id}/assets`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
         .send({ ids: [asset.id] });
 
       expect(status).toBe(200);
       expect(body).toEqual([expect.objectContaining({ id: asset.id, success: true })]);
     });
+
+    it('should not be able to add assets to album as a viewer', async () => {
+      const asset = await utils.createAsset(user2.accessToken);
+      const { status, body } = await request(app)
+        .put(`/albums/${user1Albums[3].id}/assets`)
+        .set('Authorization', `Bearer ${user2.accessToken}`)
+        .send({ ids: [asset.id] });
+
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest('Not found or no album.addAsset access'));
+    });
+
+    it('should add duplicate assets only once', async () => {
+      const asset = await utils.createAsset(user1.accessToken);
+      const { status, body } = await request(app)
+        .put(`/albums/${user1Albums[0].id}/assets`)
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset.id, asset.id] });
+
+      expect(status).toBe(200);
+      expect(body).toEqual([
+        expect.objectContaining({ id: asset.id, success: true }),
+        expect.objectContaining({ id: asset.id, success: false, error: 'duplicate' }),
+      ]);
+    });
   });
 
-  describe('PATCH /album/:id', () => {
+  describe('PATCH /albums/:id', () => {
     it('should require authentication', async () => {
       const { status, body } = await request(app)
-        .patch(`/album/${uuidDto.notFound}`)
+        .patch(`/albums/${uuidDto.notFound}`)
         .send({ albumName: 'New album name' });
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -411,7 +463,7 @@ describe('/album', () => {
         albumName: 'New album',
       });
       const { status, body } = await request(app)
-        .patch(`/album/${album.id}`)
+        .patch(`/albums/${album.id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
         .send({
           albumName: 'New album name',
@@ -425,12 +477,32 @@ describe('/album', () => {
         description: 'An album description',
       });
     });
+
+    it('should not be able to update as a viewer', async () => {
+      const { status, body } = await request(app)
+        .patch(`/albums/${user1Albums[3].id}`)
+        .set('Authorization', `Bearer ${user2.accessToken}`)
+        .send({ albumName: 'New album name' });
+
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest('Not found or no album.update access'));
+    });
+
+    it('should not be able to update as an editor', async () => {
+      const { status, body } = await request(app)
+        .patch(`/albums/${user1Albums[0].id}`)
+        .set('Authorization', `Bearer ${user2.accessToken}`)
+        .send({ albumName: 'New album name' });
+
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest('Not found or no album.update access'));
+    });
   });
 
-  describe('DELETE /album/:id/assets', () => {
+  describe('DELETE /albums/:id/assets', () => {
     it('should require authentication', async () => {
       const { status, body } = await request(app)
-        .delete(`/album/${user1Albums[0].id}/assets`)
+        .delete(`/albums/${user1Albums[0].id}/assets`)
         .send({ ids: [user1Asset1.id] });
 
       expect(status).toBe(401);
@@ -439,7 +511,7 @@ describe('/album', () => {
 
     it('should not be able to remove foreign asset from own album', async () => {
       const { status, body } = await request(app)
-        .delete(`/album/${user2Albums[0].id}/assets`)
+        .delete(`/albums/${user2Albums[0].id}/assets`)
         .set('Authorization', `Bearer ${user2.accessToken}`)
         .send({ ids: [user1Asset1.id] });
 
@@ -455,7 +527,7 @@ describe('/album', () => {
 
     it('should not be able to remove foreign asset from foreign album', async () => {
       const { status, body } = await request(app)
-        .delete(`/album/${user1Albums[0].id}/assets`)
+        .delete(`/albums/${user1Albums[0].id}/assets`)
         .set('Authorization', `Bearer ${user2.accessToken}`)
         .send({ ids: [user1Asset1.id] });
 
@@ -471,7 +543,7 @@ describe('/album', () => {
 
     it('should be able to remove own asset from own album', async () => {
       const { status, body } = await request(app)
-        .delete(`/album/${user1Albums[0].id}/assets`)
+        .delete(`/albums/${user1Albums[0].id}/assets`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
         .send({ ids: [user1Asset1.id] });
 
@@ -481,13 +553,36 @@ describe('/album', () => {
 
     it('should be able to remove own asset from shared album', async () => {
       const { status, body } = await request(app)
-        .delete(`/album/${user2Albums[0].id}/assets`)
+        .delete(`/albums/${user2Albums[0].id}/assets`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
         .send({ ids: [user1Asset1.id] });
 
       expect(status).toBe(200);
       expect(body).toEqual([expect.objectContaining({ id: user1Asset1.id, success: true })]);
     });
+
+    it('should not be able to remove assets from album as a viewer', async () => {
+      const { status, body } = await request(app)
+        .delete(`/albums/${user1Albums[3].id}/assets`)
+        .set('Authorization', `Bearer ${user2.accessToken}`)
+        .send({ ids: [user1Asset1.id] });
+
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest('Not found or no album.removeAsset access'));
+    });
+
+    it('should remove duplicate assets only once', async () => {
+      const { status, body } = await request(app)
+        .delete(`/albums/${user1Albums[1].id}/assets`)
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [user1Asset1.id, user1Asset1.id] });
+
+      expect(status).toBe(200);
+      expect(body).toEqual([
+        expect.objectContaining({ id: user1Asset1.id, success: true }),
+        expect.objectContaining({ id: user1Asset1.id, success: false, error: 'not_found' }),
+      ]);
+    });
   });
 
   describe('PUT :id/users', () => {
@@ -500,7 +595,7 @@ describe('/album', () => {
     });
 
     it('should require authentication', async () => {
-      const { status, body } = await request(app).put(`/album/${user1Albums[0].id}/users`).send({ sharedUserIds: [] });
+      const { status, body } = await request(app).put(`/albums/${user1Albums[0].id}/users`).send({ sharedUserIds: [] });
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -508,23 +603,27 @@ describe('/album', () => {
 
     it('should be able to add user to own album', async () => {
       const { status, body } = await request(app)
-        .put(`/album/${album.id}/users`)
+        .put(`/albums/${album.id}/users`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
-        .send({ sharedUserIds: [user2.userId] });
+        .send({ albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Editor }] });
 
       expect(status).toBe(200);
       expect(body).toEqual(
         expect.objectContaining({
-          sharedUsers: [expect.objectContaining({ id: user2.userId })],
+          albumUsers: [
+            expect.objectContaining({
+              user: expect.objectContaining({ id: user2.userId }),
+            }),
+          ],
         }),
       );
     });
 
     it('should not be able to share album with owner', async () => {
       const { status, body } = await request(app)
-        .put(`/album/${album.id}/users`)
+        .put(`/albums/${album.id}/users`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
-        .send({ sharedUserIds: [user1.userId] });
+        .send({ albumUsers: [{ userId: user1.userId, role: AlbumUserRole.Editor }] });
 
       expect(status).toBe(400);
       expect(body).toEqual(errorDto.badRequest('Cannot be shared with owner'));
@@ -532,17 +631,62 @@ describe('/album', () => {
 
     it('should not be able to add existing user to shared album', async () => {
       await request(app)
-        .put(`/album/${album.id}/users`)
+        .put(`/albums/${album.id}/users`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
-        .send({ sharedUserIds: [user2.userId] });
+        .send({ albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Editor }] });
 
       const { status, body } = await request(app)
-        .put(`/album/${album.id}/users`)
+        .put(`/albums/${album.id}/users`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
-        .send({ sharedUserIds: [user2.userId] });
+        .send({ albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Editor }] });
 
       expect(status).toBe(400);
       expect(body).toEqual(errorDto.badRequest('User already added'));
     });
   });
+
+  describe('PUT :id/user/:userId', () => {
+    it('should allow the album owner to change the role of a shared user', async () => {
+      const album = await utils.createAlbum(user1.accessToken, {
+        albumName: 'testAlbum',
+        albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Viewer }],
+      });
+
+      expect(album.albumUsers[0].role).toEqual(AlbumUserRole.Viewer);
+
+      const { status } = await request(app)
+        .put(`/albums/${album.id}/user/${user2.userId}`)
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ role: AlbumUserRole.Editor });
+
+      expect(status).toBe(200);
+
+      // Get album to verify the role change
+      const { body } = await request(app)
+        .get(`/albums/${album.id}`)
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+      expect(body).toEqual(
+        expect.objectContaining({
+          albumUsers: [expect.objectContaining({ role: AlbumUserRole.Editor })],
+        }),
+      );
+    });
+
+    it('should not allow a shared user to change the role of another shared user', async () => {
+      const album = await utils.createAlbum(user1.accessToken, {
+        albumName: 'testAlbum',
+        albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Viewer }],
+      });
+
+      expect(album.albumUsers[0].role).toEqual(AlbumUserRole.Viewer);
+
+      const { status, body } = await request(app)
+        .put(`/albums/${album.id}/user/${user2.userId}`)
+        .set('Authorization', `Bearer ${user2.accessToken}`)
+        .send({ role: AlbumUserRole.Editor });
+
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest('Not found or no album.share access'));
+    });
+  });
 });

e2e/src/api/specs/asset.e2e-spec.ts

@@ -2,11 +2,10 @@ import {
   AssetFileUploadResponseDto,
   AssetResponseDto,
   AssetTypeEnum,
-  LibraryResponseDto,
   LoginResponseDto,
   SharedLinkType,
-  getAllLibraries,
   getAssetInfo,
+  getMyUser,
   updateAssets,
 } from '@immich/sdk';
 import { exiftool } from 'exiftool-vendored';
@@ -73,7 +72,7 @@ describe('/asset', () => {
   let stackAssets: AssetFileUploadResponseDto[];
   let locationAsset: AssetFileUploadResponseDto;
 
-  beforeAll(async () => {
+  const setupTests = async () => {
     await utils.resetDatabase();
     admin = await utils.adminSetup({ onboarding: false });
 
@@ -87,6 +86,8 @@ describe('/asset', () => {
       utils.userSetup(admin.accessToken, createUserDto.create('stack')),
     ]);
 
