Version v1.56.1

* chore: update to node 18 and alpine 3.17

Signed-off-by: martin <martin.labat92@gmail.com>

* chore: fix sharp version

Signed-off-by: martin <martin.labat92@gmail.com>

* chore(server): use vips-dev

Signed-off-by: martin <martin.labat92@gmail.com>

* update checkDiskUsage

Signed-off-by: martin <martin.labat92@gmail.com>

* fix: use vips-heif instead of libheif

Signed-off-by: martin <martin.labat92@gmail.com>

* fix: use vips instead of vips-cpp

Signed-off-by: martin <martin.labat92@gmail.com>

* fix: ensure vips installation

Signed-off-by: martin <martin.labat92@gmail.com>

---------

Signed-off-by: martin <martin.labat92@gmail.com>

.editorconfig

@@ -0,0 +1,19 @@
+# Editor configuration, see https://editorconfig.org
+root = true
+
+[*]
+charset = utf-8
+indent_style = space
+indent_size = 2
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.{ts,js}]
+quote_type = single
+
+[*.{md,mdx}]
+max_line_length = off
+trim_trailing_whitespace = false
+
+[*.{yml,yaml}]
+quote_type = double

.gitattributes

@@ -0,0 +1,13 @@
+mobile/openapi/**/*.md -diff -merge
+mobile/openapi/**/*.md linguist-generated=true
+mobile/openapi/**/*.dart -diff -merge
+mobile/openapi/**/*.dart linguist-generated=true
+
+web/src/api/open-api/**/*.md -diff -merge
+web/src/api/open-api/**/*.md linguist-generated=true
+
+web/src/api/open-api/**/*.ts -diff -merge
+web/src/api/open-api/**/*.ts linguist-generated=true
+
+mobile/openapi/.openapi-generator/FILES -diff -merge
+mobile/openapi/.openapi-generator/FILES linguist-generated=true

.github/DISCUSSION_TEMPLATE/feature-request.yaml

@@ -0,0 +1,24 @@
+title: "[Feature] <feature-name-goes-here>"
+labels: ["feature"]
+
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Please use this form to request new feature for Immich
+  - type: textarea
+    id: feature
+    attributes:
+      label: The feature
+    validations:
+      required: true
+
+  - type: checkboxes
+    validations:
+      required: true
+    attributes:
+      label: Platform
+      options:
+        - label: Server
+        - label: Web
+        - label: Mobile

.github/FUNDING.yml

@@ -1,3 +1,5 @@
 # These are supported funding model platforms
 
 github: alextran1502
+liberapay: alex.tran1502
+custom: https://www.buymeacoffee.com/altran1502

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,35 +0,0 @@
----
-name: Bug report
-about: Create a report to help us improve
-title: "[BUG]"
-labels: bug
-assignees: ''
-
----
-
-**Describe the bug**
-A clear and concise description of what the bug is.
-
-**To Reproduce**
-Steps to reproduce the behavior:
-1. Go to '...'
-2. Click on '....'
-3. Scroll down to '....'
-4. See error
-
-**Expected behavior**
-A clear and concise description of what you expected to happen.
-
-**Screenshots**
-If applicable, add screenshots to help explain your problem.
-
-**Desktop (please complete the following information):**
- - OS: [e.g. iOS]
-
-**Smartphone (please complete the following information):**
- - Device: [e.g. iPhone6]
- - OS: [e.g. iOS8.1]
- - Version [e.g. 22]
-
-**Additional context**
-Add any other context about the problem here.

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -0,0 +1,100 @@
+name: Report an issue with Immich
+description: Report an issue with Immich
+labels: ["bug", "need triage"]
+title: "[BUG] <title>"
+body:
+  - type: markdown
+    attributes:
+      value: |
+        This issue form is for reporting bugs only!
+
+        If you have a feature or enhancement request, please use the [feature request][fr] section of our [GitHub Discussions][fr].
+
+        [fr]: https://github.com/immich-app/immich/discussions/new?category=feature-request
+
+  - type: textarea
+    validations:
+      required: true
+    attributes:
+      label: The bug
+      description: >-
+        Describe the issue you are experiencing here, to communicate to the
+        maintainers. Tell us what you were trying to do and what happened.
+
+        Provide a clear and concise description of what the problem is.
+
+  - type: markdown
+    attributes:
+      value: |
+        ## Environment
+
+  - type: input
+    validations:
+      required: true
+    attributes:
+      label: The OS that Immich Server is running on
+      placeholder: Ubuntu 22.10, Debian, Arch...etc
+
+  - type: input
+    id: version
+    validations:
+      required: true
+    attributes:
+      label: Version of Immich Server
+      placeholder: v1.0.0
+
+  - type: input
+    validations:
+      required: true
+    attributes:
+      label: Version of Immich Mobile App
+      placeholder: v1.0.0
+
+  - type: checkboxes
+    validations:
+      required: true
+    attributes:
+      label: Platform with the issue
+      options:
+        - label: Server
+        - label: Web
+        - label: Mobile
+
+  - type: textarea
+    validations:
+      required: true
+    attributes:
+      label: Your docker-compose.yml content
+      render: YAML
+
+  - type: textarea
+    validations:
+      required: true
+    attributes:
+      label: Your .env content
+      description: Please provide the redacted .env content of your setup
+      render: Shell
+
+  - type: textarea
+    id: repro
+    attributes:
+      label: Reproduction steps
+      description: "How do you trigger this bug? Please walk us through it step by step."
+      value: |
+        1.
+        2.
+        3.
+        ...
+      render: bash
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Additional information
+      description: >
+        If you have any additional information for us, use the field below.
+
+  - type: markdown
+    attributes:
+      value: Thank you for submitting the form

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,11 @@
+blank_issues_enabled: false
+contact_links:
+  - name: I have a question or need support
+    url: https://discord.gg/D8JsnBEuKb
+    about: We use GitHub for tracking bugs, please check out our Discord channel for freaky fast support.
+  - name: Feature Request
+    url: https://github.com/immich-app/immich/discussions/new?category=feature-request
+    about: Please use our GitHub Discussion for making feature requests.
+  - name: I'm unsure where to go
+    url: https://discord.gg/D8JsnBEuKb
+    about: If you are unsure where to go, then joining our Discord is recommended; Just ask!

.github/PULL_REQUEST_TEMPLATE/config.yml

@@ -0,0 +1,2 @@
+blank_issues_enabled: false
+blank_pull_request_template_enabled: false

.github/PULL_REQUEST_TEMPLATE/pull_request_template.md

@@ -0,0 +1,22 @@
+## Description
+<!--- Describe your changes in detail -->
+<!--- Why is this change required? What problem does it solve? -->
+<!--- If it fixes an open issue, please link to the issue here. -->
+
+Fixes # (issue)
+
+
+## How Has This Been Tested?
+
+<!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration -->
+
+- [ ] Test A
+- [ ] Test B
+
+## Screenshots (if appropriate):
+
+
+## Checklist:
+
+- [ ] I have performed a self-review of my own code
+- [ ] I have made corresponding changes to the documentation if applicable

.github/workflows/build-mobile.yml

@@ -0,0 +1,73 @@
+name: Build Mobile
+
+on:
+  workflow_dispatch:
+  workflow_call:
+    inputs:
+      ref:
+        required: false
+        type: string
+  pull_request:
+  push:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build-sign-android:
+    name: Build and sign Android
+    # Skip when PR from a fork
+    if: ${{ !github.event.pull_request.head.repo.fork }}
+    runs-on: macos-12
+
+    steps:
+      - name: Determine ref
+        id: get-ref
+        run: |
+          input_ref="${{ inputs.ref }}"
+          github_ref="${{ github.sha }}"
+          ref="${input_ref:-$github_ref}"
+          echo "ref=$ref" >> $GITHUB_OUTPUT
+
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ steps.get-ref.outputs.ref }}
+
+      - uses: actions/setup-java@v3
+        with:
+          distribution: "zulu"
+          java-version: "12.x"
+          cache: "gradle"
+
+      - name: Setup Flutter SDK
+        uses: subosito/flutter-action@v2
+        with:
+          channel: "stable"
+          flutter-version: "3.10.0"
+          cache: true
+
+      - name: Create the Keystore
+        env:
+          KEY_JKS: ${{ secrets.KEY_JKS }}
+        working-directory: ./mobile
+        run: echo $KEY_JKS | base64 -d > android/key.jks
+
+      - name: Get Packages
+        working-directory: ./mobile
+        run: flutter pub get
+
+      - name: Build Android App Bundle
+        working-directory: ./mobile
+        env:
+          ALIAS: ${{ secrets.ALIAS }}
+          ANDROID_KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
+          ANDROID_STORE_PASSWORD: ${{ secrets.ANDROID_STORE_PASSWORD }}
+        run: flutter build apk --release
+
+      - name: Publish Android Artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: release-apk-signed
+          path: mobile/build/app/outputs/flutter-apk/app-release.apk

.github/workflows/build_push_server_latest.yml

@@ -1,42 +0,0 @@
-name: Build Server - Latest
-
-on:
-  workflow_dispatch:
-  push:
-    branches: [main]
-  pull_request:
-    branches: [main]
-
-jobs:
-  buildandpush:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          ref: "main" # branch
-      # https://github.com/docker/setup-qemu-action#usage
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1.2.0
-      # https://github.com/marketplace/actions/docker-setup-buildx
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v1.6.0
-      # https://github.com/docker/login-action#docker-hub
-      - name: Login to Docker Hub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      # https://github.com/docker/build-push-action#multi-platform-image
-      - name: Build and push Immich
-        uses: docker/build-push-action@v2.10.0
-        with:
-          context: ./server
-          file: ./server/Dockerfile
-          #platforms: linux/amd64,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/mips64le,linux/mips64,linux/arm/v7,linux/arm/v6
-          platforms: linux/arm/v7,linux/amd64,linux/arm64
-          pull: true
-          push: true
-          tags: |
-            altran1502/immich-server:latest

.github/workflows/build_push_server_release.yml

@@ -1,40 +0,0 @@
-name: Build Server - Release
-
-on:
-  workflow_dispatch:
-  release:
-    types: [published]
-
-jobs:
-  buildandpush:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          ref: "main" # branch
-      # https://github.com/docker/setup-qemu-action#usage
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1.2.0
-      # https://github.com/marketplace/actions/docker-setup-buildx
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v1.6.0
-      # https://github.com/docker/login-action#docker-hub
-      - name: Login to Docker Hub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      # https://github.com/docker/build-push-action#multi-platform-image
-      - name: Build and push Immich
-        uses: docker/build-push-action@v2.10.0
-        with:
-          context: ./server
-          file: ./server/Dockerfile
-          #platforms: linux/amd64,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/mips64le,linux/mips64,linux/arm/v7,linux/arm/v6
-          platforms: linux/arm/v7,linux/amd64,linux/arm64
-          pull: true
-          push: true
-          tags: |
-            altran1502/immich-server:${{github.ref_name}}

.github/workflows/cache-cleanup.yml

@@ -0,0 +1,37 @@
+name: Clean up actions cache on PR close
+on:
+  pull_request:
+    types:
+      - closed
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  cleanup:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+
+      - name: Cleanup
+        run: |
+          gh extension install actions/gh-actions-cache
+
+          REPO=${{ github.repository }}
+          BRANCH=${{ github.ref }}
+
+          echo "Fetching list of cache keys"
+          cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH -L 100 | cut -f 1 )
+
+          ## Setting this to not fail the workflow while deleting cache keys.
+          set +e
+          echo "Deleting caches..."
+          for cacheKey in $cacheKeysForPR
+          do
+              gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm
+          done
+          echo "Done"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,78 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+  schedule:
+    - cron: '20 13 * * 1'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript', 'python' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines.
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"