+    await utils.createPartner(user1.accessToken, user2.userId);
+
     // asset location
     locationAsset = await utils.createAsset(admin.accessToken, {
       assetData: {
@@ -102,7 +103,6 @@ describe('/asset', () => {
       utils.createAsset(user1.accessToken),
       utils.createAsset(user1.accessToken, {
         isFavorite: true,
-        isReadOnly: true,
         fileCreatedAt: yesterday.toISO(),
         fileModifiedAt: yesterday.toISO(),
         assetData: { filename: 'example.mp4' },
@@ -157,7 +157,8 @@ describe('/asset', () => {
       assetId: user1Assets[0].id,
       personId: person1.id,
     });
-  }, 30_000);
+  };
+  beforeAll(setupTests, 30_000);
 
   afterAll(() => {
     utils.disconnectWebsocket(websocket);
@@ -234,6 +235,35 @@ describe('/asset', () => {
       expect(data.status).toBe(200);
       expect(data.body).toMatchObject({ people: [] });
     });
+
+    describe('partner assets', () => {
+      it('should get the asset info', async () => {
+        const { status, body } = await request(app)
+          .get(`/asset/${user1Assets[0].id}`)
+          .set('Authorization', `Bearer ${user2.accessToken}`);
+        expect(status).toBe(200);
+        expect(body).toMatchObject({ id: user1Assets[0].id });
+      });
+
+      it('disallows viewing archived assets', async () => {
+        const asset = await utils.createAsset(user1.accessToken, { isArchived: true });
+
+        const { status } = await request(app)
+          .get(`/asset/${asset.id}`)
+          .set('Authorization', `Bearer ${user2.accessToken}`);
+        expect(status).toBe(400);
+      });
+
+      it('disallows viewing trashed assets', async () => {
+        const asset = await utils.createAsset(user1.accessToken);
+        await utils.deleteAssets(user1.accessToken, [asset.id]);
+
+        const { status } = await request(app)
+          .get(`/asset/${asset.id}`)
+          .set('Authorization', `Bearer ${user2.accessToken}`);
+        expect(status).toBe(400);
+      });
+    });
   });
 
   describe('GET /asset/statistics', () => {
@@ -541,272 +571,6 @@ describe('/asset', () => {
     });
   });
 
-  describe('POST /asset/upload', () => {
-    it('should require authentication', async () => {
-      const { status, body } = await request(app).post(`/asset/upload`);
-      expect(body).toEqual(errorDto.unauthorized);
-      expect(status).toBe(401);
-    });
-
-    const invalid = [
-      { should: 'require `deviceAssetId`', dto: { ...makeUploadDto({ omit: 'deviceAssetId' }) } },
-      { should: 'require `deviceId`', dto: { ...makeUploadDto({ omit: 'deviceId' }) } },
-      { should: 'require `fileCreatedAt`', dto: { ...makeUploadDto({ omit: 'fileCreatedAt' }) } },
-      { should: 'require `fileModifiedAt`', dto: { ...makeUploadDto({ omit: 'fileModifiedAt' }) } },
-      { should: 'require `duration`', dto: { ...makeUploadDto({ omit: 'duration' }) } },
-      { should: 'throw if `isFavorite` is not a boolean', dto: { ...makeUploadDto(), isFavorite: 'not-a-boolean' } },
-      { should: 'throw if `isVisible` is not a boolean', dto: { ...makeUploadDto(), isVisible: 'not-a-boolean' } },
-      { should: 'throw if `isArchived` is not a boolean', dto: { ...makeUploadDto(), isArchived: 'not-a-boolean' } },
-    ];
-
-    for (const { should, dto } of invalid) {
-      it(`should ${should}`, async () => {
-        const { status, body } = await request(app)
-          .post('/asset/upload')
-          .set('Authorization', `Bearer ${user1.accessToken}`)
-          .attach('assetData', makeRandomImage(), 'example.png')
-          .field(dto);
-        expect(status).toBe(400);
-        expect(body).toEqual(errorDto.badRequest());
-      });
-    }
-
-    const tests = [
-      {
-        input: 'formats/jpg/el_torcal_rocks.jpg',
-        expected: {
-          type: AssetTypeEnum.Image,
-          originalFileName: 'el_torcal_rocks.jpg',
-          resized: true,
-          exifInfo: {
-            dateTimeOriginal: '2012-08-05T11:39:59.000Z',
-            exifImageWidth: 512,
-            exifImageHeight: 341,
-            latitude: null,
-            longitude: null,
-            focalLength: 75,
-            iso: 200,
-            fNumber: 11,
-            exposureTime: '1/160',
-            fileSizeInByte: 53_493,
-            make: 'SONY',
-            model: 'DSLR-A550',
-            orientation: null,
-            description: 'SONY DSC',
-          },
-        },
-      },
-      {
-        input: 'formats/heic/IMG_2682.heic',
-        expected: {
-          type: AssetTypeEnum.Image,
-          originalFileName: 'IMG_2682.heic',
-          resized: true,
-          fileCreatedAt: '2019-03-21T16:04:22.348Z',
-          exifInfo: {
-            dateTimeOriginal: '2019-03-21T16:04:22.348Z',
-            exifImageWidth: 4032,
-            exifImageHeight: 3024,
-            latitude: 41.2203,
-            longitude: -96.071_625,
-            make: 'Apple',
-            model: 'iPhone 7',
-            lensModel: 'iPhone 7 back camera 3.99mm f/1.8',
-            fileSizeInByte: 880_703,
-            exposureTime: '1/887',
-            iso: 20,
-            focalLength: 3.99,
-            fNumber: 1.8,
-            timeZone: 'America/Chicago',
-          },
-        },
-      },
-      {
-        input: 'formats/png/density_plot.png',
-        expected: {
-          type: AssetTypeEnum.Image,
-          originalFileName: 'density_plot.png',
-          resized: true,
-          exifInfo: {
-            exifImageWidth: 800,
-            exifImageHeight: 800,
-            latitude: null,
-            longitude: null,
-            fileSizeInByte: 25_408,
-          },
-        },
-      },
-      {
-        input: 'formats/raw/Nikon/D80/glarus.nef',
-        expected: {
-          type: AssetTypeEnum.Image,
-          originalFileName: 'glarus.nef',
-          resized: true,
-          fileCreatedAt: '2010-07-20T17:27:12.000Z',
-          exifInfo: {
-            make: 'NIKON CORPORATION',
-            model: 'NIKON D80',
-            exposureTime: '1/200',
-            fNumber: 10,
-            focalLength: 18,
-            iso: 100,
-            fileSizeInByte: 9_057_784,
-            dateTimeOriginal: '2010-07-20T17:27:12.000Z',
-            latitude: null,
-            longitude: null,
-            orientation: '1',
-          },
-        },
-      },
-      {
-        input: 'formats/raw/Nikon/D700/philadelphia.nef',
-        expected: {
-          type: AssetTypeEnum.Image,
-          originalFileName: 'philadelphia.nef',
-          resized: true,
-          fileCreatedAt: '2016-09-22T22:10:29.060Z',
-          exifInfo: {
-            make: 'NIKON CORPORATION',
-            model: 'NIKON D700',
-            exposureTime: '1/400',
-            fNumber: 11,
-            focalLength: 85,
-            iso: 200,
-            fileSizeInByte: 15_856_335,
-            dateTimeOriginal: '2016-09-22T22:10:29.060Z',
-            latitude: null,
-            longitude: null,
-            orientation: '1',
-            timeZone: 'UTC-5',
-          },
-        },
-      },
-    ];
-
-    for (const { input, expected } of tests) {
-      it(`should upload and generate a thumbnail for ${input}`, async () => {
-        const filepath = join(testAssetDir, input);
-        const { id, duplicate } = await utils.createAsset(admin.accessToken, {
-          assetData: { bytes: await readFile(filepath), filename: basename(filepath) },
-        });
-
-        expect(duplicate).toBe(false);
-
-        await utils.waitForWebsocketEvent({ event: 'assetUpload', id: id });
-
-        const asset = await utils.getAssetInfo(admin.accessToken, id);
-
-        expect(asset.exifInfo).toBeDefined();
-        expect(asset.exifInfo).toMatchObject(expected.exifInfo);
-        expect(asset).toMatchObject(expected);
-      });
-    }
-
-    it('should handle a duplicate', async () => {
-      const filepath = 'formats/jpeg/el_torcal_rocks.jpeg';
-      const { duplicate } = await utils.createAsset(admin.accessToken, {
-        assetData: {
-          bytes: await readFile(join(testAssetDir, filepath)),
-          filename: basename(filepath),
-        },
-      });
-
-      expect(duplicate).toBe(true);
-    });
-
-    it("should not upload to another user's library", async () => {
-      const libraries = await getAllLibraries({}, { headers: asBearerAuth(admin.accessToken) });
-      const library = libraries.find((library) => library.ownerId === user1.userId) as LibraryResponseDto;
-
-      const { body, status } = await request(app)
-        .post('/asset/upload')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .field('libraryId', library.id)
-        .field('deviceAssetId', 'example-image')
-        .field('deviceId', 'e2e')
-        .field('fileCreatedAt', new Date().toISOString())
-        .field('fileModifiedAt', new Date().toISOString())
-        .field('duration', '0:00:00.000000')
-        .attach('assetData', makeRandomImage(), 'example.png');
-
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Not found or no asset.upload access'));
-    });
-
-    it('should update the used quota', async () => {
-      const { body, status } = await request(app)
-        .post('/asset/upload')
-        .set('Authorization', `Bearer ${quotaUser.accessToken}`)
-        .field('deviceAssetId', 'example-image')
-        .field('deviceId', 'e2e')
-        .field('fileCreatedAt', new Date().toISOString())
-        .field('fileModifiedAt', new Date().toISOString())
-        .attach('assetData', makeRandomImage(), 'example.jpg');
-
-      expect(body).toEqual({ id: expect.any(String), duplicate: false });
-      expect(status).toBe(201);
-
-      const { body: user } = await request(app).get('/user/me').set('Authorization', `Bearer ${quotaUser.accessToken}`);
-
-      expect(user).toEqual(expect.objectContaining({ quotaUsageInBytes: 70 }));
-    });
-
-    it('should not upload an asset if it would exceed the quota', async () => {
-      const { body, status } = await request(app)
-        .post('/asset/upload')
-        .set('Authorization', `Bearer ${quotaUser.accessToken}`)
-        .field('deviceAssetId', 'example-image')
-        .field('deviceId', 'e2e')
-        .field('fileCreatedAt', new Date().toISOString())
-        .field('fileModifiedAt', new Date().toISOString())
-        .attach('assetData', randomBytes(2014), 'example.jpg');
-
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Quota has been exceeded!'));
-    });
-
-    // These hashes were created by copying the image files to a Samsung phone,
-    // exporting the video from Samsung's stock Gallery app, and hashing them locally.
-    // This ensures that immich+exiftool are extracting the videos the same way Samsung does.
-    // DO NOT assume immich+exiftool are doing things correctly and just copy whatever hash it gives
-    // into the test here.
-    const motionTests = [
-      {
-        filepath: 'formats/motionphoto/Samsung One UI 5.jpg',
-        checksum: 'fr14niqCq6N20HB8rJYEvpsUVtI=',
-      },
-      {
-        filepath: 'formats/motionphoto/Samsung One UI 6.jpg',
-        checksum: 'lT9Uviw/FFJYCjfIxAGPTjzAmmw=',
-      },
-      {
-        filepath: 'formats/motionphoto/Samsung One UI 6.heic',
-        checksum: '/ejgzywvgvzvVhUYVfvkLzFBAF0=',
-      },
-    ];
-
-    for (const { filepath, checksum } of motionTests) {
-      it(`should extract motionphoto video from ${filepath}`, async () => {
-        const response = await utils.createAsset(admin.accessToken, {
-          assetData: {
-            bytes: await readFile(join(testAssetDir, filepath)),
-            filename: basename(filepath),
-          },
-        });
-
-        await utils.waitForWebsocketEvent({ event: 'assetUpload', id: response.id });
-
-        expect(response.duplicate).toBe(false);
-
-        const asset = await utils.getAssetInfo(admin.accessToken, response.id);
-        expect(asset.livePhotoVideoId).toBeDefined();
-
-        const video = await utils.getAssetInfo(admin.accessToken, asset.livePhotoVideoId as string);
-        expect(video.checksum).toStrictEqual(checksum);
-      });
-    }
-  });
-
   describe('GET /asset/thumbnail/:id', () => {
     it('should require authentication', async () => {
       const { status, body } = await request(app).get(`/asset/thumbnail/${locationAsset.id}`);
@@ -816,15 +580,15 @@ describe('/asset', () => {
     });
 
     it('should not include gps data for webp thumbnails', async () => {
-      const { status, body, type } = await request(app)
-        .get(`/asset/thumbnail/${locationAsset.id}?format=WEBP`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
       await utils.waitForWebsocketEvent({
         event: 'assetUpload',
         id: locationAsset.id,
       });
 
+      const { status, body, type } = await request(app)
+        .get(`/asset/thumbnail/${locationAsset.id}?format=WEBP`)
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
       expect(status).toBe(200);
       expect(body).toBeDefined();
       expect(type).toBe('image/webp');
@@ -878,6 +642,31 @@ describe('/asset', () => {
   });
 
   describe('GET /asset/map-marker', () => {
+    beforeAll(async () => {
+      const files = [
+        'formats/avif/8bit-sRGB.avif',
+        'formats/jpg/el_torcal_rocks.jpg',
+        'formats/jxl/8bit-sRGB.jxl',
+        'formats/heic/IMG_2682.heic',
+        'formats/png/density_plot.png',
+        'formats/raw/Nikon/D80/glarus.nef',
+        'formats/raw/Nikon/D700/philadelphia.nef',
+        'formats/raw/Panasonic/DMC-GH4/4_3.rw2',
+        'formats/raw/Sony/ILCE-6300/12bit-compressed-(3_2).arw',
+        'formats/raw/Sony/ILCE-7M2/14bit-uncompressed-(3_2).arw',
+      ];
+      utils.resetEvents();
+      const uploadFile = async (input: string) => {
+        const filepath = join(testAssetDir, input);
+        const { id } = await utils.createAsset(admin.accessToken, {
+          assetData: { bytes: await readFile(filepath), filename: basename(filepath) },
+        });
+        await utils.waitForWebsocketEvent({ event: 'assetUpload', id });
+      };
+      const uploads = files.map((f) => uploadFile(f));
+      await Promise.all(uploads);
+    }, 30_000);
+
     it('should require authentication', async () => {
       const { status, body } = await request(app).get('/asset/map-marker');
       expect(status).toBe(401);
@@ -900,7 +689,7 @@ describe('/asset', () => {
           id: expect.any(String),
           lat: expect.closeTo(39.115),
           lon: expect.closeTo(-108.400_968),
-          state: 'Mesa County, Colorado',
+          state: 'Colorado',
         },
         {
           city: 'Ralston',
@@ -908,7 +697,7 @@ describe('/asset', () => {
           id: expect.any(String),
           lat: expect.closeTo(41.2203),
           lon: expect.closeTo(-96.071_625),
-          state: 'Douglas County, Nebraska',
+          state: 'Nebraska',
         },
       ]);
     });
@@ -927,7 +716,7 @@ describe('/asset', () => {
           id: expect.any(String),
           lat: expect.closeTo(39.115),
           lon: expect.closeTo(-108.400_968),
-          state: 'Mesa County, Colorado',
+          state: 'Colorado',
         },
         {
           city: 'Ralston',
@@ -935,33 +724,12 @@ describe('/asset', () => {
           id: expect.any(String),
           lat: expect.closeTo(41.2203),
           lon: expect.closeTo(-96.071_625),
-          state: 'Douglas County, Nebraska',
+          state: 'Nebraska',
         },
       ]);
     });
   });
 
-  describe('GET /asset', () => {
-    it('should return stack data', async () => {
-      const { status, body } = await request(app).get('/asset').set('Authorization', `Bearer ${stackUser.accessToken}`);
-
-      const stack = body.find((asset: AssetResponseDto) => asset.id === stackAssets[0].id);
-
-      expect(status).toBe(200);
-      expect(stack).toEqual(
-        expect.objectContaining({
-          stackCount: 3,
-          stack:
-            // Response includes children at the root level
-            expect.arrayContaining([
-              expect.objectContaining({ id: stackAssets[1].id }),
-              expect.objectContaining({ id: stackAssets[2].id }),
-            ]),
-        }),
-      );
-    });
-  });
-
   describe('PUT /asset', () => {
     it('should require authentication', async () => {
       const { status, body } = await request(app).put('/asset');
@@ -1108,4 +876,346 @@ describe('/asset', () => {
       );
     });
   });
+  describe('POST /asset/upload', () => {
+    beforeAll(setupTests, 30_000);
+
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).post(`/asset/upload`);
+      expect(body).toEqual(errorDto.unauthorized);
+      expect(status).toBe(401);
+    });
+
+    it.each([
+      { should: 'require `deviceAssetId`', dto: { ...makeUploadDto({ omit: 'deviceAssetId' }) } },
+      { should: 'require `deviceId`', dto: { ...makeUploadDto({ omit: 'deviceId' }) } },
+      { should: 'require `fileCreatedAt`', dto: { ...makeUploadDto({ omit: 'fileCreatedAt' }) } },
+      { should: 'require `fileModifiedAt`', dto: { ...makeUploadDto({ omit: 'fileModifiedAt' }) } },
+      { should: 'require `duration`', dto: { ...makeUploadDto({ omit: 'duration' }) } },
+      { should: 'throw if `isFavorite` is not a boolean', dto: { ...makeUploadDto(), isFavorite: 'not-a-boolean' } },
+      { should: 'throw if `isVisible` is not a boolean', dto: { ...makeUploadDto(), isVisible: 'not-a-boolean' } },
+      { should: 'throw if `isArchived` is not a boolean', dto: { ...makeUploadDto(), isArchived: 'not-a-boolean' } },
+    ])('should $should', async ({ dto }) => {
+      const { status, body } = await request(app)
+        .post('/asset/upload')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .attach('assetData', makeRandomImage(), 'example.png')
+        .field(dto);
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest());
+    });
+
+    it.each([
+      {
+        input: 'formats/avif/8bit-sRGB.avif',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: '8bit-sRGB.avif',
+          resized: true,
+          exifInfo: {
+            description: '',
+            exifImageHeight: 1080,
+            exifImageWidth: 1617,
+            fileSizeInByte: 862_424,
+            latitude: null,
+            longitude: null,
+          },
+        },
+      },
+      {
+        input: 'formats/jpg/el_torcal_rocks.jpg',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: 'el_torcal_rocks.jpg',
+          resized: true,
+          exifInfo: {
+            dateTimeOriginal: '2012-08-05T11:39:59.000Z',
+            exifImageWidth: 512,
+            exifImageHeight: 341,
+            latitude: null,
+            longitude: null,
+            focalLength: 75,
+            iso: 200,
+            fNumber: 11,
+            exposureTime: '1/160',
+            fileSizeInByte: 53_493,
+            make: 'SONY',
+            model: 'DSLR-A550',
+            orientation: null,
+            description: 'SONY DSC',
+          },
+        },
+      },
+      {
+        input: 'formats/jxl/8bit-sRGB.jxl',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: '8bit-sRGB.jxl',
+          resized: true,
+          exifInfo: {
+            description: '',
+            exifImageHeight: 1080,
+            exifImageWidth: 1440,
+            fileSizeInByte: 1_780_777,
+            latitude: null,
+            longitude: null,
+          },
+        },
+      },
+      {
+        input: 'formats/heic/IMG_2682.heic',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: 'IMG_2682.heic',
+          resized: true,
+          fileCreatedAt: '2019-03-21T16:04:22.348Z',
+          exifInfo: {
+            dateTimeOriginal: '2019-03-21T16:04:22.348Z',
+            exifImageWidth: 4032,
+            exifImageHeight: 3024,
+            latitude: 41.2203,
+            longitude: -96.071_625,
+            make: 'Apple',
+            model: 'iPhone 7',
+            lensModel: 'iPhone 7 back camera 3.99mm f/1.8',
+            fileSizeInByte: 880_703,
+            exposureTime: '1/887',
+            iso: 20,
+            focalLength: 3.99,
+            fNumber: 1.8,
+            timeZone: 'America/Chicago',
+          },
+        },
+      },
+      {
+        input: 'formats/png/density_plot.png',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: 'density_plot.png',
+          resized: true,
+          exifInfo: {
+            exifImageWidth: 800,
+            exifImageHeight: 800,
+            latitude: null,
+            longitude: null,
+            fileSizeInByte: 25_408,
+          },
+        },
+      },
+      {
+        input: 'formats/raw/Nikon/D80/glarus.nef',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: 'glarus.nef',
+          resized: true,
+          fileCreatedAt: '2010-07-20T17:27:12.000Z',
+          exifInfo: {
+            make: 'NIKON CORPORATION',
+            model: 'NIKON D80',
+            exposureTime: '1/200',
+            fNumber: 10,
+            focalLength: 18,
+            iso: 100,
+            fileSizeInByte: 9_057_784,
+            dateTimeOriginal: '2010-07-20T17:27:12.000Z',
+            latitude: null,
+            longitude: null,
+            orientation: '1',
+          },
+        },
+      },
+      {
+        input: 'formats/raw/Nikon/D700/philadelphia.nef',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: 'philadelphia.nef',
+          resized: true,
+          fileCreatedAt: '2016-09-22T22:10:29.060Z',
+          exifInfo: {
+            make: 'NIKON CORPORATION',
+            model: 'NIKON D700',
+            exposureTime: '1/400',
+            fNumber: 11,
+            focalLength: 85,
+            iso: 200,
+            fileSizeInByte: 15_856_335,
+            dateTimeOriginal: '2016-09-22T22:10:29.060Z',
+            latitude: null,
+            longitude: null,
+            orientation: '1',
+            timeZone: 'UTC-5',
+          },
+        },
+      },
+      {
+        input: 'formats/raw/Panasonic/DMC-GH4/4_3.rw2',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: '4_3.rw2',
+          resized: true,
+          fileCreatedAt: '2018-05-10T08:42:37.842Z',
+          exifInfo: {
+            make: 'Panasonic',
+            model: 'DMC-GH4',
+            exifImageHeight: 3456,
+            exifImageWidth: 4608,
+            exposureTime: '1/100',
+            fNumber: 3.2,
+            focalLength: 35,
+            iso: 400,
+            fileSizeInByte: 19_587_072,
+            dateTimeOriginal: '2018-05-10T08:42:37.842Z',
+            latitude: null,
+            longitude: null,
+            orientation: '1',
+          },
+        },
+      },
+      {
+        input: 'formats/raw/Sony/ILCE-6300/12bit-compressed-(3_2).arw',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: '12bit-compressed-(3_2).arw',
+          resized: true,
+          fileCreatedAt: '2016-09-27T10:51:44.000Z',
+          exifInfo: {
+            make: 'SONY',
+            model: 'ILCE-6300',
+            exifImageHeight: 4024,
+            exifImageWidth: 6048,
+            exposureTime: '1/320',
+            fNumber: 8,
+            focalLength: 97,
+            iso: 100,
+            lensModel: 'E PZ 18-105mm F4 G OSS',
+            fileSizeInByte: 25_001_984,
+            dateTimeOriginal: '2016-09-27T10:51:44.000Z',
+            latitude: null,
+            longitude: null,
+            orientation: '1',
+          },
+        },
+      },
+      {
+        input: 'formats/raw/Sony/ILCE-7M2/14bit-uncompressed-(3_2).arw',
+        expected: {
+          type: AssetTypeEnum.Image,
+          originalFileName: '14bit-uncompressed-(3_2).arw',
+          resized: true,
+          fileCreatedAt: '2016-01-08T15:08:01.000Z',
+          exifInfo: {
+            make: 'SONY',
+            model: 'ILCE-7M2',
+            exifImageHeight: 4024,
+            exifImageWidth: 6048,
+            exposureTime: '1.3',
+            fNumber: 22,
+            focalLength: 25,
+            iso: 100,
+            lensModel: 'E 25mm F2',
+            fileSizeInByte: 49_512_448,
+            dateTimeOriginal: '2016-01-08T15:08:01.000Z',
+            latitude: null,
+            longitude: null,
+            orientation: '1',
+          },
+        },
+      },
+    ])(`should upload and generate a thumbnail for $input`, async ({ input, expected }) => {
+      const filepath = join(testAssetDir, input);
+      const { id, duplicate } = await utils.createAsset(admin.accessToken, {
+        assetData: { bytes: await readFile(filepath), filename: basename(filepath) },
+      });
+
+      expect(duplicate).toBe(false);
+
+      await utils.waitForWebsocketEvent({ event: 'assetUpload', id: id });
+
+      const asset = await utils.getAssetInfo(admin.accessToken, id);
+
+      expect(asset.exifInfo).toBeDefined();
+      expect(asset.exifInfo).toMatchObject(expected.exifInfo);
+      expect(asset).toMatchObject(expected);
+    });
+
+    it('should handle a duplicate', async () => {
+      const filepath = 'formats/jpeg/el_torcal_rocks.jpeg';
+      const { duplicate } = await utils.createAsset(admin.accessToken, {
+        assetData: {
+          bytes: await readFile(join(testAssetDir, filepath)),
+          filename: basename(filepath),
+        },
+      });
+
+      expect(duplicate).toBe(true);
+    });
+
+    it('should update the used quota', async () => {
+      const { body, status } = await request(app)
+        .post('/asset/upload')
+        .set('Authorization', `Bearer ${quotaUser.accessToken}`)
+        .field('deviceAssetId', 'example-image')
+        .field('deviceId', 'e2e')
+        .field('fileCreatedAt', new Date().toISOString())
+        .field('fileModifiedAt', new Date().toISOString())
+        .attach('assetData', makeRandomImage(), 'example.jpg');
+
+      expect(body).toEqual({ id: expect.any(String), duplicate: false });
+      expect(status).toBe(201);
+
+      const user = await getMyUser({ headers: asBearerAuth(quotaUser.accessToken) });
+
+      expect(user).toEqual(expect.objectContaining({ quotaUsageInBytes: 70 }));
+    });
+
+    it('should not upload an asset if it would exceed the quota', async () => {
+      const { body, status } = await request(app)
+        .post('/asset/upload')
+        .set('Authorization', `Bearer ${quotaUser.accessToken}`)
+        .field('deviceAssetId', 'example-image')
+        .field('deviceId', 'e2e')
+        .field('fileCreatedAt', new Date().toISOString())
+        .field('fileModifiedAt', new Date().toISOString())
+        .attach('assetData', randomBytes(2014), 'example.jpg');
+
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest('Quota has been exceeded!'));
+    });
+
+    // These hashes were created by copying the image files to a Samsung phone,
+    // exporting the video from Samsung's stock Gallery app, and hashing them locally.
+    // This ensures that immich+exiftool are extracting the videos the same way Samsung does.
+    // DO NOT assume immich+exiftool are doing things correctly and just copy whatever hash it gives
+    // into the test here.
+    it.each([
+      {
+        filepath: 'formats/motionphoto/Samsung One UI 5.jpg',
+        checksum: 'fr14niqCq6N20HB8rJYEvpsUVtI=',
+      },
+      {
+        filepath: 'formats/motionphoto/Samsung One UI 6.jpg',
+        checksum: 'lT9Uviw/FFJYCjfIxAGPTjzAmmw=',
+      },
+      {
+        filepath: 'formats/motionphoto/Samsung One UI 6.heic',
+        checksum: '/ejgzywvgvzvVhUYVfvkLzFBAF0=',
+      },
+    ])(`should extract motionphoto video from $filepath`, async ({ filepath, checksum }) => {
+      const response = await utils.createAsset(admin.accessToken, {
+        assetData: {
+          bytes: await readFile(join(testAssetDir, filepath)),
+          filename: basename(filepath),
+        },
+      });
+
+      await utils.waitForWebsocketEvent({ event: 'assetUpload', id: response.id });
+
+      expect(response.duplicate).toBe(false);
+
+      const asset = await utils.getAssetInfo(admin.accessToken, response.id);
+      expect(asset.livePhotoVideoId).toBeDefined();
+
+      const video = await utils.getAssetInfo(admin.accessToken, asset.livePhotoVideoId as string);
+      expect(video.checksum).toStrictEqual(checksum);
+    });
+  });
 });