.github/workflows/dispatch_sdk_update.yml

@@ -0,0 +1,26 @@
+name: Update Immich SDK
+
+on:
+  workflow_dispatch:
+  push:
+    branches: ["main"]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  update-sdk-repos:
+    runs-on: ubuntu-latest
+    if: ${{ !github.event.pull_request.head.repo.fork }}
+    steps:
+      - uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}
+          script: |
+            await github.rest.actions.createWorkflowDispatch({
+              owner: 'immich-app',
+              repo: 'immich-sdk-typescript-axios',
+              workflow_id: 'build.yml',
+              ref: 'main'
+            })

.github/workflows/docker-cleanup.yml

@@ -0,0 +1,79 @@
+# This workflow runs on certain conditions to check for and potentially
+# delete container images from the GHCR which no longer have an associated
+# code branch.
+# Requires a PAT with the correct scope set in the secrets.
+#
+# This workflow will not trigger runs on forked repos.
+
+name: Cleanup Old Docker Images
+
+on:
+  pull_request:
+    types:
+      - "closed"
+  push:
+    paths:
+      - ".github/workflows/docker-cleanup.yml"
+
+concurrency:
+  group: registry-tags-cleanup
+  cancel-in-progress: false
+
+jobs:
+  cleanup-images:
+    name: Cleanup Stale Images Tags for ${{ matrix.primary-name }}
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - primary-name: "immich-server"
+          - primary-name: "immich-machine-learning"
+          - primary-name: "immich-web"
+          - primary-name: "immich-proxy"
+    env:
+      # Requires a personal access token with the OAuth scope delete:packages
+      TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
+    steps:
+      -
+        name: Clean temporary images
+        if: "${{ env.TOKEN != '' }}"
+        uses: stumpylog/image-cleaner-action/ephemeral@v0.1.0
+        with:
+          token: "${{ env.TOKEN }}"
+          owner: "immich-app"
+          is_org: "true"
+          do_delete: "true"
+          package_name: "${{ matrix.primary-name }}"
+          scheme: "pull_request"
+          repo_name: "immich"
+          match_regex: '^pr-(\d+)$|^(\d+)$'
+
+  cleanup-untagged-images:
+    name: Cleanup Untagged Images Tags for ${{ matrix.primary-name }}
+    runs-on: ubuntu-22.04
+    needs:
+      - cleanup-images
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - primary-name: "immich-server"
+          - primary-name: "immich-machine-learning"
+          - primary-name: "immich-web"
+          - primary-name: "immich-proxy"
+          - primary-name: "immich-build-cache"
+    env:
+      # Requires a personal access token with the OAuth scope delete:packages
+      TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
+    steps:
+      -
+        name: Clean untagged images
+        if: "${{ env.TOKEN != '' }}"
+        uses: stumpylog/image-cleaner-action/untagged@v0.1.0
+        with:
+          token: "${{ env.TOKEN }}"
+          owner: "immich-app"
+          do_delete: "true"
+          is_org: "true"
+          package_name: "${{ matrix.primary-name }}"

.github/workflows/docker.yml

@@ -0,0 +1,112 @@
+name: Build and Push Docker Images
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  release:
+    types: [published]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  packages: write
+
+jobs:
+  build_and_push:
+    runs-on: ubuntu-latest
+    strategy:
+      # Prevent a failure in one image from stopping the other builds
+      fail-fast: false
+      matrix:
+        include:
+          - context: "server"
+            image: "immich-server"
+            platforms: "linux/arm/v7,linux/amd64,linux/arm64"
+          - context: "web"
+            image: "immich-web"
+            platforms: "linux/arm/v7,linux/amd64,linux/arm64"
+          - context: "machine-learning"
+            image: "immich-machine-learning"
+            platforms: "linux/amd64,linux/arm64"
+          - context: "nginx"
+            image: "immich-proxy"
+            platforms: "linux/arm/v7,linux/amd64,linux/arm64"
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2.1.0
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2.5.0
+        # Workaround to fix error:
+        # failed to push: failed to copy: io: read/write on closed pipe
+        # See https://github.com/docker/build-push-action/issues/761
+        with:
+          driver-opts: |
+            image=moby/buildkit:v0.10.6
+
+      - name: Login to Docker Hub
+        # Only push to Docker Hub when making a release
+        if: ${{ github.event_name == 'release' }}
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        # Skip when PR from a fork
+        if: ${{ !github.event.pull_request.head.repo.fork }}
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Generate docker image tags
+        id: metadata
+        uses: docker/metadata-action@v4
+        with:
+          flavor: |
+            # Disable latest tag
+            latest=false
+          images: |
+            name=ghcr.io/${{ github.repository_owner }}/${{matrix.image}}
+            name=altran1502/${{matrix.image}},enable=${{ github.event_name == 'release' }}
+          tags: |
+            # Tag with branch name
+            type=ref,event=branch
+            # Tag with pr-number
+            type=ref,event=pr
+            # Tag with git tag on release
+            type=ref,event=tag
+            type=raw,value=release,enable=${{ github.event_name == 'release' }}
+
+      - name: Determine build cache output
+        id: cache-target
+        run: |
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+            # Essentially just ignore the cache output (PR can't write to registry cache)
+            echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
+          else
+            echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ matrix.image }}" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Build and push image
+        uses: docker/build-push-action@v4.0.0
+        with:
+          context: ${{ matrix.context }}
+          platforms: ${{ matrix.platforms }}
+          # Skip pushing when PR from a fork
+          push: ${{ !github.event.pull_request.head.repo.fork }}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{matrix.image}}
+          cache-to: ${{ steps.cache-target.outputs.cache-to }}
+          tags: ${{ steps.metadata.outputs.tags }}
+          labels: ${{ steps.metadata.outputs.labels }}

.github/workflows/prepare-release.yml

@@ -0,0 +1,83 @@
+name: Prepare new release
+
+on:
+  workflow_dispatch:
+    inputs:
+      serverBump:
+        description: "Bump server version"
+        required: true
+        default: "false"
+        type: choice
+        options:
+          - "false"
+          - minor
+          - patch
+      mobileBump:
+        description: "Bump mobile build number"
+        required: false
+        type: boolean
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-root
+  cancel-in-progress: true
+
+jobs:
+  bump_version:
+    runs-on: ubuntu-latest
+
+    outputs:
+      ref: ${{ steps.push-tag.outputs.commit_long_sha }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.ORG_RELEASE_TOKEN }}
+
+      - name: Bump version
+        run: misc/release/pump-version.sh -s "${{ inputs.serverBump }}" -m "${{ inputs.mobileBump }}"
+
+      - name: Commit and tag
+        id: push-tag
+        uses: EndBug/add-and-commit@v9
+        with:
+          author_name: Alex The Bot
+          author_email: alex.tran1502@gmail.com
+          default_author: user_info 
+          message: "Version ${{ env.IMMICH_VERSION }}"
+          tag: ${{ env.IMMICH_VERSION }}
+          push: true
+
+  build_mobile:
+    uses: ./.github/workflows/build-mobile.yml
+    needs: bump_version
+    secrets: inherit
+    with:
+      ref: ${{ needs.bump_version.outputs.ref }}
+
+  prepare_release:
+    runs-on: ubuntu-latest
+    needs: build_mobile
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.ORG_RELEASE_TOKEN }}
+
+      - name: Download APK
+        uses: actions/download-artifact@v3
+        with:
+          name: release-apk-signed
+
+      - name: Create draft release
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: true
+          tag_name: ${{ env.IMMICH_VERSION }}
+          generate_release_notes: true
+          body_path: misc/release/notes.tmpl
+          files: |
+            docker/docker-compose.yml
+            docker/example.env
+            *.apk

.github/workflows/static_analysis.yml

@@ -0,0 +1,34 @@
+name: Static Code Analysis
+on:
+  workflow_dispatch:
+  pull_request:
+  push:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  mobile-dart-analyze:
+    name: Run Dart Code Analysis
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Setup Flutter SDK
+        uses: subosito/flutter-action@v2
+        with:
+          channel: "stable"
+          flutter-version: "3.10.0"
+
+      - name: Install dependencies
+        run: dart pub get
+        working-directory: ./mobile
+
+      - name: Run dart analyze
+        run: dart analyze --fatal-infos
+        working-directory: ./mobile

.github/workflows/test.yml

@@ -0,0 +1,253 @@
+name: Test
+on:
+  workflow_dispatch:
+  pull_request:
+  push:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  e2e-tests:
+    name: Run end-to-end test suites
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Run Immich Server E2E Test
+        run: docker-compose -f ./docker/docker-compose.test.yml --env-file ./docker/.env.test up --abort-on-container-exit --exit-code-from immich-server-test
+
+  doc-tests:
+    name: Run documentation checks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./docs
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Run npm install
+        run: npm ci
+
+      - name: Run formatter
+        run: npm run format
+        if: ${{ !cancelled() }}
+
+      - name: Run tsc
+        run: npm run check
+        if: ${{ !cancelled() }}
+
+  server-unit-tests:
+    name: Run server unit test suites and checks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./server
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Run npm install
+        run: npm ci
+
+      - name: Run linter
+        run: npm run lint
+        if: ${{ !cancelled() }}
+
+      - name: Run formatter
+        run: npm run format
+        if: ${{ !cancelled() }}
+
+      - name: Run tsc
+        run: npm run check
+        if: ${{ !cancelled() }}
+
+      - name: Run unit tests & coverage
+        run: npm run test:cov
+        if: ${{ !cancelled() }}
+
+  web-unit-tests:
+    name: Run web unit test suites and checks
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./web
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Run npm install
+        run: npm ci
+
+      - name: Run linter
+        run: npm run lint
+        if: ${{ !cancelled() }}
+
+      - name: Run formatter
+        run: npm run format
+        if: ${{ !cancelled() }}
+
+      - name: Run svelte checks
+        run: npm run check
+        if: ${{ !cancelled() }}
+
+      - name: Run unit tests & coverage
+        run: npm run test:cov
+        if: ${{ !cancelled() }}
+
+  mobile-unit-tests:
+    name: Run mobile unit tests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Flutter SDK
+        uses: subosito/flutter-action@v2
+        with:
+          channel: "stable"
+          flutter-version: "3.10.0"
+      - name: Run tests
+        working-directory: ./mobile
+        run: flutter test -j 1
+
+  generated-api-up-to-date:
+    name: Check generated files are up-to-date
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Run API generation
+        run: npm --prefix server run api:generate
+      - name: Find file changes
+        uses: tj-actions/verify-changed-files@v13.1
+        id: verify-changed-files
+        with:
+          files: |
+            mobile/openapi
+            web/src/api/open-api
+      - name: Verify files have not changed
+        if: steps.verify-changed-files.outputs.files_changed == 'true'
+        run: |
+          echo "ERROR: Generated files not up to date!"
+          echo "Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}"
+          exit 1
+
+  generated-typeorm-migrations-up-to-date:
+    name: Check generated TypeORM migrations are up-to-date
+    runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_USER: postgres
+          POSTGRES_DB: immich
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+    steps:
+      - uses: actions/checkout@v3
+      - name: Install server dependencies
+        run: npm --prefix server ci
+      - name: Run existing migrations
+        run: npm --prefix server run typeorm:migrations:run
+      - name: Generate new migrations
+        continue-on-error: true
+        run: npm --prefix server run typeorm:migrations:generate ./libs/infra/src/migrations/TestMigration
+      - name: Find file changes
+        uses: tj-actions/verify-changed-files@v13.1
+        id: verify-changed-files
+        with:
+          files: |
+            server/libs/infra/src/migrations/
+      - name: Verify files have not changed
+        if: steps.verify-changed-files.outputs.files_changed == 'true'
+        run: |
+          echo "ERROR: Generated files not up to date!"
+          echo "Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}"
+          exit 1
+
+  # mobile-integration-tests:
+  #   name: Run mobile end-to-end integration tests
+  #   runs-on: macos-latest
+  #   steps:
+  #     - uses: actions/checkout@v3
+  #     - uses: actions/setup-java@v3
+  #       with:
+  #         distribution: 'zulu'
+  #         java-version: '12.x'
+  #         cache: 'gradle'
+  #     - name: Cache android SDK
+  #       uses: actions/cache@v3
+  #       id: android-sdk
+  #       with:
+  #         key: android-sdk
+  #         path: |
+  #           /usr/local/lib/android/
+  #           ~/.android
+  #     - name: Cache Gradle
+  #       uses: actions/cache@v3
+  #       with:
+  #         path: |
+  #           ./mobile/build/
+  #           ./mobile/android/.gradle/
+  #         key: ${{ runner.os }}-flutter-${{ hashFiles('**/*.gradle*', 'pubspec.lock') }}
+  #     - name: Setup Android SDK
+  #       if: steps.android-sdk.outputs.cache-hit != 'true'
+  #       uses: android-actions/setup-android@v2
+  #     - name: AVD cache
+  #       uses: actions/cache@v3
+  #       id: avd-cache
+  #       with:
+  #         path: |
+  #           ~/.android/avd/*
+  #           ~/.android/adb*
+  #         key: avd-29
+  #     - name: create AVD and generate snapshot for caching
+  #       if: steps.avd-cache.outputs.cache-hit != 'true'
+  #       uses: reactivecircus/android-emulator-runner@v2.27.0
+  #       with:
+  #         working-directory: ./mobile
+  #         cores: 2
+  #         api-level: 29
+  #         arch: x86_64
+  #         profile: pixel
+  #         target: default
+  #         force-avd-creation: false
+  #         emulator-options: -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
+  #         disable-animations: false
+  #         script: echo "Generated AVD snapshot for caching."
+  #     - name: Setup Flutter SDK
+  #       uses: subosito/flutter-action@v2
+  #       with:
+  #         channel: 'stable'
+  #         flutter-version: '3.7.3'
+  #         cache: true
+  #     - name: Run integration tests
+  #       uses: Wandalen/wretry.action@master
+  #       with:
+  #         action: reactivecircus/android-emulator-runner@v2.27.0
+  #         with: |
+  #           working-directory: ./mobile
+  #           cores: 2
+  #           api-level: 29
+  #           arch: x86_64
+  #           profile: pixel
+  #           target: default
+  #           force-avd-creation: false
+  #           emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
+  #           disable-animations: true
+  #           script: |
+  #             flutter pub get
+  #             flutter test integration_test
+  #         attempt_limit: 3