e2e/src/api/specs/audit.e2e-spec.ts

@@ -2,7 +2,7 @@ import { deleteAssets, getAuditFiles, updateAsset, type LoginResponseDto } from
 import { asBearerAuth, utils } from 'src/utils';
 import { beforeAll, describe, expect, it } from 'vitest';
 
-describe('/audit', () => {
+describe('/audits', () => {
   let admin: LoginResponseDto;
 
   beforeAll(async () => {

e2e/src/api/specs/auth.e2e-spec.ts

@@ -1,7 +1,7 @@
-import { LoginResponseDto, getAuthDevices, login, signUpAdmin } from '@immich/sdk';
-import { loginDto, signupDto, uuidDto } from 'src/fixtures';
-import { deviceDto, errorDto, loginResponseDto, signupResponseDto } from 'src/responses';
-import { app, asBearerAuth, utils } from 'src/utils';
+import { LoginResponseDto, login, signUpAdmin } from '@immich/sdk';
+import { loginDto, signupDto } from 'src/fixtures';
+import { errorDto, loginResponseDto, signupResponseDto } from 'src/responses';
+import { app, utils } from 'src/utils';
 import request from 'supertest';
 import { beforeEach, describe, expect, it } from 'vitest';
 
@@ -112,70 +112,29 @@ describe('/auth/*', () => {
 
       const cookies = headers['set-cookie'];
       expect(cookies).toHaveLength(3);
-      expect(cookies[0]).toEqual(`immich_access_token=${token}; HttpOnly; Path=/; Max-Age=34560000; SameSite=Lax;`);
-      expect(cookies[1]).toEqual('immich_auth_type=password; HttpOnly; Path=/; Max-Age=34560000; SameSite=Lax;');
-      expect(cookies[2]).toEqual('immich_is_authenticated=true; Path=/; Max-Age=34560000; SameSite=Lax;');
-    });
-  });
-
-  describe('GET /auth/devices', () => {
-    it('should require authentication', async () => {
-      const { status, body } = await request(app).get('/auth/devices');
-      expect(status).toBe(401);
-      expect(body).toEqual(errorDto.unauthorized);
-    });
-
-    it('should get a list of authorized devices', async () => {
-      const { status, body } = await request(app)
-        .get('/auth/devices')
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(200);
-      expect(body).toEqual([deviceDto.current]);
-    });
-  });
-
-  describe('DELETE /auth/devices', () => {
-    it('should require authentication', async () => {
-      const { status, body } = await request(app).delete(`/auth/devices`);
-      expect(status).toBe(401);
-      expect(body).toEqual(errorDto.unauthorized);
-    });
-
-    it('should logout all devices (except the current one)', async () => {
-      for (let i = 0; i < 5; i++) {
-        await login({ loginCredentialDto: loginDto.admin });
-      }
-
-      await expect(getAuthDevices({ headers: asBearerAuth(admin.accessToken) })).resolves.toHaveLength(6);
-
-      const { status } = await request(app).delete(`/auth/devices`).set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(204);
-
-      await expect(getAuthDevices({ headers: asBearerAuth(admin.accessToken) })).resolves.toHaveLength(1);
-    });
-
-    it('should throw an error for a non-existent device id', async () => {
-      const { status, body } = await request(app)
-        .delete(`/auth/devices/${uuidDto.notFound}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Not found or no authDevice.delete access'));
-    });
-
-    it('should logout a device', async () => {
-      const [device] = await getAuthDevices({
-        headers: asBearerAuth(admin.accessToken),
-      });
-      const { status } = await request(app)
-        .delete(`/auth/devices/${device.id}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(204);
-
-      const response = await request(app)
-        .post('/auth/validateToken')
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(response.body).toEqual(errorDto.invalidToken);
-      expect(response.status).toBe(401);
+      expect(cookies[0].split(';').map((item) => item.trim())).toEqual([
+        `immich_access_token=${token}`,
+        'Max-Age=34560000',
+        'Path=/',
+        expect.stringContaining('Expires='),
+        'HttpOnly',
+        'SameSite=Lax',
+      ]);
+      expect(cookies[1].split(';').map((item) => item.trim())).toEqual([
+        'immich_auth_type=password',
+        'Max-Age=34560000',
+        'Path=/',
+        expect.stringContaining('Expires='),
+        'HttpOnly',
+        'SameSite=Lax',
+      ]);
+      expect(cookies[2].split(';').map((item) => item.trim())).toEqual([
+        'immich_is_authenticated=true',
+        'Max-Age=34560000',
+        'Path=/',
+        expect.stringContaining('Expires='),
+        'SameSite=Lax',
+      ]);
     });
   });
 

e2e/src/api/specs/library.e2e-spec.ts

@@ -1,23 +1,17 @@
-import {
-  LibraryResponseDto,
-  LibraryType,
-  LoginResponseDto,
-  ScanLibraryDto,
-  getAllLibraries,
-  scanLibrary,
-} from '@immich/sdk';
-import { existsSync, rmdirSync } from 'node:fs';
+import { LibraryResponseDto, LoginResponseDto, ScanLibraryDto, getAllLibraries, scanLibrary } from '@immich/sdk';
+import { cpSync, existsSync } from 'node:fs';
 import { Socket } from 'socket.io-client';
 import { userDto, uuidDto } from 'src/fixtures';
 import { errorDto } from 'src/responses';
 import { app, asBearerAuth, testAssetDir, testAssetDirInternal, utils } from 'src/utils';
 import request from 'supertest';
+import { utimes } from 'utimes';
 import { afterAll, beforeAll, beforeEach, describe, expect, it } from 'vitest';
 
 const scan = async (accessToken: string, id: string, dto: ScanLibraryDto = {}) =>
   scanLibrary({ id, scanLibraryDto: dto }, { headers: asBearerAuth(accessToken) });
 
-describe('/library', () => {
+describe('/libraries', () => {
   let admin: LoginResponseDto;
   let user: LoginResponseDto;
   let library: LibraryResponseDto;
@@ -26,63 +20,43 @@ describe('/library', () => {
   beforeAll(async () => {
     await utils.resetDatabase();
     admin = await utils.adminSetup();
+    await utils.resetAdminConfig(admin.accessToken);
     user = await utils.userSetup(admin.accessToken, userDto.user1);
-    library = await utils.createLibrary(admin.accessToken, { ownerId: admin.userId, type: LibraryType.External });
+    library = await utils.createLibrary(admin.accessToken, { ownerId: admin.userId });
     websocket = await utils.connectWebsocket(admin.accessToken);
-  });
-
-  afterAll(() => {
-    utils.disconnectWebsocket(websocket);
-  });
-
-  beforeEach(() => {
-    utils.resetEvents();
-    const tempDir = `${testAssetDir}/temp`;
-    if (existsSync(tempDir)) {
-      rmdirSync(tempDir, { recursive: true });
-    }
     utils.createImageFile(`${testAssetDir}/temp/directoryA/assetA.png`);
     utils.createImageFile(`${testAssetDir}/temp/directoryB/assetB.png`);
   });
 
-  describe('GET /library', () => {
+  afterAll(() => {
+    utils.disconnectWebsocket(websocket);
+    utils.resetTempFolder();
+  });
+
+  beforeEach(() => {
+    utils.resetEvents();
+  });
+
+  describe('GET /libraries', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get('/library');
+      const { status, body } = await request(app).get('/libraries');
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
-
-    it('should start with a default upload library', async () => {
-      const { status, body } = await request(app).get('/library').set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.arrayContaining([
-          expect.objectContaining({
-            ownerId: admin.userId,
-            type: LibraryType.Upload,
-            name: 'Default Library',
-            refreshedAt: null,
-            assetCount: 0,
-            importPaths: [],
-            exclusionPatterns: [],
-          }),
-        ]),
-      );
-    });
   });
 
-  describe('POST /library', () => {
+  describe('POST /libraries', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post('/library').send({});
+      const { status, body } = await request(app).post('/libraries').send({});
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should require admin authentication', async () => {
       const { status, body } = await request(app)
-        .post('/library')
+        .post('/libraries')
         .set('Authorization', `Bearer ${user.accessToken}`)
-        .send({ ownerId: admin.userId, type: LibraryType.External });
+        .send({ ownerId: admin.userId });
 
       expect(status).toBe(403);
       expect(body).toEqual(errorDto.forbidden);
@@ -90,15 +64,14 @@ describe('/library', () => {
 
     it('should create an external library with defaults', async () => {
       const { status, body } = await request(app)
-        .post('/library')
+        .post('/libraries')
         .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({ ownerId: admin.userId, type: LibraryType.External });
+        .send({ ownerId: admin.userId });
 
       expect(status).toBe(201);
       expect(body).toEqual(
         expect.objectContaining({
           ownerId: admin.userId,
-          type: LibraryType.External,
           name: 'New External Library',
           refreshedAt: null,
           assetCount: 0,
@@ -110,11 +83,10 @@ describe('/library', () => {
 
     it('should create an external library with options', async () => {
       const { status, body } = await request(app)
-        .post('/library')
+        .post('/libraries')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({
           ownerId: admin.userId,
-          type: LibraryType.External,
           name: 'My Awesome Library',
           importPaths: ['/path/to/import'],
           exclusionPatterns: ['**/Raw/**'],
@@ -131,11 +103,10 @@ describe('/library', () => {
 
     it('should not create an external library with duplicate import paths', async () => {
       const { status, body } = await request(app)
-        .post('/library')
+        .post('/libraries')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({
           ownerId: admin.userId,
-          type: LibraryType.External,
           name: 'My Awesome Library',
           importPaths: ['/path', '/path'],
           exclusionPatterns: ['**/Raw/**'],
@@ -147,11 +118,10 @@ describe('/library', () => {
 
     it('should not create an external library with duplicate exclusion patterns', async () => {
       const { status, body } = await request(app)
-        .post('/library')
+        .post('/libraries')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({
           ownerId: admin.userId,
-          type: LibraryType.External,
           name: 'My Awesome Library',
           importPaths: ['/path/to/import'],
           exclusionPatterns: ['**/Raw/**', '**/Raw/**'],
@@ -160,72 +130,18 @@ describe('/library', () => {
       expect(status).toBe(400);
       expect(body).toEqual(errorDto.badRequest(["All exclusionPatterns's elements must be unique"]));
     });
-
-    it('should create an upload library with defaults', async () => {
-      const { status, body } = await request(app)
-        .post('/library')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({ ownerId: admin.userId, type: LibraryType.Upload });
-
-      expect(status).toBe(201);
-      expect(body).toEqual(
-        expect.objectContaining({
-          ownerId: admin.userId,
-          type: LibraryType.Upload,
-          name: 'New Upload Library',
-          refreshedAt: null,
-          assetCount: 0,
-          importPaths: [],
-          exclusionPatterns: [],
-        }),
-      );
-    });
-
-    it('should create an upload library with options', async () => {
-      const { status, body } = await request(app)
-        .post('/library')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({ ownerId: admin.userId, type: LibraryType.Upload, name: 'My Awesome Library' });
-
-      expect(status).toBe(201);
-      expect(body).toEqual(
-        expect.objectContaining({
-          name: 'My Awesome Library',
-        }),
-      );
-    });
-
-    it('should not allow upload libraries to have import paths', async () => {
-      const { status, body } = await request(app)
-        .post('/library')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({ ownerId: admin.userId, type: LibraryType.Upload, importPaths: ['/path/to/import'] });
-
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Upload libraries cannot have import paths'));
-    });
-
-    it('should not allow upload libraries to have exclusion patterns', async () => {
-      const { status, body } = await request(app)
-        .post('/library')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({ ownerId: admin.userId, type: LibraryType.Upload, exclusionPatterns: ['**/Raw/**'] });
-
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Upload libraries cannot have exclusion patterns'));
-    });
   });
 
-  describe('PUT /library/:id', () => {
+  describe('PUT /libraries/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).put(`/library/${uuidDto.notFound}`).send({});
+      const { status, body } = await request(app).put(`/libraries/${uuidDto.notFound}`).send({});
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
     it('should change the library name', async () => {
       const { status, body } = await request(app)
-        .put(`/library/${library.id}`)
+        .put(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ name: 'New Library Name' });
 
@@ -239,7 +155,7 @@ describe('/library', () => {
 
     it('should not set an empty name', async () => {
       const { status, body } = await request(app)
-        .put(`/library/${library.id}`)
+        .put(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ name: '' });
 
@@ -249,7 +165,7 @@ describe('/library', () => {
 
     it('should change the import paths', async () => {
       const { status, body } = await request(app)
-        .put(`/library/${library.id}`)
+        .put(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ importPaths: [testAssetDirInternal] });
 
@@ -263,7 +179,7 @@ describe('/library', () => {
 
     it('should reject an empty import path', async () => {
       const { status, body } = await request(app)
-        .put(`/library/${library.id}`)
+        .put(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ importPaths: [''] });
 
@@ -273,7 +189,7 @@ describe('/library', () => {
 
     it('should reject duplicate import paths', async () => {
       const { status, body } = await request(app)
-        .put(`/library/${library.id}`)
+        .put(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ importPaths: ['/path', '/path'] });
 
@@ -283,7 +199,7 @@ describe('/library', () => {
 
     it('should change the exclusion pattern', async () => {
       const { status, body } = await request(app)
-        .put(`/library/${library.id}`)
+        .put(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ exclusionPatterns: ['**/Raw/**'] });
 
@@ -297,7 +213,7 @@ describe('/library', () => {
 
     it('should reject duplicate exclusion patterns', async () => {
       const { status, body } = await request(app)
-        .put(`/library/${library.id}`)
+        .put(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ exclusionPatterns: ['**/*.jpg', '**/*.jpg'] });
 
@@ -307,7 +223,7 @@ describe('/library', () => {
 
     it('should reject an empty exclusion pattern', async () => {
       const { status, body } = await request(app)
-        .put(`/library/${library.id}`)
+        .put(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ exclusionPatterns: [''] });
 
@@ -316,9 +232,9 @@ describe('/library', () => {
     });
   });
 
-  describe('GET /library/:id', () => {
+  describe('GET /libraries/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get(`/library/${uuidDto.notFound}`);
+      const { status, body } = await request(app).get(`/libraries/${uuidDto.notFound}`);
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -326,27 +242,23 @@ describe('/library', () => {
 
     it('should require admin access', async () => {
       const { status, body } = await request(app)
-        .get(`/library/${uuidDto.notFound}`)
+        .get(`/libraries/${uuidDto.notFound}`)
         .set('Authorization', `Bearer ${user.accessToken}`);
       expect(status).toBe(403);
       expect(body).toEqual(errorDto.forbidden);
     });
 
     it('should get library by id', async () => {
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        type: LibraryType.External,
-      });
+      const library = await utils.createLibrary(admin.accessToken, { ownerId: admin.userId });
 
       const { status, body } = await request(app)
-        .get(`/library/${library.id}`)
+        .get(`/libraries/${library.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(200);
       expect(body).toEqual(
         expect.objectContaining({
           ownerId: admin.userId,
-          type: LibraryType.External,
           name: 'New External Library',
           refreshedAt: null,
           assetCount: 0,
@@ -357,130 +269,26 @@ describe('/library', () => {
     });
   });
 