.gitignore

@@ -1,3 +1,12 @@
 .DS_Store
-.vscode
-.idea
+.vscode/*
+!.vscode/launch.json
+.idea
+
+docker/upload
+uploads
+coverage
+
+mobile/gradle.properties
+mobile/openapi/pubspec.lock
+mobile/*.jks

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "mobile/.isar"]
+	path = mobile/.isar
+	url = https://github.com/isar/isar

.vscode/launch.json

@@ -0,0 +1,23 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "type": "node",
+      "request": "attach",
+      "restart": true,
+      "port": 9230,
+      "name": "Immich Server",
+      "remoteRoot": "/usr/src/app",
+      "localRoot": "${workspaceFolder}/server"
+    },
+    {
+      "type": "node",
+      "request": "attach",
+      "restart": true,
+      "port": 9231,
+      "name": "Immich Microservices",
+      "remoteRoot": "/usr/src/app",
+      "localRoot": "${workspaceFolder}/server"
+    }
+  ]
+}

CODE_OF_CONDUCT.md

@@ -0,0 +1,134 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation
+in our community a harassment-free experience for everyone, regardless
+of age, body size, visible or invisible disability, ethnicity, sex
+characteristics, gender identity and expression, level of experience,
+education, socio-economic status, nationality, personal appearance,
+race, religion, or sexual identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open,
+welcoming, diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for
+our community include:
+
+- Demonstrating empathy and kindness toward other people
+- Being respectful of differing opinions, viewpoints, and experiences
+- Giving and gracefully accepting constructive feedback
+- Accepting responsibility and apologizing to those affected by our
+  mistakes, and learning from the experience
+- Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+- The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+- Trolling, insulting or derogatory comments, and personal or
+  political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+- Other conduct which could reasonably be considered inappropriate in
+  a professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our
+standards of acceptable behavior and will take appropriate and fair
+corrective action in response to any behavior that they deem
+inappropriate, threatening, offensive, or harmful.
+
+Community leaders have the right and responsibility to remove, edit,
+or reject comments, commits, code, wiki edits, issues, and other
+contributions that are not aligned to this Code of Conduct, and will
+communicate reasons for moderation decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also
+applies when an individual is officially representing the community in
+public spaces. Examples of representing our community include using an
+official e-mail address, posting via an official social media account,
+or acting as an appointed representative at an online or offline
+event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior
+may be reported to the community leaders responsible for enforcement
+at our Discord channel. All complaints
+will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and
+security of the reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in
+determining the consequences for any action they deem in violation of
+this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior
+deemed unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders,
+providing clarity around the nature of the violation and an
+explanation of why the behavior was inappropriate. A public apology
+may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued
+behavior. No interaction with the people involved, including
+unsolicited interaction with those enforcing the Code of Conduct, for
+a specified period of time. This includes avoiding interactions in
+community spaces as well as external channels like social
+media. Violating these terms may lead to a temporary or permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards,
+including sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or
+public communication with the community for a specified period of
+time. No public or private interaction with the people involved,
+including unsolicited interaction with those enforcing the Code of
+Conduct, is allowed during this period. Violating these terms may lead
+to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of
+community standards, including sustained inappropriate behavior,
+harassment of an individual, or aggression toward or disparagement of
+classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction
+within the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor
+Covenant][homepage], version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of
+conduct enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the
+FAQ at https://www.contributor-covenant.org/faq. Translations are
+available at https://www.contributor-covenant.org/translations.

Makefile

@@ -1,11 +1,35 @@
 dev:
-	docker-compose -f ./docker/docker-compose.dev.yml up --remove-orphans
+	rm -rf ./server/dist && docker-compose -f ./docker/docker-compose.dev.yml up --remove-orphans
+
+dev-new:
+	rm -rf ./server/dist && docker compose -f ./docker/docker-compose.dev.yml up --remove-orphans
+
+dev-new-update:
+	rm -rf ./server/dist && docker compose -f ./docker/docker-compose.dev.yml up --build -V --remove-orphans
 
 dev-update:
-	docker-compose -f ./docker/docker-compose.dev.yml up --build -V --remove-orphans
+	rm -rf ./server/dist && docker-compose -f ./docker/docker-compose.dev.yml up --build -V --remove-orphans
 
 dev-scale:
-	docker-compose -f ./docker/docker-compose.dev.yml up --build -V  --scale immich_server=3 --remove-orphans 
+	rm -rf ./server/dist && docker-compose -f ./docker/docker-compose.dev.yml up --build -V  --scale immich-server=3 --remove-orphans
+
+stage:
+	docker-compose -f ./docker/docker-compose.staging.yml up --build -V --remove-orphans
+
+pull-stage:
+	docker-compose -f ./docker/docker-compose.staging.yml pull
+
+test-e2e:
+	docker-compose -f ./docker/docker-compose.test.yml --env-file ./docker/.env.test -p immich-test-e2e up  --renew-anon-volumes --abort-on-container-exit --exit-code-from immich-server-test --remove-orphans --build
 
 prod:
-	docker-compose -f ./docker/docker-compose.yml up --build -V --remove-orphans
+	docker-compose -f ./docker/docker-compose.yml up --build -V --remove-orphans
+
+prod-scale:
+	docker-compose -f ./docker/docker-compose.yml up --build -V --scale immich-server=3 --scale immich-microservices=3 --remove-orphans
+
+api:
+	cd ./server && npm run api:generate
+
+attach-server:
+	docker exec -it docker_immich-server_1 sh

PR_CHECKLIST.md

@@ -1,13 +0,0 @@
-# Deployment checklist for iOS/Android/Server
-
-[] Up version in [mobile/pubspec.yml](/mobile/pubspec.yaml)
-
-[] Up version in [docker/docker-compose.yml](/docker/docker-compose.yml) for `immich_server` service
-
-[] Up version in [docker/docker-compose.gpu.yml](/docker/docker-compose.gpu.yml) for `immich_server` service
-
-[] Up version in [server/src/constants/server_version.constant.ts](/server/src/constants/server_version.constant.ts)
-
-[] Up version in iOS Fastlane [/mobile/ios/fastlane/Fastfile](/mobile/ios/fastlane/Fastfile)
-
-All of the version should be the same.

README.md

@@ -1,148 +1,102 @@
-<p align="center">
+<p align="center"> 
+  <br/>  
   <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/license-MIT-green.svg?color=3F51B5&style=for-the-badge&label=License&logoColor=000000&labelColor=ececec" alt="License: MIT"></a>
-  <a href="https://github.com/alextran1502/immich"><img src="https://img.shields.io/github/stars/alextran1502/immich.svg?style=for-the-badge&logo=github&color=3F51B5&label=Stars&logoColor=000000&labelColor=ececec" alt="Star on Github"></a>
-  <a href="https://immichci.little-home.net/viewType.html?buildTypeId=Immich_BuildAndroidAndGetArtifact&guest=1">
-    <img src="https://img.shields.io/teamcity/http/immichci.little-home.net/s/Immich_BuildAndroidAndGetArtifact.svg?style=for-the-badge&label=Android&logo=teamcity&logoColor=000000&labelColor=ececec" alt="Android Build"/>
+  <a href="https://discord.gg/D8JsnBEuKb">
+    <img src="https://img.shields.io/discord/979116623879368755.svg?label=Discord&logo=Discord&style=for-the-badge&logoColor=000000&labelColor=ececec" atl="Discord"/>
   </a>
-  <a href="https://immichci.little-home.net/viewType.html?buildTypeId=Immich_BuildAndPublishIOSToTestFlight&guest=1">
-    <img src="https://img.shields.io/teamcity/http/immichci.little-home.net/s/Immich_BuildAndPublishIOSToTestFlight.svg?style=for-the-badge&label=iOS&logo=teamcity&logoColor=000000&labelColor=ececec" alt="iOS Build"/>
-  </a>
-  <a href="https://actions-badge.atrox.dev/alextran1502/immich/goto?ref=main">
-    <img alt="Build Status" src="https://img.shields.io/endpoint.svg?url=https%3A%2F%2Factions-badge.atrox.dev%2Falextran1502%2Fimmich%2Fbadge%3Fref%3Dmain&style=for-the-badge&label=Server Docker&logo=docker&labelColor=ececec" />
-  </a>
-  
   <br/>  
-  <br/>  
-  <br/>  
-  <br/>  
-
-  <p align="center">
-    <img src="design/immich-logo.svg" width="200" title="Immich Logo">
-  </p>
+  <br/>   
 </p>
 
-# Immich
-
-Self-hosted photo and video backup solution directly from your mobile phone.
-
-![](https://media.giphy.com/media/y8ZeaAigGmNvlSoKhU/giphy.gif)
-
-Loading ~4000 images/videos
-
-## Screenshots
-
-<p align="left">
-  <img src="design/nsc1.png" width="150" title="Login With Custom URL">
-  <img src="design/nsc2.png" width="150" title="Backup Setting Info">
-  <img src="design/nsc3.png" width="150" title="Multiple select">
-  <img src="design/nsc4.jpeg" width="150" title="Curated Search Info">
-  <img src="design/nsc6.png" width="150" title="EXIF Info">
-
+<p align="center">
+<img src="design/immich-logo.svg" width="150" title="Login With Custom URL">
+</p>
+<h3 align="center">Immich - High performance self-hosted photo and video backup solution</h3>
+<br/>
+<a href="https://immich.app">
+<img src="design/immich-screenshots.png" title="Main Screenshot">
+</a>
+<br/>
+<p align="center">
+  <a href="README_zh_CN.md">中文</a>
 </p>
 