-  describe('DELETE /library/:id', () => {
+  describe('GET /libraries/:id/statistics', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).delete(`/library/${uuidDto.notFound}`);
-
-      expect(status).toBe(401);
-      expect(body).toEqual(errorDto.unauthorized);
-    });
-
-    it('should not delete the last upload library', async () => {
-      const libraries = await getAllLibraries(
-        { $type: LibraryType.Upload },
-        { headers: asBearerAuth(admin.accessToken) },
-      );
-
-      const adminLibraries = libraries.filter((library) => library.ownerId === admin.userId);
-      expect(adminLibraries.length).toBeGreaterThanOrEqual(1);
-      const lastLibrary = adminLibraries.pop() as LibraryResponseDto;
-
-      // delete all but the last upload library
-      for (const library of adminLibraries) {
-        const { status } = await request(app)
-          .delete(`/library/${library.id}`)
-          .set('Authorization', `Bearer ${admin.accessToken}`);
-        expect(status).toBe(204);
-      }
-
-      const { status, body } = await request(app)
-        .delete(`/library/${lastLibrary.id}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(body).toEqual(errorDto.noDeleteUploadLibrary);
-      expect(status).toBe(400);
-    });
-
-    it('should delete an external library', async () => {
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        type: LibraryType.External,
-      });
-
-      const { status, body } = await request(app)
-        .delete(`/library/${library.id}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(status).toBe(204);
-      expect(body).toEqual({});
-
-      const libraries = await getAllLibraries({}, { headers: asBearerAuth(admin.accessToken) });
-      expect(libraries).not.toEqual(
-        expect.arrayContaining([
-          expect.objectContaining({
-            id: library.id,
-          }),
-        ]),
-      );
-    });
-
-    it('should delete an external library with assets', async () => {
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        type: LibraryType.External,
-        importPaths: [`${testAssetDirInternal}/temp`],
-      });
-
-      await scan(admin.accessToken, library.id);
-      await utils.waitForWebsocketEvent({ event: 'assetUpload', total: 2 });
-
-      const { status, body } = await request(app)
-        .delete(`/library/${library.id}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(status).toBe(204);
-      expect(body).toEqual({});
-
-      const libraries = await getAllLibraries({}, { headers: asBearerAuth(admin.accessToken) });
-      expect(libraries).not.toEqual(
-        expect.arrayContaining([
-          expect.objectContaining({
-            id: library.id,
-          }),
-        ]),
-      );
-
-      // ensure no files get deleted
-      expect(existsSync(`${testAssetDir}/temp/directoryA/assetA.png`)).toBe(true);
-      expect(existsSync(`${testAssetDir}/temp/directoryB/assetB.png`)).toBe(true);
-    });
-  });
-
-  describe('GET /library/:id/statistics', () => {
-    it('should require authentication', async () => {
-      const { status, body } = await request(app).get(`/library/${uuidDto.notFound}/statistics`);
+      const { status, body } = await request(app).get(`/libraries/${uuidDto.notFound}/statistics`);
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
   });
 
-  describe('POST /library/:id/scan', () => {
+  describe('POST /libraries/:id/scan', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post(`/library/${uuidDto.notFound}/scan`).send({});
+      const { status, body } = await request(app).post(`/libraries/${uuidDto.notFound}/scan`).send({});
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
-    it('should not scan an upload library', async () => {
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        type: LibraryType.Upload,
-      });
-
-      const { status, body } = await request(app)
-        .post(`/library/${library.id}/scan`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Can only refresh external libraries'));
-    });
-
     it('should scan external library', async () => {
       const library = await utils.createLibrary(admin.accessToken, {
         ownerId: admin.userId,
-        type: LibraryType.External,
         importPaths: [`${testAssetDirInternal}/temp/directoryA`],
       });
 
@@ -496,7 +304,6 @@ describe('/library', () => {
     it('should scan external library with exclusion pattern', async () => {
       const library = await utils.createLibrary(admin.accessToken, {
         ownerId: admin.userId,
-        type: LibraryType.External,
         importPaths: [`${testAssetDirInternal}/temp`],
         exclusionPatterns: ['**/directoryA'],
       });
@@ -513,7 +320,6 @@ describe('/library', () => {
     it('should scan multiple import paths', async () => {
       const library = await utils.createLibrary(admin.accessToken, {
         ownerId: admin.userId,
-        type: LibraryType.External,
         importPaths: [`${testAssetDirInternal}/temp/directoryA`, `${testAssetDirInternal}/temp/directoryB`],
       });
 
@@ -530,7 +336,6 @@ describe('/library', () => {
     it('should pick up new files', async () => {
       const library = await utils.createLibrary(admin.accessToken, {
         ownerId: admin.userId,
-        type: LibraryType.External,
         importPaths: [`${testAssetDirInternal}/temp`],
       });
 
@@ -549,21 +354,224 @@ describe('/library', () => {
       const { assets: newAssets } = await utils.metadataSearch(admin.accessToken, { libraryId: library.id });
 
       expect(newAssets.count).toBe(3);
+      utils.removeImageFile(`${testAssetDir}/temp/directoryA/assetB.png`);
+    });
+
+    it('should offline missing files', async () => {
+      utils.createImageFile(`${testAssetDir}/temp/directoryA/assetB.png`);
+      const library = await utils.createLibrary(admin.accessToken, {
+        ownerId: admin.userId,
+        importPaths: [`${testAssetDirInternal}/temp`],
+      });
+
+      await scan(admin.accessToken, library.id);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+      utils.removeImageFile(`${testAssetDir}/temp/directoryA/assetB.png`);
+
+      await scan(admin.accessToken, library.id);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+      const { assets } = await utils.metadataSearch(admin.accessToken, { libraryId: library.id });
+
+      expect(assets.items).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            isOffline: true,
+            originalFileName: 'assetB.png',
+          }),
+        ]),
+      );
+    });
+
+    it('should scan new files', async () => {
+      const library = await utils.createLibrary(admin.accessToken, {
+        ownerId: admin.userId,
+        importPaths: [`${testAssetDirInternal}/temp`],
+      });
+
+      await scan(admin.accessToken, library.id);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+      utils.createImageFile(`${testAssetDir}/temp/directoryA/assetC.png`);
+
+      await scan(admin.accessToken, library.id);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+      utils.removeImageFile(`${testAssetDir}/temp/directoryA/assetC.png`);
+      const { assets } = await utils.metadataSearch(admin.accessToken, { libraryId: library.id });
+
+      expect(assets.items).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            originalFileName: 'assetC.png',
+          }),
+        ]),
+      );
+    });
+
+    describe('with refreshModifiedFiles=true', () => {
+      it('should reimport modified files', async () => {
+        const library = await utils.createLibrary(admin.accessToken, {
+          ownerId: admin.userId,
+          importPaths: [`${testAssetDirInternal}/temp`],
+        });
+
+        utils.createImageFile(`${testAssetDir}/temp/directoryA/assetB.jpg`);
+        await utimes(`${testAssetDir}/temp/directoryA/assetB.jpg`, 447_775_200_000);
+
+        await scan(admin.accessToken, library.id);
+        await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+        cpSync(`${testAssetDir}/albums/nature/tanners_ridge.jpg`, `${testAssetDir}/temp/directoryA/assetB.jpg`);
+        await utimes(`${testAssetDir}/temp/directoryA/assetB.jpg`, 447_775_200_001);
+
+        await scan(admin.accessToken, library.id, { refreshModifiedFiles: true });
+        await utils.waitForQueueFinish(admin.accessToken, 'library');
+        await utils.waitForQueueFinish(admin.accessToken, 'metadataExtraction');
+        utils.removeImageFile(`${testAssetDir}/temp/directoryA/assetB.jpg`);
+
+        const { assets } = await utils.metadataSearch(admin.accessToken, {
+          libraryId: library.id,
+          model: 'NIKON D750',
+        });
+        expect(assets.count).toBe(1);
+      });
+
+      it('should not reimport unmodified files', async () => {
+        const library = await utils.createLibrary(admin.accessToken, {
+          ownerId: admin.userId,
+          importPaths: [`${testAssetDirInternal}/temp`],
+        });
+
+        utils.createImageFile(`${testAssetDir}/temp/directoryA/assetB.jpg`);
+        await utimes(`${testAssetDir}/temp/directoryA/assetB.jpg`, 447_775_200_000);
+
+        await scan(admin.accessToken, library.id);
+        await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+        cpSync(`${testAssetDir}/albums/nature/tanners_ridge.jpg`, `${testAssetDir}/temp/directoryA/assetB.jpg`);
+        await utimes(`${testAssetDir}/temp/directoryA/assetB.jpg`, 447_775_200_000);
+
+        await scan(admin.accessToken, library.id, { refreshModifiedFiles: true });
+        await utils.waitForQueueFinish(admin.accessToken, 'library');
+        await utils.waitForQueueFinish(admin.accessToken, 'metadataExtraction');
+        utils.removeImageFile(`${testAssetDir}/temp/directoryA/assetB.jpg`);
+
+        const { assets } = await utils.metadataSearch(admin.accessToken, {
+          libraryId: library.id,
+          model: 'NIKON D750',
+        });
+        expect(assets.count).toBe(0);
+      });
+    });
+
+    describe('with refreshAllFiles=true', () => {
+      it('should reimport all files', async () => {
+        const library = await utils.createLibrary(admin.accessToken, {
+          ownerId: admin.userId,
+          importPaths: [`${testAssetDirInternal}/temp`],
+        });
+
+        utils.createImageFile(`${testAssetDir}/temp/directoryA/assetB.jpg`);
+        await utimes(`${testAssetDir}/temp/directoryA/assetB.jpg`, 447_775_200_000);
+
+        await scan(admin.accessToken, library.id);
+        await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+        cpSync(`${testAssetDir}/albums/nature/tanners_ridge.jpg`, `${testAssetDir}/temp/directoryA/assetB.jpg`);
+        await utimes(`${testAssetDir}/temp/directoryA/assetB.jpg`, 447_775_200_000);
+
+        await scan(admin.accessToken, library.id, { refreshAllFiles: true });
+        await utils.waitForQueueFinish(admin.accessToken, 'library');
+        await utils.waitForQueueFinish(admin.accessToken, 'metadataExtraction');
+        utils.removeImageFile(`${testAssetDir}/temp/directoryA/assetB.jpg`);
+
+        const { assets } = await utils.metadataSearch(admin.accessToken, {
+          libraryId: library.id,
+          model: 'NIKON D750',
+        });
+        expect(assets.count).toBe(1);
+      });
     });
   });
 