-# Note
+## Disclaimer
 
-**!! NOT READY FOR PRODUCTION! DO NOT USE TO STORE YOUR ASSETS !!**
+- ⚠️ The project is under **very active** development.
+- ⚠️ Expect bugs and breaking changes.
+- ⚠️ **Do not use the app as the only way to store your photos and videos!**
 
-This project is under heavy development, there will be continous functions, features and api changes.
+## Content
+
+- [Official Documentation](https://immich.app/docs)
+- [Roadmap](https://github.com/orgs/immich-app/projects/1)
+- [Demo](#demo)
+- [Features](#features)
+- [Introduction](https://immich.app/docs/overview/introduction)
+- [Installation](https://immich.app/docs/install/requirements)
+- [Contribution Guidelines](https://immich.app/docs/overview/support-the-project)
+- [Support The Project](#support-the-project)
+
+## Documentation
+
+You can find the main documentation, including installation guides, at https://immich.app/.
+
+## Demo
+
+You can access the web demo at https://demo.immich.app
+
+For the mobile app, you can use `https://demo.immich.app/api` for the `Server Endpoint URL`
+
+```bash title="Demo Credential"
+The credential
+email: demo@immich.app
+password: demo
+```
+
+```
+Spec: Free-tier Oracle VM - Amsterdam - 2.4Ghz quad-core ARM64 CPU, 24GB RAM
+```
 
 # Features
 
-- Upload and view assets(videos/images).
-- Multi-user supported.
-- Quick navigation with drag scroll bar.
-- Auto Backup.
-- Support HEIC/HEIF Backup.
-- Extract and display EXIF info.
-- Real-time render from multi-device upload event.
-- Image Tagging/Classification based on ImageNet dataset
-- Object detection based on COCO SSD.
-- Search assets based on tags and exif data (lens, make, model, orientation)
-- Upload assets from your local computer/server using [immich cli tools](https://www.npmjs.com/package/immich)
-- [Optional] Reserve geocoding using Mapbox (Generous free-tier of 100,000 search/month)
-- Show asset's location information on map (OpenStreetMap).
-- Show curated places on the search page
-- Show curated objects on the search page
+| Features                                     | Mobile | Web |
+| -------------------------------------------- | ------ | --- |
+| Upload and view videos and photos            | Yes    | Yes |
+| Auto backup when the app is opened           | Yes    | N/A |
+| Selective album(s) for backup                | Yes    | N/A |
+| Download photos and videos to local device   | Yes    | Yes |
+| Multi-user support                           | Yes    | Yes |
+| Album and Shared albums                      | Yes    | Yes |
+| Scrubbable/draggable scrollbar               | Yes    | Yes |
+| Support RAW (HEIC, HEIF, DNG, Apple ProRaw)  | Yes    | Yes |
+| Metadata view (EXIF, map)                    | Yes    | Yes |
+| Search by metadata, objects, faces, and CLIP | Yes    | Yes |
+| Administrative functions (user management)   | No     | Yes |
+| Background backup                            | Yes    | N/A |
+| Virtual scroll                               | Yes    | Yes |
+| OAuth support                                | Yes    | Yes |
+| API Keys                                     | N/A    | Yes |
+| LivePhoto backup and playback                | iOS    | Yes |
+| User-defined storage structure               | Yes    | Yes |
+| Public Sharing                               | No     | Yes |
+| Archive and Favorites                        | Yes    | Yes |
+| Global Map                                   | No     | Yes |
+| Partner Sharing                              | No     | Yes |
+| Facial recognition and clustering            | No     | Yes |
 
-# Development
+# Support the project
 
-You can use docker compose for development, there are several services that compose Immich
+I've committed to this project, and I will not stop. I will keep updating the docs, adding new features, and fixing bugs. But I can't do it alone. So I need your help to give me additional motivation to keep going.
 
-1. NestJs
-2. PostgreSQL
-3. Redis
-4. Nginx
-5. TensorFlow
+As our hosts in the [selfhosted.show - In the episode 'The-organization-must-not-be-name is a Hostile Actor'](https://selfhosted.show/79?t=1418) said, this is a massive undertaking of what the team and I are doing. And I would love to someday be able to do this full-time, and I am asking for your help to make that happen.
 
-## Populate .env file
+If you feel like this is the right cause and the app is something you are seeing yourself using for a long time, please consider supporting the project with the option below.
 
-Navigate to `docker` directory and run
+## Donation
 
-```
-cp .env.example .env
-```
-
-Then populate the value in there.
-
-Notice that if set `ENABLE_MAPBOX` to `true`, you will have to provide `MAPBOX_KEY` for the server to run.
-
-Pay attention to the key `UPLOAD_LOCATION`, this directory must exist and is owned by the user that run the `docker-compose` command below.
-
-To start, run
-
-```bash
-docker-compose -f ./docker/docker-compose.yml up --build -V
-```
-
-The server will be running at `http://your-ip:2283` through `Nginx`
-
-## Register User
-
-Use the command below on your terminal to create user as we don't have user interface for this function yet.
-
-```bash
-curl --location --request POST 'http://your-server-ip:2283/auth/signUp' \
---header 'Content-Type: application/json' \
---data-raw '{
-    "email": "testuser@email.com",
-    "password": "password"
-}'
-```
-
-## Run mobile app
-
-### Android
-
-Download `apk` in release tab and run on your phone. You can follow this guide on how to do that
-
-- [Run APK on Android](https://www.lifewire.com/install-apk-on-android-4177185)
-
-### iOS
-
-You can download the app from Apple AppStore [here](https://apps.apple.com/us/app/immich/id1613945652):
-
-<p align="left">
-  <img src="design/ios-qr-code.png" width="250" title="Apple App Store">
-<p/>
-
-# Support
-
-If you like the app, find it helpful, and want to support me to offset the cost of publishing to AppStores, you can sponsor the project with [**Github Sponsore**](https://github.com/sponsors/alextran1502).
-
-This is also a meaningful way to give me motivation and encounragment to continue working on the app.
-
-Cheer! 🎉
-
-# Known Issue
-
-TensorFlow doesn't run with older CPU architecture, it requires CPU with AVX and AVX2 instruction set. If you encounter the error `illegal instruction core dump` when running the docker-compose command above, check for your CPU flags with the command and make sure you see `AVX` and `AVX2`. Otherwise, switch to a different VM/desktop with different architecture.
-
-```bash
-more /proc/cpuinfo | grep flags
-```
-
-If you are running virtualization in Promox, the VM doesn't have the flag enable.
-
-You need to change the CPU type from `kvm64` to `host` under VMs hardware tab.
-
-`Hardware > Processors > Edit > Advanced > Type (dropdown menu) > host`
+- [Monthly donation](https://github.com/sponsors/alextran1502) via GitHub Sponsors
+- [One-time donation](https://github.com/sponsors/alextran1502?frequency=one-time&sponsor=alextran1502) via GitHub Sponsors
+- [Librepay](https://liberapay.com/alex.tran1502/)
+- [buymeacoffee](https://www.buymeacoffee.com/altran1502)
+- Bitcoin: 1FvEp6P6NM8EZEkpGUFAN2LqJ1gxusNxZX

README_zh_CN.md

@@ -0,0 +1,115 @@
+<p align="center"> 
+  <br/>  
+  <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/license-MIT-green.svg?color=3F51B5&style=for-the-badge&label=License&logoColor=000000&labelColor=ececec" alt="License: MIT"></a>
+  <a href="https://discord.gg/D8JsnBEuKb">
+    <img src="https://img.shields.io/discord/979116623879368755.svg?label=Discord&logo=Discord&style=for-the-badge&logoColor=000000&labelColor=ececec" atl="Discord"/>
+  </a>
+  <br/>  
+  <br/>   
+</p>
+
+<p align="center">
+<img src="design/immich-logo.svg" width="150" title="Login With Custom URL">
+</p>
+<h3 align="center">Immich - 高性能的自托管照片和视频备份方案</h3>
+<p align="center">  
+请注意: 此README不是由Immich团队维护, 这意味着它在某一时间点不会被更新，因为我们是依靠贡献者来更新的。感谢理解。
+</p>
+<br/>
+<a href="https://immich.app">
+<img src="design/immich-screenshots.png" title="Main Screenshot">
+</a>
+<br/>
+
+<p align="center">
+  <a href="README.md">English</a>
+</p>
+
+
+## 免责声明
+
+- ⚠️ 本项目正在 **非常活跃** 的开发中。
+- ⚠️ 可能存在bug或者重大变更。
+- ⚠️ **不要把本软件作为你存储照片或视频的唯一方式!**
+
+## 目录
+
+- [官方文档](https://immich.app/docs/overview/introduction)
+- [示例](#示例)
+- [功能特性](#功能特性)
+- [介绍](https://immich.app/docs/overview/introduction)
+- [安装](https://immich.app/docs/install/requirements)
+- [贡献指南](https://immich.app/docs/overview/support-the-project)
+- [支持本项目](#support-the-project)
+- [已知问题](#known-issues)
+
+## 官方文档
+
+你可以在 https://immich.app/ 找到包含安装手册的官方文档.
+## 示例
+
+你可以在 https://demo.immich.app  访问示例.
+
+在移动端, 你可以使用 `https://demo.immich.app/api`获取`服务终端链接`
+
+```bash title="示例认证信息"
+认证信息
+邮箱: demo@immich.app
+密码: demo
+```
+
+```
+规格: 甲骨文免费虚拟机套餐-阿姆斯特丹 4核 2.4Ghz ARM64 CPU, 24GB RAM。
+```
+
+# 功能特性
+
+| 功能特性                                     | 移动端  | 网页端 |
+| ------------------------------------------- | ------- | --- |
+| 上传并查看照片和视频                       | 是     | 是 |
+| 软件运行时自动备份          | 是     | N/A |
+| 选择需要备份的相册          | 是     | N/A |
+| 下载照片和视频到本地  | 是     | 是 |
+| 多用户支持                          | 是     | 是 |
+| 相册                                       | 是     | 是 |
+| 共享相册                               | 是     | 是 |
+| 可拖动的快速导航栏   | 是     | 是 |
+| 支持RAW格式 (HEIC, HEIF, DNG, Apple ProRaw) | 是     | 是 |
+| 元数据视图 (EXIF, 地图)                   | 是     | 是 |
+| 通过元数据、对象和标签进行搜索  | 是     | No  |
+| 管理功能 (用户管理)  | N/A     | 是 |
+| 后台备份                         | Android | N/A |
+| 虚拟滚动                             | 是     | 是 |
+| OAuth支持                               | 是     | 是 |
+| 实时照片备份和查看 (仅iOS)   | 是     | 是 |
+
+# 支持本项目
+
+我已经致力于本项目并且将我会持续更新文档、新增功能和修复问题。但是我不能一个人走下去，所以我需要你给予我走下去的动力。
+
+就像我主页里面 [selfhosted.show - In the episode 'The-organization-must-not-be-name is a Hostile Actor'](https://selfhosted.show/79?t=1418) 说的一样,这是我和团队的一项艰巨的任务。我希望某一天我能够全职开发本项目，在此我希望你们能够助我梦想成真。
+
+如果你使用了本项目一段时间，并且觉得上面的话有道理，那么请你按照如下方式帮助我吧。
+
+## 捐赠
+
+- [按月捐赠](https://github.com/sponsors/alextran1502) via GitHub Sponsors
+- [一次捐赠](https://github.com/sponsors/alextran1502?frequency=one-time&sponsor=alextran1502) via Github Sponsors
+
+# 已知问题
+
+## TensorFlow 构建问题
+
+_这是一个针对于Proxmox的已知问题_
+
+TensorFlow 不能运行在很旧的CPU架构上, 需要运行在AVX和AVX2指令集的CPU上。如果你在docker-compose的命令行中遇到了 `illegal instruction core dump`的错误, 通过如下命令检查你的CPU flag寄存器然后确保你能够看到`AVX`和`AVX2`的字样:
+
+```bash
+more /proc/cpuinfo | grep flags
+```
+
+如果你在Proxmox中运行虚拟机, 虚拟机中没有启用flag寄存器。
+
+你需要在虚拟机的硬件面板中把CPU类型从`kvm64`改为`host`。
+
+`Hardware > Processors > Edit > Advanced > Type (dropdown menu) > host`

SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security issues to `alex.tran1502@gmail.com`

dev-setup.md

@@ -0,0 +1,32 @@
+# Development Setup
+
+## Lint / format extensions
+
+Setting these in the IDE give a better developer experience auto-formatting code on save and providing instant feedback on lint issues.
+
+### VSCode
+Install Prettier, ESLint and Svelte extensions.
+
+in User `settings.json` (`cmd + shift + p` and search for Open User Settings JSON) add the following:
+
+```json
+{
+  "editor.formatOnSave": true,
+  "[javascript][typescript][css]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.tabSize": 2,
+    "editor.formatOnSave": true
+  },
+  "[svelte]": {
+    "editor.defaultFormatter": "svelte.svelte-vscode",
+    "editor.tabSize": 2
+  },
+  "svelte.enable-ts-plugin": true,
+  "eslint.validate": ["javascript", "svelte"]
+}
+```
+
+## Running tests / checks
+
+In both server and web:
+`npm run check:all`

docker/.env.example

@@ -1,15 +0,0 @@
-# Database
-DB_USERNAME=postgres
-DB_PASSWORD=postgres
-DB_DATABASE_NAME=
-
-# Upload File Config
-UPLOAD_LOCATION=absolute_location_on_your_machine_where_you_want_to_store_the_backup
-
-# JWT SECRET
-JWT_SECRET=
-
-# MAPBOX
-## ENABLE_MAPBOX is either true of false -> if true, you have to provide MAPBOX_KEY
-ENABLE_MAPBOX= 
-MAPBOX_KEY=

docker/.env.test

@@ -0,0 +1,21 @@
+# Database
+DB_HOSTNAME=immich-database-test
+DB_USERNAME=postgres
+DB_PASSWORD=postgres
+DB_DATABASE_NAME=e2e_test
+
+# Redis
+REDIS_HOSTNAME=immich-redis-test
+
+# Upload File Config
+UPLOAD_LOCATION=./upload
+
+# MAPBOX
+## ENABLE_MAPBOX is either true of false -> if true, you have to provide MAPBOX_KEY
+ENABLE_MAPBOX=false
+
+# WEB
+MAPBOX_KEY=
+VITE_SERVER_ENDPOINT=http://localhost:2283/api
+
+TYPESENSE_ENABLED=false

docker/docker-compose.dev.yml

@@ -1,18 +1,21 @@
 version: "3.8"
 
 services:
-  immich_server:
-    image: immich-server-dev:1.3.2
+  immich-server:
+    container_name: immich_server
+    image: immich-server-dev:latest
     build:
       context: ../server
-      dockerfile: ../server/Dockerfile
-    command: npm run start:dev
-    expose:
-      - "3000"
+      dockerfile: Dockerfile
+      target: builder
+    command: npm run start:debug immich
     volumes:
       - ../server:/usr/src/app
       - ${UPLOAD_LOCATION}:/usr/src/app/upload
       - /usr/src/app/node_modules
+    ports:
+      - 3001:3001
+      - 9230:9230
     env_file:
       - .env
     environment:
@@ -20,36 +23,90 @@ services:
     depends_on:
       - redis
       - database
-    networks:
-      - immich_network
+      - typesense
 
-  immich_microservices:
-    image: immich-microservices-dev:1.3.2
+  immich-machine-learning:
+    container_name: immich_machine_learning
+    image: immich-machine-learning-dev:latest
     build:
-      context: ../microservices
-      dockerfile: ../microservices/Dockerfile
-    command: npm run start:dev
-    expose:
-      - "3001"
+      context: ../machine-learning
+      dockerfile: Dockerfile
+    command: python main.py
+    ports:
+      - 3003:3003
     volumes:
-      - ../microservices:/usr/src/app
+      - ../machine-learning/src:/usr/src/app
       - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /usr/src/app/node_modules
+      - model-cache:/cache
     env_file:
       - .env
     environment:
       - NODE_ENV=development
     depends_on:
       - database
-    networks:
-      - immich_network
+    restart: always
 
+  immich-microservices:
+    container_name: immich_microservices
+    image: immich-microservices:latest
+    build:
+      context: ../server
+      dockerfile: Dockerfile
+      target: builder
+    command: npm run start:debug microservices
+    volumes:
+      - ../server:/usr/src/app
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
+      - /usr/src/app/node_modules
+    env_file:
+      - .env
+    ports:
+      - 9231:9230
+    environment:
+      - NODE_ENV=development
+    depends_on:
+      - database
+      - immich-server
+      - typesense
+
+  immich-web:
+    container_name: immich_web
+    image: immich-web-dev:1.9.0
+    build:
+      context: ../web
+      dockerfile: Dockerfile
+      target: dev
+    command: npm run dev --host
+    env_file:
+      - .env
+    environment:
+      # Rename these values for svelte public interface
+      - PUBLIC_IMMICH_SERVER_URL=${IMMICH_SERVER_URL}
+      - PUBLIC_IMMICH_API_URL_EXTERNAL=${IMMICH_API_URL_EXTERNAL}
+    ports:
+      - 3000:3000
+      - 24678:24678
+    volumes:
+      - ../web:/usr/src/app
+      - /usr/src/app/node_modules
+    restart: always
+    depends_on:
+      - immich-server
+
+  typesense:
+    container_name: immich_typesense
+    image: typesense/typesense:0.24.0
+    environment:
+      - TYPESENSE_API_KEY=${TYPESENSE_API_KEY}
+      - TYPESENSE_DATA_DIR=/data
+    logging:
+      driver: none
+    volumes:
+      - tsdata:/data
 
   redis:
     container_name: immich_redis
     image: redis:6.2
-    networks:
-      - immich_network
 
   database:
     container_name: immich_postgres
@@ -65,25 +122,26 @@ services:
       - pgdata:/var/lib/postgresql/data
     ports:
       - 5432:5432
-    networks:
-      - immich_network
 
-  nginx:
-    container_name: proxy_nginx
-    image: nginx:latest
-    volumes:
-      - ./settings/nginx-conf:/etc/nginx/conf.d
+  immich-proxy:
+    container_name: immich_proxy
+    image: immich-proxy-dev:latest
+    environment:
+      # Make sure these values get passed through from the env file
+      - IMMICH_SERVER_URL
+      - IMMICH_WEB_URL
+    build:
+      context: ../nginx
+      dockerfile: Dockerfile
     ports:
-      - 2283:80
-      - 2284:443
+      - 2283:8080
     logging:
       driver: none
-    networks:
-      - immich_network
     depends_on:
-      - immich_server
+      - immich-server
+    restart: always
 
-networks:
-  immich_network:
 volumes:
   pgdata:
+  model-cache:
+  tsdata:

docker/docker-compose.gpu.yml

@@ -1,92 +0,0 @@
-version: "3.8"
-
-services:
-  immich_server:
-    image: immich-server-dev:1.4.0
-    build:
-      context: ../server
-      dockerfile: ../server/Dockerfile
-    command: npm run start:dev
-    expose:
-      - "3000"
-    volumes:
-      - ../server:/usr/src/app
-      - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /usr/src/app/node_modules
-    env_file:
-      - .env
-    depends_on:
-      - redis
-      - database
-    networks:
-      - immich_network
-
-  immich_microservices:
-    image: immich-microservices-dev:1.4.0
-    build:
-      context: ../microservices
-      dockerfile: ../microservices/Dockerfile
-    command: npm run start:dev
-    deploy:
-      resources:
-        reservations:
-          devices:
-            - driver: nvidia
-              count: 1
-              capabilities: [ gpu ]
-    expose:
-      - "3001"
-    volumes:
-      - ../microservices:/usr/src/app
-      - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /usr/src/app/node_modules
-    env_file:
-      - .env
-    depends_on:
-      - database
-      - immich_server
-    networks:
-      - immich_network
-
-  redis:
-    container_name: immich_redis
-    image: redis:6.2
-    networks:
-      - immich_network
-
-  database:
-    container_name: immich_postgres
-    image: postgres:14
-    env_file:
-      - .env
-    environment:
-      POSTGRES_PASSWORD: ${DB_PASSWORD}
-      POSTGRES_USER: ${DB_USERNAME}
-      POSTGRES_DB: ${DB_DATABASE_NAME}
-      PG_DATA: /var/lib/postgresql/data
-    volumes:
-      - pgdata:/var/lib/postgresql/data
-    ports:
-      - 5432:5432
-    networks:
-      - immich_network
-
-  nginx:
-    container_name: proxy_nginx
-    image: nginx:latest
-    volumes:
-      - ./settings/nginx-conf:/etc/nginx/conf.d
-    ports:
-      - 2283:80
-      - 2284:443
-    logging:
-      driver: none
-    networks:
-      - immich_network
-    depends_on:
-      - immich_server
-
-networks:
-  immich_network:
-volumes:
-  pgdata:

docker/docker-compose.test.yml

@@ -0,0 +1,47 @@
+version: "3.8"
+
+services:
+  immich-server-test:
+    image: immich-server-test
+    build:
+      context: ../server
+      dockerfile: Dockerfile
+      target: builder
+    command: npm run test:e2e
+    expose:
+      - "3000"
+    volumes:
+      - ../server:/usr/src/app
+      - /usr/src/app/node_modules
+    env_file:
+      - .env.test
+    environment:
+      - NODE_ENV=development
+      - TYPESENSE_ENABLED=false
+    depends_on:
+      - immich-redis-test
+      - immich-database-test
+    networks:
+      - immich-test-network
+  immich-redis-test:
+    container_name: immich-redis-test
+    image: redis:6.2
+    networks:
+      - immich-test-network
+  immich-database-test:
+    container_name: immich-database-test
+    image: postgres:14
+    env_file:
+      - .env.test
+    environment:
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      PG_DATA: /var/lib/postgresql/data
+    volumes:
+      - /var/lib/postgresql/data
+    networks:
+      - immich-test-network
+
+networks:
+  immich-test-network:

docker/docker-compose.yml

@@ -1,55 +1,68 @@
 version: "3.8"
 
 services:
-  immich_server:
-    image: immich-server:1.4.0
-    build:
-      context: ../server
-      dockerfile: ../server/Dockerfile
-    entrypoint: ["/bin/sh", "./entrypoint.sh"]
-    expose:
-      - "3000"
+  immich-server:
+    container_name: immich_server
+    image: ghcr.io/immich-app/immich-server:release
+    entrypoint: ["/bin/sh", "./start-server.sh"]
     volumes:
-      - ../server:/usr/src/app
       - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /usr/src/app/node_modules
     env_file:
       - .env
-    environment:
-      - NODE_ENV=production
     depends_on:
       - redis
       - database
-    networks:
-      - immich_network
+      - typesense
+    restart: always
 
-  immich_microservices:
-    image: immich-microservices:1.4.0
-    build:
-      context: ../microservices
-      dockerfile: ../microservices/Dockerfile
-    entrypoint: ["/bin/sh", "./entrypoint.sh"]
-    expose:
-      - "3001"
+  immich-microservices:
+    container_name: immich_microservices
+    image: ghcr.io/immich-app/immich-server:release
+    entrypoint: ["/bin/sh", "./start-microservices.sh"]
     volumes:
-      - ../microservices:/usr/src/app
       - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /usr/src/app/node_modules
     env_file:
       - .env
-    environment:
-      - NODE_ENV=production
     depends_on:
+      - redis
       - database
-    networks:
-      - immich_network
+      - typesense
+    restart: always
 
+  immich-machine-learning:
+    container_name: immich_machine_learning
+    image: ghcr.io/immich-app/immich-machine-learning:release
+    volumes:
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
+      - model-cache:/cache
+    env_file:
+      - .env
+    restart: always
+
+  immich-web:
+    container_name: immich_web
+    image: ghcr.io/immich-app/immich-web:release
+    entrypoint: ["/bin/sh", "./entrypoint.sh"]
+    env_file:
+      - .env
+    restart: always
+
+  typesense:
+    container_name: immich_typesense
+    image: typesense/typesense:0.24.0
+    environment:
+      - TYPESENSE_API_KEY=${TYPESENSE_API_KEY}
+      - TYPESENSE_DATA_DIR=/data
+    logging:
+      driver: none
+    volumes:
+      - tsdata:/data
+    restart: always
 
   redis:
     container_name: immich_redis
     image: redis:6.2
-    networks:
-      - immich_network
+    restart: always
 
   database:
     container_name: immich_postgres
@@ -63,48 +76,24 @@ services:
       PG_DATA: /var/lib/postgresql/data
     volumes:
       - pgdata:/var/lib/postgresql/data
-    ports:
-      - 5432:5432
-    networks:
-      - immich_network
+    restart: always
 
-  nginx:
-    container_name: proxy_nginx
-    image: nginx:latest
-    volumes:
-      - ./settings/nginx-conf:/etc/nginx/conf.d
+  immich-proxy:
+    container_name: immich_proxy
+    image: ghcr.io/immich-app/immich-proxy:release
+    environment:
+      # Make sure these values get passed through from the env file
+      - IMMICH_SERVER_URL
+      - IMMICH_WEB_URL
     ports:
-      - 2283:80
-      - 2284:443
+      - 2283:8080
     logging:
       driver: none
-    networks:
-      - immich_network
     depends_on:
-      - immich_server
+      - immich-server
+    restart: always
 
-  # immich_tf_fastapi:
-  #   container_name: immich_tf_fastapi
-  #   image: tensor_flow_fastapi:1.0.0
-  #   restart: always
-  #   command: uvicorn app.main:app --proxy-headers --host 0.0.0.0 --port 8000 --reload
-  #   build:
-  #     context: ../machine_learning
-  #     target: cpu
-  #     dockerfile: ../machine_learning/Dockerfile
-  #   volumes:
-  #     - ../machine_learning/app:/code/app
-  #     - ${UPLOAD_LOCATION}:/code/app/upload
-  #   ports:
-  #     - 2285:8000
-  #   expose:
-  #     - "8000"
-  #   depends_on:
-  #     - database
-  #   networks:
-  #     - immich_network
-
-networks:
-  immich_network:
 volumes:
-  pgdata:
+  pgdata:
+  model-cache:
+  tsdata:

docker/example.env

@@ -0,0 +1,107 @@
+###################################################################################
+# Database
+###################################################################################
+
+# NOTE: The following four database variables support Docker secrets by adding a *_FILE suffix to the variable name
+# See the docker-compose documentation on secrets for additional details: https://docs.docker.com/compose/compose-file/compose-file-v3/#secrets
+DB_HOSTNAME=immich_postgres
+DB_USERNAME=postgres
+DB_PASSWORD=postgres
+DB_DATABASE_NAME=immich
+
+# Optional Database settings:
+# DB_PORT=5432
+
+###################################################################################
+# Redis
+###################################################################################
+
+REDIS_HOSTNAME=immich_redis
+
+# REDIS_URL will be used to pass custom options to ioredis.
+# Example for Sentinel
+# {"sentinels":[{"host":"redis-sentinel-node-0","port":26379},{"host":"redis-sentinel-node-1","port":26379},{"host":"redis-sentinel-node-2","port":26379}],"name":"redis-sentinel"}
+# REDIS_URL=ioredis://eyJzZW50aW5lbHMiOlt7Imhvc3QiOiJyZWRpcy1zZW50aW5lbDEiLCJwb3J0IjoyNjM3OX0seyJob3N0IjoicmVkaXMtc2VudGluZWwyIiwicG9ydCI6MjYzNzl9XSwibmFtZSI6Im15bWFzdGVyIn0=
+
+# Optional Redis settings:
+
+# Note: these parameters are not automatically passed to the Redis Container
+# to do so, please edit the docker-compose.yml file as well. Redis is not configured
+# via environment variables, only redis.conf or the command line
+
+# REDIS_PORT=6379
+# REDIS_DBINDEX=0
+# REDIS_USERNAME=
+# REDIS_PASSWORD=
+# REDIS_SOCKET=
+
+###################################################################################
+# Upload File Location
+#
+# This is the location where uploaded files are stored.
+###################################################################################
+
+UPLOAD_LOCATION=absolute_location_on_your_machine_where_you_want_to_store_the_backup
+
+
+###################################################################################
+# Typesense
+###################################################################################
+TYPESENSE_API_KEY=some-random-text
+# TYPESENSE_ENABLED=false
+# TYPESENSE_URL uses base64 encoding for the nodes json.
+# Example JSON that was used:
+# [
+#      { 'host': 'typesense-1.example.net', 'port': '443', 'protocol': 'https' },
+#      { 'host': 'typesense-2.example.net', 'port': '443', 'protocol': 'https' },
+#      { 'host': 'typesense-3.example.net', 'port': '443', 'protocol': 'https' },
+#  ]
+# TYPESENSE_URL=ha://WwogICAgeyAnaG9zdCc6ICd0eXBlc2Vuc2UtMS5leGFtcGxlLm5ldCcsICdwb3J0JzogJzQ0MycsICdwcm90b2NvbCc6ICdodHRwcycgfSwKICAgIHsgJ2hvc3QnOiAndHlwZXNlbnNlLTIuZXhhbXBsZS5uZXQnLCAncG9ydCc6ICc0NDMnLCAncHJvdG9jb2wnOiAnaHR0cHMnIH0sCiAgICB7ICdob3N0JzogJ3R5cGVzZW5zZS0zLmV4YW1wbGUubmV0JywgJ3BvcnQnOiAnNDQzJywgJ3Byb3RvY29sJzogJ2h0dHBzJyB9LApd
+
+###################################################################################
+# Reverse Geocoding
+#
+# Reverse geocoding is done locally which has a small impact on memory usage
+# This memory usage can be altered by changing the REVERSE_GEOCODING_PRECISION variable
+# This ranges from 0-3 with 3 being the most precise
+# 3 - Cities > 500 population: ~200MB RAM
+# 2 - Cities > 1000 population: ~150MB RAM
+# 1 - Cities > 5000 population: ~80MB RAM
+# 0 - Cities > 15000 population: ~40MB RAM
+####################################################################################
+
+# DISABLE_REVERSE_GEOCODING=false
+# REVERSE_GEOCODING_PRECISION=3
+
+####################################################################################
+# WEB - Optional
+#
+# Custom message on the login page, should be written in HTML form.
+# For example:
+# PUBLIC_LOGIN_PAGE_MESSAGE="This is a demo instance of Immich.<br><br>Email: <i>demo@demo.de</i><br>Password: <i>demo</i>"
+####################################################################################
+
+PUBLIC_LOGIN_PAGE_MESSAGE=
+
+####################################################################################
+# Alternative Service Addresses - Optional
+#
+# This is an advanced feature for users who may be running their immich services on different hosts.
+# It will not change which address or port that services bind to within their containers, but it will change where other services look for their peers.
+# Note: immich-microservices is bound to 3002, but no references are made
+####################################################################################
+
+IMMICH_WEB_URL=http://immich-web:3000
+IMMICH_SERVER_URL=http://immich-server:3001
+IMMICH_MACHINE_LEARNING_URL=http://immich-machine-learning:3003
+
+####################################################################################
+# Alternative API's External Address - Optional
+#
+# This is an advanced feature used to control the public server endpoint returned to clients during Well-known discovery.
+# You should only use this if you want mobile apps to access the immich API over a custom URL. Do not include trailing slash.
+# NOTE: At this time, the web app will not be affected by this setting and will continue to use the relative path: /api
+# Examples: http://localhost:3001, http://immich-api.example.com, etc
+####################################################################################
+
+#IMMICH_API_URL_EXTERNAL=http://localhost:3001

docker/settings/nginx-conf/nginx.conf

@@ -1,35 +0,0 @@
-
-map $http_upgrade $connection_upgrade {
-  default upgrade;
-  '' close;
-}
-
-# events {
-#   worker_connections 1000;
-# }
-
-server {
-
-  client_max_body_size 50000M;
-
-  listen 80;
-  access_log off;
-  location / {
-    proxy_buffering off;
-    proxy_buffer_size 16k;
-    proxy_busy_buffers_size 24k;
-    proxy_buffers 64 4k;
-    proxy_force_ranges on;
-
-    proxy_http_version 1.1;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto $scheme;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_set_header Host $host;
-
-    proxy_pass http://immich_server:3000;
-  }
-}

docs/.gitignore

@@ -0,0 +1,21 @@
+# Dependencies
+/node_modules
+
+# Production
+/build
+
+# Generated files
+.docusaurus
+.cache-loader
+
+# Misc
+.DS_Store
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+yarn.lock

docs/.prettierignore

@@ -0,0 +1,2 @@
+build/
+.docusaurus/

docs/.prettierrc

@@ -0,0 +1,6 @@
+{
+  "singleQuote": true,
+  "trailingComma": "all",
+  "printWidth": 120,
+  "semi": true
+}

docs/README.md

@@ -0,0 +1,41 @@
+# Website
+
+This website is built using [Docusaurus 2](https://docusaurus.io/), a modern static website generator.
+
+### Installation
+
+```
+$ yarn
+```
+
+### Local Development
+
+```
+$ yarn start
+```
+
+This command starts a local development server and opens up a browser window. Most changes are reflected live without having to restart the server.
+
+### Build
+
+```
+$ yarn build
+```
+
+This command generates static content into the `build` directory and can be served using any static contents hosting service.
+
+### Deployment
+
+Using SSH:
+
+```
+$ USE_SSH=true yarn deploy
+```
+
+Not using SSH:
+
+```
+$ GIT_USER=<Your GitHub username> yarn deploy
+```
+
+If you are using GitHub pages for hosting, this command is a convenient way to build the website and push to the `gh-pages` branch.