-  describe('POST /library/:id/removeOffline', () => {
+  describe('POST /libraries/:id/removeOffline', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post(`/library/${uuidDto.notFound}/removeOffline`).send({});
+      const { status, body } = await request(app).post(`/libraries/${uuidDto.notFound}/removeOffline`).send({});
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
+
+    it('should remove offline files', async () => {
+      const library = await utils.createLibrary(admin.accessToken, {
+        ownerId: admin.userId,
+        importPaths: [`${testAssetDirInternal}/temp`],
+      });
+
+      utils.createImageFile(`${testAssetDir}/temp/directoryA/assetB.png`);
+
+      await scan(admin.accessToken, library.id);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+      const { assets: initialAssets } = await utils.metadataSearch(admin.accessToken, {
+        libraryId: library.id,
+      });
+      expect(initialAssets.count).toBe(3);
+
+      utils.removeImageFile(`${testAssetDir}/temp/directoryA/assetB.png`);
+
+      await scan(admin.accessToken, library.id);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+      const { assets: offlineAssets } = await utils.metadataSearch(admin.accessToken, {
+        libraryId: library.id,
+        isOffline: true,
+      });
+      expect(offlineAssets.count).toBe(1);
+
+      const { status } = await request(app)
+        .post(`/libraries/${library.id}/removeOffline`)
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send();
+      expect(status).toBe(204);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+      await utils.waitForQueueFinish(admin.accessToken, 'backgroundTask');
+
+      const { assets } = await utils.metadataSearch(admin.accessToken, { libraryId: library.id });
+
+      expect(assets.count).toBe(2);
+    });
+
+    it('should not remove online files', async () => {
+      const library = await utils.createLibrary(admin.accessToken, {
+        ownerId: admin.userId,
+        importPaths: [`${testAssetDirInternal}/temp`],
+      });
+
+      await scan(admin.accessToken, library.id);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+      const { assets: assetsBefore } = await utils.metadataSearch(admin.accessToken, { libraryId: library.id });
+      expect(assetsBefore.count).toBeGreaterThan(1);
+
+      const { status } = await request(app)
+        .post(`/libraries/${library.id}/removeOffline`)
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send();
+      expect(status).toBe(204);
+      await utils.waitForQueueFinish(admin.accessToken, 'library');
+
+      const { assets } = await utils.metadataSearch(admin.accessToken, { libraryId: library.id });
+
+      expect(assets).toEqual(assetsBefore);
+    });
   });
 
-  describe('POST /library/:id/validate', () => {
+  describe('POST /libraries/:id/validate', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post(`/library/${uuidDto.notFound}/validate`).send({});
+      const { status, body } = await request(app).post(`/libraries/${uuidDto.notFound}/validate`).send({});
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -608,4 +616,63 @@ describe('/library', () => {
       });
     });
   });
+
+  describe('DELETE /libraries/:id', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).delete(`/libraries/${uuidDto.notFound}`);
+
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should delete an external library', async () => {
+      const library = await utils.createLibrary(admin.accessToken, { ownerId: admin.userId });
+
+      const { status, body } = await request(app)
+        .delete(`/libraries/${library.id}`)
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(204);
+      expect(body).toEqual({});
+
+      const libraries = await getAllLibraries({ headers: asBearerAuth(admin.accessToken) });
+      expect(libraries).not.toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            id: library.id,
+          }),
+        ]),
+      );
+    });
+
+    it('should delete an external library with assets', async () => {
+      const library = await utils.createLibrary(admin.accessToken, {
+        ownerId: admin.userId,
+        importPaths: [`${testAssetDirInternal}/temp`],
+      });
+
+      await scan(admin.accessToken, library.id);
+      await utils.waitForWebsocketEvent({ event: 'assetUpload', total: 2 });
+
+      const { status, body } = await request(app)
+        .delete(`/libraries/${library.id}`)
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(204);
+      expect(body).toEqual({});
+
+      const libraries = await getAllLibraries({ headers: asBearerAuth(admin.accessToken) });
+      expect(libraries).not.toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            id: library.id,
+          }),
+        ]),
+      );
+
+      // ensure no files get deleted
+      expect(existsSync(`${testAssetDir}/temp/directoryA/assetA.png`)).toBe(true);
+      expect(existsSync(`${testAssetDir}/temp/directoryB/assetB.png`)).toBe(true);
+    });
+  });
 });

e2e/src/api/specs/partner.e2e-spec.ts

@@ -5,7 +5,7 @@ import { app, asBearerAuth, utils } from 'src/utils';
 import request from 'supertest';
 import { beforeAll, describe, expect, it } from 'vitest';
 
-describe('/partner', () => {
+describe('/partners', () => {
   let admin: LoginResponseDto;
   let user1: LoginResponseDto;
   let user2: LoginResponseDto;
@@ -28,9 +28,9 @@ describe('/partner', () => {
     ]);
   });
 
-  describe('GET /partner', () => {
+  describe('GET /partners', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get('/partner');
+      const { status, body } = await request(app).get('/partners');
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -38,7 +38,7 @@ describe('/partner', () => {
 
     it('should get all partners shared by user', async () => {
       const { status, body } = await request(app)
-        .get('/partner')
+        .get('/partners')
         .set('Authorization', `Bearer ${user1.accessToken}`)
         .query({ direction: 'shared-by' });
 
@@ -48,7 +48,7 @@ describe('/partner', () => {
 
     it('should get all partners that share with user', async () => {
       const { status, body } = await request(app)
-        .get('/partner')
+        .get('/partners')
         .set('Authorization', `Bearer ${user1.accessToken}`)
         .query({ direction: 'shared-with' });
 
@@ -57,9 +57,9 @@ describe('/partner', () => {
     });
   });
 
-  describe('POST /partner/:id', () => {
+  describe('POST /partners/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post(`/partner/${user3.userId}`);
+      const { status, body } = await request(app).post(`/partners/${user3.userId}`);
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -67,7 +67,7 @@ describe('/partner', () => {
 
     it('should share with new partner', async () => {
       const { status, body } = await request(app)
-        .post(`/partner/${user3.userId}`)
+        .post(`/partners/${user3.userId}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(201);
@@ -76,7 +76,7 @@ describe('/partner', () => {
 
     it('should not share with new partner if already sharing with this partner', async () => {
       const { status, body } = await request(app)
-        .post(`/partner/${user2.userId}`)
+        .post(`/partners/${user2.userId}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(400);
@@ -84,9 +84,9 @@ describe('/partner', () => {
     });
   });
 
-  describe('PUT /partner/:id', () => {
+  describe('PUT /partners/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).put(`/partner/${user2.userId}`);
+      const { status, body } = await request(app).put(`/partners/${user2.userId}`);
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -94,7 +94,7 @@ describe('/partner', () => {
 
     it('should update partner', async () => {
       const { status, body } = await request(app)
-        .put(`/partner/${user2.userId}`)
+        .put(`/partners/${user2.userId}`)
         .set('Authorization', `Bearer ${user1.accessToken}`)
         .send({ inTimeline: false });
 
@@ -103,9 +103,9 @@ describe('/partner', () => {
     });
   });
 
-  describe('DELETE /partner/:id', () => {
+  describe('DELETE /partners/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).delete(`/partner/${user3.userId}`);
+      const { status, body } = await request(app).delete(`/partners/${user3.userId}`);
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -113,7 +113,7 @@ describe('/partner', () => {
 
     it('should delete partner', async () => {
       const { status } = await request(app)
-        .delete(`/partner/${user3.userId}`)
+        .delete(`/partners/${user3.userId}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
@@ -121,7 +121,7 @@ describe('/partner', () => {
 
     it('should throw a bad request if partner not found', async () => {
       const { status, body } = await request(app)
-        .delete(`/partner/${user3.userId}`)
+        .delete(`/partners/${user3.userId}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(400);

e2e/src/api/specs/person.e2e-spec.ts

@@ -12,7 +12,7 @@ const invalidBirthday = [
   { birthDate: new Date(9999, 0, 0).toISOString(), response: ['Birth date cannot be in the future'] },
 ];
 
-describe('/person', () => {
+describe('/people', () => {
   let admin: LoginResponseDto;
   let visiblePerson: PersonResponseDto;
   let hiddenPerson: PersonResponseDto;
@@ -47,11 +47,11 @@ describe('/person', () => {
     ]);
   });
 
-  describe('GET /person', () => {
+  describe('GET /people', () => {
     beforeEach(async () => {});
 
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get('/person');
+      const { status, body } = await request(app).get('/people');
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -59,7 +59,7 @@ describe('/person', () => {
 
     it('should return all people (including hidden)', async () => {
       const { status, body } = await request(app)
-        .get('/person')
+        .get('/people')
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .query({ withHidden: true });
 
@@ -76,7 +76,7 @@ describe('/person', () => {
     });
 
     it('should return only visible people', async () => {
-      const { status, body } = await request(app).get('/person').set('Authorization', `Bearer ${admin.accessToken}`);
+      const { status, body } = await request(app).get('/people').set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(200);
       expect(body).toEqual({
@@ -90,9 +90,9 @@ describe('/person', () => {
     });
   });
 
-  describe('GET /person/:id', () => {
+  describe('GET /people/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get(`/person/${uuidDto.notFound}`);
+      const { status, body } = await request(app).get(`/people/${uuidDto.notFound}`);
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -100,7 +100,7 @@ describe('/person', () => {
 
     it('should throw error if person with id does not exist', async () => {
       const { status, body } = await request(app)
-        .get(`/person/${uuidDto.notFound}`)
+        .get(`/people/${uuidDto.notFound}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(400);
@@ -109,7 +109,7 @@ describe('/person', () => {
 
     it('should return person information', async () => {
       const { status, body } = await request(app)
-        .get(`/person/${visiblePerson.id}`)
+        .get(`/people/${visiblePerson.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(200);
@@ -117,9 +117,9 @@ describe('/person', () => {
     });
   });
 
-  describe('GET /person/:id/statistics', () => {
+  describe('GET /people/:id/statistics', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).get(`/person/${multipleAssetsPerson.id}/statistics`);
+      const { status, body } = await request(app).get(`/people/${multipleAssetsPerson.id}/statistics`);
 
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
@@ -127,7 +127,7 @@ describe('/person', () => {
 
     it('should throw error if person with id does not exist', async () => {
       const { status, body } = await request(app)
-        .get(`/person/${uuidDto.notFound}/statistics`)
+        .get(`/people/${uuidDto.notFound}/statistics`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(400);
@@ -136,7 +136,7 @@ describe('/person', () => {
 
     it('should return the correct number of assets', async () => {
       const { status, body } = await request(app)
-        .get(`/person/${multipleAssetsPerson.id}/statistics`)
+        .get(`/people/${multipleAssetsPerson.id}/statistics`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(200);
@@ -144,9 +144,9 @@ describe('/person', () => {
     });
   });
 
-  describe('POST /person', () => {
+  describe('POST /people', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post(`/person`);
+      const { status, body } = await request(app).post(`/people`);
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
@@ -154,7 +154,7 @@ describe('/person', () => {
     for (const { birthDate, response } of invalidBirthday) {
       it(`should not accept an invalid birth date [${birthDate}]`, async () => {
         const { status, body } = await request(app)
-          .post(`/person`)
+          .post(`/people`)
           .set('Authorization', `Bearer ${admin.accessToken}`)
           .send({ birthDate });
         expect(status).toBe(400);
@@ -164,7 +164,7 @@ describe('/person', () => {
 
     it('should create a person', async () => {
       const { status, body } = await request(app)
-        .post(`/person`)
+        .post(`/people`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({
           name: 'New Person',
@@ -179,9 +179,9 @@ describe('/person', () => {
     });
   });
 