docs/babel.config.js

@@ -0,0 +1,3 @@
+module.exports = {
+  presets: [require.resolve('@docusaurus/core/lib/babel/preset')],
+};

docs/blog/authors.yml

@@ -0,0 +1,5 @@
+alextran:
+  name: Alex Tran
+  title: Maintainer of Immich
+  url: https://github.com/alextran1502
+  image_url: https://github.com/alextran1502.png

docs/blog/release-1.36/index.mdx

@@ -0,0 +1,110 @@
+---
+slug: release-1-36
+title: Release v1.36.0
+authors: [alextran]
+tags: [release]
+date: 2022-11-10
+---
+
+Hello everyone, it is my pleasure to deliver the new release of Immich to you. The team has been working hard to bring you the new features and improvements. This release includes some big features that the community has been asking since the beginning of Immich. We hope you will enjoy it.
+
+Some notable features are:
+
+- [OAuth integration](#livephoto-ios-support-)
+- [LivePhoto support on iOS](#oauth-integration-)
+- User config system
+
+<!--truncate-->
+
+## LivePhoto iOS Support 🎉
+
+LivePhoto on iOS is now supported in Immich.
+
+The motion part will now be uploaded and can be played on the mobile app and the web.
+
+:::caution
+
+- The server and the app has to be on version **1.36.x** for the application to work correctly.
+- Previous uploaded photos will not be updated automatically, you will have to remove and reupload them if you want to keep the LivePhoto functionality.
+
+:::
+
+<img
+  src="https://media.giphy.com/media/fTrGceZd7t1ewi8ESc/giphy.gif"
+  width="100%"
+  style={{
+    borderRadius: '10px',
+    boxShadow: 'rgba(9, 30, 66, 0.25) 0px 1px 1px, rgba(9, 30, 66, 0.13) 0px 0px 1px 1px',
+  }}
+  title="LivePhoto playback on the web"
+/>
+
+## OAuth Integration 🎉
+
+I want to borrow this chance to express my gratitude to [@EnricoBilla](https://github.com/EnricoBilla), who has been the trailblazer for this feature since the beginning days of Immich. His PR has sparked ideas, suggestions, and discussion among the team member on how to integrate this feature successfully into the app. Thank you so much for your work and your time.
+
+OAuth is now integrated into the system. Please follow the guide [here](https://immich.app/docs/usage/oauth) to set up your OAuth integration
+
+After setting up the correct environment variables in the `.env` file, as shown below
+
+| Key                 | Type    | Default              | Description                                                               |
+| ------------------- | ------- | -------------------- | ------------------------------------------------------------------------- |
+| OAUTH_ENABLED       | boolean | false                | Enable/disable OAuth2                                                     |
+| OAUTH_ISSUER_URL    | URL     | (required)           | Required. Self-discovery URL for client                                   |
+| OAUTH_CLIENT_ID     | string  | (required)           | Required. Client ID                                                       |
+| OAUTH_CLIENT_SECRET | string  | (required)           | Required. Client Secret                                                   |
+| OAUTH_SCOPE         | string  | openid email profile | Full list of scopes to send with the request (space delimited)            |
+| OAUTH_AUTO_REGISTER | boolean | true                 | When true, will automatically register a user the first time they sign in |
+| OAUTH_BUTTON_TEXT   | string  | Login with OAuth     | Text for the OAuth button on the web                                      |
+
+```bash title="Authentik Example"
+OAUTH_ENABLED=true
+OAUTH_ISSUER_URL=http://10.1.15.216:9000/application/o/immich-test/
+OAUTH_CLIENT_ID=30596v8f78a4b6a97d5985c3076b6b4c4d12ddc33
+OAUTH_CLIENT_SECRET=50f1eafdec353b95b1c638db390db4ab67ef035a51212dbec2f56175e2eb272b5d572c099176e6fe116ecf47ffdd544bgdb9e2edc588307ee0339d25eeccd88
+OAUTH_BUTTON_TEXT=Login with Authentik
+```
+
+The web will have the option to sign in with OAuth.
+
+<img
+  src="https://user-images.githubusercontent.com/27055614/202923726-f43fa148-47f5-4182-8f29-b0b87e4586fa.png"
+  width="50%"
+  title="Web Sign in with OAuth"
+  style={{
+    borderRadius: '10px',
+    boxShadow: 'rgba(9, 30, 66, 0.25) 0px 1px 1px, rgba(9, 30, 66, 0.13) 0px 0px 1px 1px',
+  }}
+/>
+
+The mobile app will check if the server has OAuth enabled before displaying the OAuth
+sign-in button.
+
+<img
+  src="https://media.giphy.com/media/3iy3SaNkVYtlkEiw06/giphy.gif"
+  title="Mobile sign in with OAuth"
+  style={{
+    borderRadius: '10px',
+    boxShadow: 'rgba(9, 30, 66, 0.25) 0px 1px 1px, rgba(9, 30, 66, 0.13) 0px 0px 1px 1px',
+  }}
+/>
+
+## Support
+
+<img
+  src="https://media.giphy.com/media/LStqgGESXW8XnuCv5y/giphy.gif"
+  width="300"
+  style={{
+    borderRadius: '10px',
+    boxShadow: 'rgba(9, 30, 66, 0.25) 0px 1px 1px, rgba(9, 30, 66, 0.13) 0px 0px 1px 1px',
+  }}
+  title="Support the project"
+/>
+
+If you find the project helpful and it helps you in some ways, you can support the project [one time](https://github.com/sponsors/alextran1502?frequency=one-time&sponsor=alextran1502) or [monthly](https://github.com/sponsors/alextran1502) from GitHub Sponsor
+
+It is a great way to let me know that you want me to continue developing and working on this project for years to come.
+
+## Details
+
+For more details, please check out the [release note](https://github.com/immich-app/immich/releases/tag/v1.36.0_55-dev)

docs/docs/FAQ.md

@@ -0,0 +1,101 @@
+---
+sidebar_position: 7
+---
+
+# FAQ
+
+### What is the difference between the cloud icon on the mobile app?
+
+| Icon                               | Description                                                                                                                                     |
+| ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
+| ![cloud](/img/cloud.svg)           | Asset is only available in the cloud and was uploaded from some other device (like the web client) or was deleted from this device after upload |
+| ![cloud-cross](/img/cloud-off.svg) | Asset is only available locally and has not yet been backed up                                                                                  |
+| ![cloud-done](/img/cloud-done.svg) | Asset was uploaded from this device and is now backed up in the cloud/server and still available in original on the device                      |
+
+### How can I sync an existing directory with Immich's server?
+
+Immich doesn't have two-way synchronization ([yet](https://github.com/immich-app/immich/discussions/1006)), but the [command line tool](/docs/features/bulk-upload.md) can bulk upload items from a directory to Immich.
+
+### Why doesn't Immich watch an existing photo gallery directory?
+
+The initial approach of Immich is to become a backup tool, primarily for mobile device usage. Thus, all the assets must be uploaded from the mobile client. The app was architectured to perform that job well.
+
+### Why does my uploaded photo show up with the wrong date or time in Immich?
+
+When a photo is initially uploaded Immich uses the create date of the file to determine where it belongs in the timeline. After that, background jobs will run that extract [exif metadata](https://en.wikipedia.org/wiki/Exif), including the CreateDate, to provide a more accurate date for the photo. If that is not available it will fallback to the modified date. If you want to ensure your photo has the right date, check the exif metadata before uploading.
+
+If the timezone is incorrect in an uploaded photo, check the `DateTimeOriginal` exif field of the uploaded file. Immich uses the very competent library [exiftool-vendored.js](https://github.com/photostructure/exiftool-vendored.js#dates) to handle timezone parsing, but in some cases (like photos taken with DSLR cameras) it has to fallback on the local timezone. If you are using docker, this fallback will be UTC. (Note that even the photo backup app that can't be named [has the same bug!](https://photo.stackexchange.com/a/126978)) In Immich, it is possible to change this assumed fallback timezone system-wide by setting the timezone in the microservices docker container. You might need to run the "Extract Metadata" job after to effect the change.
+
+As an example, the following modification of `docker-compose.yml` will set the timezone of the microservices container to be `Europe/Stockholm`
+
+```
+    environment:
+      - TZ=Europe/Stockholm # <---- Add this line in the microservices config
+```
+
+### Why are only photos and not videos being uploaded to Immich?
+
+This often happens when using a reverse proxy or cloudflare tunnel in front of Immich. Make sure to set your reverse proxy to allow large POST requests. In `nginx`, set `client_max_body_size 50000M;` or similar. Cloudflare tunnels are limited to 100 mb file sizes.
+
+### Why is Immich slow on low-memory systems like the Raspberry Pi?
+
+Immich uses optional machine-learning features to enhance search results. This feature, however, can be too heavy to run on a Raspberry Pi. To disable machine learning, comment out the `immich-machine-learning` section of your docker-compose.yml and set `IMMICH_MACHINE_LEARNING_URL=false` in your .env file.
+
+### How to disable machine-learning and TypeSense?
+
+:::warning
+Disabling both will result in poor search experience and typesense utilizes CLIP embeddings which are generated by machine-learning.
+:::
+
+These features can be disabled by commenting out `immich-typesense` and `immich-machine-learning` sections of the docker-compose.yml and setting `IMMICH_MACHINE_LEARNING_URL=false` & `TYPESENSE_ENABLED=false` in your .env file.
+
+### What happens to existing files after I choose a new [Storage Template](/docs/administration/storage-template.mdx)?
+
+Template changes will only apply to new assets. To retroactively apply the template to previously uploaded assets, run the Storage Migration Job, available on the [Jobs](/docs/administration/jobs.md) page.
+
+### In the uploads folder, why are photos stored in the wrong date?
+
+This is fixed by running the storage migration job.
+
+### Why is object detection not very good?
+
+The model we used for machine learning is a prebuilt model, so the accuracy is not very good. It will hopefully be replaced with a better solution in the future.
+
+### How can I see Immich logs?
+
+Most Immich components are typically deployed using docker. To see logs for deployed docker containers, you can use the [Docker CLI](https://docs.docker.com/engine/reference/commandline/cli/), specifically the `docker logs` command. For examples, see [Docker Help](/docs/guides/docker-help.md)
+
+### How can I run Immich as a non-root user?
+
+1. Set the `PUID`/`PGID` environment variables (in `.env`).
+2. Set the corresponding `user` argument in `docker-compose` for each service.
+3. Add an additional volume to `immich-microservices` that mounts internally to `/usr/src/app/.reverse-geocoding-dump`.
+
+The non-root user/group needs read/write access to the volume mounts, including `UPLOAD_LOCATION`.
+
+### How can I reset the admin password?
+
+The admin password can be reset by running the [reset-admin-password](/docs/administration/server-commands.md) command on the immich-server.
+
+### How can I backup data from Immich?
+
+See [backup and restore](/docs/administration/backup-and-restore.md).
+
+### How can I **purge** data from Immich?
+
+Data for Immich comes in two forms:
+
+1. **Metadata** stored in a postgres database, persisted via the `pg_data` volume
+2. **Files** (originals, thumbs, profile, etc.), stored in the `UPLOAD_LOCATION` folder.
+
+To remove the **Metadata** you can stop Immich and delete the volume.
+
+```bash title="Remove Immich (containers and volumes)"
+docker-compose down -v
+```
+
+After removing the the containers and volumes, the **Files** can be cleaned up (if necessary) from the `UPLOAD_LOCATION` by simply deleting an unwanted files or folders.
+
+### Why iOS app shows duplicate photos on the timeline while the web doesn't?
+
+If you are using `My Photo Stream`, the Photos app temporarily creates duplicates of photos taken in the last 30 days. These photos are included in the `Recents` album and thus shown up twice. To fix this, you can disable `My Photo Stream` in the native Photos app or choose a different album in the backup screen in Immich.