-  describe('PUT /person/:id', () => {
+  describe('PUT /people/:id', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).put(`/person/${uuidDto.notFound}`);
+      const { status, body } = await request(app).put(`/people/${uuidDto.notFound}`);
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
@@ -193,7 +193,7 @@ describe('/person', () => {
     ]) {
       it(`should not allow null ${key}`, async () => {
         const { status, body } = await request(app)
-          .put(`/person/${visiblePerson.id}`)
+          .put(`/people/${visiblePerson.id}`)
           .set('Authorization', `Bearer ${admin.accessToken}`)
           .send({ [key]: null });
         expect(status).toBe(400);
@@ -204,7 +204,7 @@ describe('/person', () => {
     for (const { birthDate, response } of invalidBirthday) {
       it(`should not accept an invalid birth date [${birthDate}]`, async () => {
         const { status, body } = await request(app)
-          .put(`/person/${visiblePerson.id}`)
+          .put(`/people/${visiblePerson.id}`)
           .set('Authorization', `Bearer ${admin.accessToken}`)
           .send({ birthDate });
         expect(status).toBe(400);
@@ -214,7 +214,7 @@ describe('/person', () => {
 
     it('should update a date of birth', async () => {
       const { status, body } = await request(app)
-        .put(`/person/${visiblePerson.id}`)
+        .put(`/people/${visiblePerson.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ birthDate: '1990-01-01T05:00:00.000Z' });
       expect(status).toBe(200);
@@ -223,7 +223,7 @@ describe('/person', () => {
 
     it('should clear a date of birth', async () => {
       const { status, body } = await request(app)
-        .put(`/person/${visiblePerson.id}`)
+        .put(`/people/${visiblePerson.id}`)
         .set('Authorization', `Bearer ${admin.accessToken}`)
         .send({ birthDate: null });
       expect(status).toBe(200);

e2e/src/api/specs/search.e2e-spec.ts

@@ -1,4 +1,4 @@
-import { AssetFileUploadResponseDto, LoginResponseDto, deleteAssets, updateAsset } from '@immich/sdk';
+import { AssetFileUploadResponseDto, LoginResponseDto, deleteAssets, getMapMarkers, updateAsset } from '@immich/sdk';
 import { DateTime } from 'luxon';
 import { readFile } from 'node:fs/promises';
 import { join } from 'node:path';
@@ -24,14 +24,17 @@ describe('/search', () => {
   // let assetRidge: AssetFileUploadResponseDto;
   // let assetPolemonium: AssetFileUploadResponseDto;
   // let assetWood: AssetFileUploadResponseDto;
+  // let assetGlarus: AssetFileUploadResponseDto;
   let assetHeic: AssetFileUploadResponseDto;
   let assetRocks: AssetFileUploadResponseDto;
   let assetOneJpg6: AssetFileUploadResponseDto;
   let assetOneHeic6: AssetFileUploadResponseDto;
   let assetOneJpg5: AssetFileUploadResponseDto;
-  let assetGlarus: AssetFileUploadResponseDto;
   let assetSprings: AssetFileUploadResponseDto;
   let assetLast: AssetFileUploadResponseDto;
+  let cities: string[];
+  let states: string[];
+  let countries: string[];
 
   beforeAll(async () => {
     await utils.resetDatabase();
@@ -49,11 +52,12 @@ describe('/search', () => {
       { filename: '/formats/motionphoto/Samsung One UI 6.jpg' },
       { filename: '/formats/motionphoto/Samsung One UI 6.heic' },
       { filename: '/formats/motionphoto/Samsung One UI 5.jpg' },
-      { filename: '/formats/raw/Nikon/D80/glarus.nef', dto: { isReadOnly: true } },
+
       { filename: '/metadata/gps-position/thompson-springs.jpg', dto: { isArchived: true } },
 
       // used for search suggestions
       { filename: '/formats/png/density_plot.png' },
+      { filename: '/formats/raw/Nikon/D80/glarus.nef' },
       { filename: '/formats/raw/Nikon/D700/philadelphia.nef' },
       { filename: '/albums/nature/orychophragmus_violaceus.jpg' },
       { filename: '/albums/nature/tanners_ridge.jpg' },
@@ -79,7 +83,7 @@ describe('/search', () => {
     }
 
     // note: the coordinates here are not the actual coordinates of the images and are random for most of them
-    const cities = [
+    const coordinates = [
       { latitude: 48.853_41, longitude: 2.3488 }, // paris
       { latitude: 63.0695, longitude: -151.0074 }, // denali
       { latitude: 52.524_37, longitude: 13.410_53 }, // berlin
@@ -90,9 +94,9 @@ describe('/search', () => {
       { latitude: 23.133_02, longitude: -82.383_04 }, // havana
       { latitude: 41.694_11, longitude: 44.833_68 }, // tbilisi
       { latitude: 31.222_22, longitude: 121.458_06 }, // shanghai
-      { latitude: 47.040_57, longitude: 9.068_04 }, // glarus
       { latitude: 38.9711, longitude: -109.7137 }, // thompson springs
       { latitude: 40.714_27, longitude: -74.005_97 }, // new york
+      { latitude: 47.040_57, longitude: 9.068_04 }, // glarus
       { latitude: 32.771_52, longitude: -89.116_73 }, // philadelphia
       { latitude: 31.634_16, longitude: -7.999_94 }, // marrakesh
       { latitude: 38.523_735_4, longitude: -78.488_619_4 }, // tanners ridge
@@ -101,7 +105,7 @@ describe('/search', () => {
     ];
 
     const updates = assets.map((asset, i) =>
-      updateAsset({ id: asset.id, updateAssetDto: cities[i] }, { headers: asBearerAuth(admin.accessToken) }),
+      updateAsset({ id: asset.id, updateAssetDto: coordinates[i] }, { headers: asBearerAuth(admin.accessToken) }),
     );
 
     await Promise.all(updates);
@@ -120,9 +124,9 @@ describe('/search', () => {
       assetOneJpg6,
       assetOneHeic6,
       assetOneJpg5,
-      assetGlarus,
       assetSprings,
       assetDensity,
+      // assetGlarus,
       // assetPhiladelphia,
       // assetOrychophragmus,
       // assetRidge,
@@ -133,6 +137,12 @@ describe('/search', () => {
     assetLast = assets.at(-1) as AssetFileUploadResponseDto;
 
     await deleteAssets({ assetBulkDeleteDto: { ids: [assetSilver.id] } }, { headers: asBearerAuth(admin.accessToken) });
+
+    const mapMarkers = await getMapMarkers({}, { headers: asBearerAuth(admin.accessToken) });
+    const nonTrashed = mapMarkers.filter((mark) => mark.id !== assetSilver.id);
+    cities = [...new Set(nonTrashed.map((mark) => mark.city).filter((entry): entry is string => !!entry))].sort();
+    states = [...new Set(nonTrashed.map((mark) => mark.state).filter((entry): entry is string => !!entry))].sort();
+    countries = [...new Set(nonTrashed.map((mark) => mark.country).filter((entry): entry is string => !!entry))].sort();
   }, 30_000);
 
   afterAll(async () => {
@@ -181,16 +191,7 @@ describe('/search', () => {
         dto: { size: -1.5 },
         expected: ['size must not be less than 1', 'size must be an integer number'],
       },
-      ...[
-        'isArchived',
-        'isFavorite',
-        'isReadOnly',
-        'isExternal',
-        'isEncoded',
-        'isMotion',
-        'isOffline',
-        'isVisible',
-      ].map((value) => ({
+      ...['isArchived', 'isFavorite', 'isEncoded', 'isMotion', 'isOffline', 'isVisible'].map((value) => ({
         should: `should reject ${value} not a boolean`,
         dto: { [value]: 'immich' },
         expected: [`${value} must be a boolean value`],
@@ -246,14 +247,6 @@ describe('/search', () => {
         should: 'should search by isArchived (false)',
         deferred: () => ({ dto: { size: 1, isArchived: false }, assets: [assetLast] }),
       },
-      {
-        should: 'should search by isReadOnly (true)',
-        deferred: () => ({ dto: { isReadOnly: true }, assets: [assetGlarus] }),
-      },
-      {
-        should: 'should search by isReadOnly (false)',
-        deferred: () => ({ dto: { size: 1, isReadOnly: false }, assets: [assetLast] }),
-      },
       {
         should: 'should search by type (image)',
         deferred: () => ({ dto: { size: 1, type: 'IMAGE' }, assets: [assetLast] }),
@@ -452,21 +445,7 @@ describe('/search', () => {
       const { status, body } = await request(app)
         .get('/search/suggestions?type=country')
         .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(body).toEqual([
-        'Cuba',
-        'France',
-        'Georgia',
-        'Germany',
-        'Ghana',
-        'Japan',
-        'Morocco',
-        "People's Republic of China",
-        'Russian Federation',
-        'Singapore',
-        'Spain',
-        'Switzerland',
-        'United States of America',
-      ]);
+      expect(body).toEqual(countries);
       expect(status).toBe(200);
     });
 
@@ -474,23 +453,8 @@ describe('/search', () => {
       const { status, body } = await request(app)
         .get('/search/suggestions?type=state')
         .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(body).toEqual([
-        'Accra, Greater Accra',
-        'Berlin',
-        'Glarus, Glarus',
-        'Havana',
-        'Marrakech, Marrakesh-Safi',
-        'Mesa County, Colorado',
-        'Neshoba County, Mississippi',
-        'New York',
-        'Page County, Virginia',
-        'Paris, Île-de-France',
-        'Province of Córdoba, Andalusia',
-        'Shanghai Municipality, Shanghai',
-        'St.-Petersburg',
-        'Tbilisi',
-        'Tokyo',
-      ]);
+      expect(body).toHaveLength(states.length);
+      expect(body).toEqual(expect.arrayContaining(states));
       expect(status).toBe(200);
     });
 
@@ -498,24 +462,7 @@ describe('/search', () => {
       const { status, body } = await request(app)
         .get('/search/suggestions?type=city')
         .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(body).toEqual([
-        'Accra',
-        'Berlin',
-        'Glarus',
-        'Havana',
-        'Marrakesh',
-        'Montalbán de Córdoba',
-        'New York City',
-        'Palisade',
-        'Paris',
-        'Philadelphia',
-        'Saint Petersburg',
-        'Shanghai',
-        'Singapore',
-        'Stanley',
-        'Tbilisi',
-        'Tokyo',
-      ]);
+      expect(body).toEqual(cities);
       expect(status).toBe(200);
     });