docs/docs/administration/_category_.json

@@ -0,0 +1,4 @@
+{
+  "label": "Administration",
+  "position": 4
+}

docs/docs/administration/backup-and-restore.md

@@ -0,0 +1,55 @@
+# Backup and Restore
+
+## Database
+
+:::info
+Refer to the official [postgres documentation](https://www.postgresql.org/docs/current/backup.html) for details about backing up and restoring a postgres database.
+:::
+
+The recommended way to backup and restore the Immich database is to use the `pg_dumpall` command.
+
+```bash title='Backup'
+docker exec -t immich_postgres pg_dumpall -c -U postgres | gzip > "/path/to/backup/dump.sql.gz"
+```
+
+```bash title='Restore'
+gunzip < /path/to/backup/dump.sql.gz | docker exec -i immich_postgres psql -U postgres -d immich
+```
+
+The database dumps can also be automated (using [this image](https://github.com/prodrigestivill/docker-postgres-backup-local)) by editing the docker compose file to match the following:
+
+```yaml
+services:
+  ...
+  backup:
+    container_name: immich_db_dumper
+    image: prodrigestivill/postgres-backup-local
+    env_file:
+      - .env
+    environment:
+      POSTGRES_HOST: database
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      SCHEDULE: "@daily"
+      BACKUP_NUM_KEEP: 7
+      BACKUP_DIR: /db_dumps
+    volumes:
+      - ./db_dumps:/db_dumps
+    depends_on:
+      - database
+```
+
+Then you can restore with the same command but pointed at the latest dump.
+
+```bash title='Automated Restore'
+gunzip < db_dumps/last/immich-latest.sql.gz | docker exec -i immich_postgres psql -U postgres -d immich
+```
+
+## Filesystem
+
+Immich stores two types of content in the filesystem: (1) original, unmodified content, and (2) generated content. Only the original content needs to be backed-up, which includes the following folders:
+
+1. `UPLOAD_LOCATION/library`
+1. `UPLOAD_LOCATION/upload`
+1. `UPLOAD_LOCATION/profile`

docs/docs/administration/jobs.md

@@ -0,0 +1,9 @@
+# Jobs
+
+Several Immich functionalities are implemented as jobs, which run in the background. To view the status of a job navigate to the Administration Screen, and then the `Jobs` page.
+
+![Admin jobs](./img/admin-jobs.png)
+
+:::info
+Storage Migration job can be run after changing the [Storage Template](/docs/administration/storage-template.mdx), in order to apply the change to the existing library.
+:::

docs/docs/administration/oauth.md

@@ -0,0 +1,107 @@
+# OAuth Authentication
+
+This page contains details about using OAuth in Immich.
+
+:::tip
+Unable to set `app.immich:/` as a valid redirect URI? See [Mobile Redirect URI](#mobile-redirect-uri) for an alternative solution.
+:::
+
+## Overview
+
+Immich supports 3rd party authentication via [OpenID Connect][oidc] (OIDC), an identity layer built on top of OAuth2. OIDC is supported by most identity providers, including:
+
+- [Authentik](https://goauthentik.io/integrations/sources/oauth/#openid-connect)
+- [Authelia](https://www.authelia.com/configuration/identity-providers/open-id-connect/)
+- [Okta](https://www.okta.com/openid-connect/)
+- [Google](https://developers.google.com/identity/openid-connect/openid-connect)
+
+## Prerequisites
+
+Before enabling OAuth in Immich, a new client application needs to be configured in the 3rd-party authentication server. While the specifics of this setup vary from provider to provider, the general approach should be the same.
+
+1. Create a new (Client) Application
+
+   1. The **Provider** type should be `OpenID Connect` or `OAuth2`
+   2. The **Client type** should be `Confidential`
+   3. The **Application** type should be `Web`
+   4. The **Grant** type should be `Authorization Code`
+
+2. Configure Redirect URIs/Origins
+
+   The **Sign-in redirect URIs** should include:
+
+   - `app.immich:/` - for logging in with OAuth from the [Mobile App](/docs/features/mobile-app.mdx)
+   - `http://DOMAIN:PORT/auth/login` - for logging in with OAuth from the Web Client
+   - `http://DOMAIN:PORT/user-settings` - for manually linking OAuth in the Web Client
+
+   Redirect URIs should contain all the domains you will be using to access Immich. Some examples include:
+
+   Mobile
+
+   - `app.immich:/` (You **MUST** include this for iOS and Android mobile apps to work properly)
+
+   Localhost
+
+   - `http://localhost:2283/auth/login`
+   - `http://localhost:2283/user-settings`
+
+   Local IP
+
+   - `http://192.168.0.200:2283/auth/login`
+   - `http://192.168.0.200:2283/user-settings`
+
+   Hostname
+
+   - `https://immich.example.com/auth/login`)
+   - `https://immich.example.com/user-settings`)
+
+## Enable OAuth
+
+Once you have a new OAuth client application configured, Immich can be configured using the Administration Settings page, available on the web (Administration -> Settings).
+
+| Setting                                              | Type    | Default              | Description                                                                         |
+| ---------------------------------------------------- | ------- | -------------------- | ----------------------------------------------------------------------------------- |
+| Enabled                                              | boolean | false                | Enable/disable OAuth                                                                |
+| Issuer URL                                           | URL     | (required)           | Required. Self-discovery URL for client (from previous step)                        |
+| Client ID                                            | string  | (required)           | Required. Client ID (from previous step)                                            |
+| Client Secret                                        | string  | (required)           | Required. Client Secret (previous step)                                             |
+| Scope                                                | string  | openid email profile | Full list of scopes to send with the request (space delimited)                      |
+| Button Text                                          | string  | Login with OAuth     | Text for the OAuth button on the web                                                |
+| Auto Register                                        | boolean | true                 | When true, will automatically register a user the first time they sign in           |
+| [Auto Launch](#auto-launch)                          | boolean | false                | When true, will skip the login page and automatically start the OAuth login process |
+| [Mobile Redirect URI Override](#mobile-redirect-uri) | URL     | (empty)              | Http(s) alternative mobile redirect URI                                             |
+
+:::info
+The Issuer URL should look something like the following, and return a valid json document.
+
+- `https://accounts.google.com/.well-known/openid-configuration`
+- `http://localhost:9000/application/o/immich/.well-known/openid-configuration`
+
+The `.well-known/openid-configuration` part of the url is optional and will be automatically added during discovery.
+:::
+
+## Auto Launch
+
+When Auto Launch is enabled, the login page will automatically redirect the user to the OAuth authorization url, to login with OAuth. To access the login screen again, use the browser's back button, or navigate directly to `/auth/login?autoLaunch=0`.
+
+## Mobile Redirect URI
+
+The redirect URI for the mobile app is `app.immich:/`, which is a [Custom Scheme](https://developer.apple.com/documentation/xcode/defining-a-custom-url-scheme-for-your-app). If this custom scheme is an invalid redirect URI for your OAuth Provider, you can work around this by doing the following:
+
+1. Configure an http(s) endpoint to forwards requests to `app.immich:/`
+2. Whitelist the new endpoint as a valid redirect URI with your provider.
+3. Specify the new endpoint as the `Mobile Redirect URI Override`, in the OAuth settings.
+
+With these steps in place, you should be able to use OAuth from the [Mobile App](/docs/features/mobile-app.mdx) without a custom scheme redirect URI.
+
+:::info
+Immich has a route (`/api/oauth/mobile-redirect`) that is already configured to forward requests to `app.immich:/`, and can be used for step 1.
+:::
+
+## Example Configuration
+
+Here's an example of OAuth configured for Authentik:
+
+![OAuth Settings](./img/oauth-settings.png)
+
+[oidc]: https://openid.net/connect/

docs/docs/administration/password-login.md

@@ -0,0 +1,32 @@
+# Password Login
+
+An overview of password login and related settings for Immich.
+
+## Enable/Disable
+
+Immich supports password login, which is enabled by default. The preferred way to disable it is via the [Administration Page](#administration-page), although it can also be changed via a [Server Command](#server-command) as well.
+
+### Administration Page
+
+To toggle the password login setting via the web, navigate to the "Administration", expand "Password Authentication", toggle the "Enabled" switch, and press "Save".
+
+![Password Login Settings](./img/password-login-settings.png)
+
+### Server Command
+
+There are two [Server Commands](/docs/administration/server-commands.md) for password login:
+
+1. `enable-password-login`
+2. `disable-password-login`
+
+See [Server Commands](/docs/administration/server-commands.md) for more details about how to run them.
+
+## Password Reset
+
+### Admin
+
+To reset the administrator password, use the `reset-admin-password` [Server Command](/docs/administration/server-commands.md).
+
+### User
+
+Immich does not currently support self-service password reset. However, the administration can reset passwords for other users. See [User Management: Password Reset](/docs/administration/user-management.mdx#password-reset) for more information about how to do this.

docs/docs/administration/reverse-proxy.md

@@ -0,0 +1,22 @@
+# Reverse Proxy
+
+When deploying Immich it is important to understand that a reverse proxy is required in front of the server and web container. The reverse proxy acts as an intermediary between the user and container, forwarding requests to the correct container based on the URL path.
+
+## Default Reverse Proxy
+
+Immich provides a default nginx reverse proxy preconfigured to perform the correct routing and set the necessary headers for the server and web container to use. These headers are crucial to redirect to the correct URL and determine the client's IP address.
+
+## Using a Different Reverse Proxy
+
+While the reverse proxy provided by Immich works well for basic deployments, some users may want to use a different reverse proxy. Fortunately, Immich is flexible enough to accommodate different reverse proxies. Users can either:
+
+1. Add another reverse proxy on top of Immich's reverse proxy
+2. Completely replace the default reverse proxy
+
+## Adding a Custom Reverse Proxy
+
+Users can deploy a custom reverse proxy that forwards requests to Immich's reverse proxy. This way, the new reverse proxy can handle TLS termination, load balancing, or other advanced features, while still delegating routing decisions to Immich's reverse proxy. All reverse proxies between Immich and the user must forward all headers and set the `Host`, `X-Forwarded-Host`, `X-Forwarded-Proto` and `X-Forwarded-For` headers to their appropriate values. By following these practices, you ensure that all custom reverse proxies are fully compatible with Immich.
+
+## Replacing the Default Reverse Proxy
+
+Replacing Immich's default reverse proxy is an advanced deployment and support may be limited. When replacing Immich's default proxy it is important to ensure that requests to `/api/*` are routed to the server container and all other requests to the web container. Additionally, the previously mentioned headers should be configured accordingly. You may find our [nginx configuration file](https://github.com/immich-app/immich/blob/main/nginx/templates/default.conf.template) a helpful reference.

docs/docs/administration/server-commands.md

@@ -0,0 +1,33 @@
+# Server Commands
+
+The `immich-server` docker image comes preinstalled with an administrative CLI (`immich`) that supports the following commands:
+
+| Command                  | Description                           |
+| ------------------------ | ------------------------------------- |
+| `help`                   | Display help                          |
+| `reset-admin-password`   | Reset the password for the admin user |
+| `disable-password-login` | Disable password login                |
+| `enable-password-login`  | Enable password login                 |
+| `list-users`             | List Immich users                     |
+
+## How to run a command
+
+To run a command, [connect](/docs/guides/docker-help.md#attach-to-a-container) to the `immich_server` container and then execute the command via `immich <command>`.
+
+## Examples
+
+Reset Admin Password
+
+![Reset Admin Password](./img/reset-admin-password.png)
+
+Disable Password Login
+
+![Disable Password Login](./img/disable-password-login.png)
+
+Enabled Password Login
+
+![Enable Password Login](./img/enable-password-login.png)
+
+List Users
+
+![List Users](./img/list-users.png)

docs/docs/administration/storage-template.mdx

@@ -0,0 +1,5 @@
+import StorageTemplate from '../partials/_storage-template.md';
+
+# Storage Template
+
+<StorageTemplate />

docs/docs/administration/user-management.mdx

@@ -0,0 +1,24 @@
+import RegisterAdminUser from '../partials/_register-admin.md';
+import UserCreate from '../partials/_user-create.md';
+
+# User Management
+
+Immich supports multiple users, each with their own library.
+
+## Register the Admin User
+
+<RegisterAdminUser />
+
+## Create a New User
+
+<UserCreate />
+
+## Delete a User
+
+If you need to remove a user from Immich, head to "Administration", where users can be scheduled for deletion. The user account will immediately become disabled and their library and all associated data will be removed after 7 days.
+
+## Password Reset
+
+To reset a user's password, click the pencil icon to edit a user, then click "Reset Password". The user's password will be reset to "password" and they have to change it next time the sign in.
+
+![Reset Password](./img/user-management-update.png)

docs/docs/developer/_category_.json

@@ -0,0 +1,4 @@
+{
+  "label": "Developer",
+  "position": 5
+}

docs/docs/developer/architecture.md

@@ -0,0 +1,41 @@
+---
+sidebar_position: 1
+---
+
+# Architecture
+
+## High Level Diagram
+
+![Immich Architecture](./img/app-architecture.png)
+
+## Technology
+
+Immich is a full-stack [TypeScript](https://www.typescriptlang.org/) application, with a [Flutter](https://flutter.dev/) mobile app.
+
+### Mobile
+
+- [Flutter](https://flutter.dev/)
+- [Riverpod](https://riverpod.dev/) for state management.
+
+### Web
+
+- [SvelteKit](https://kit.svelte.dev/)
+- [Tailwindcss](https://tailwindcss.com/)
+
+### Server
+
+- [Node.js](https://nodejs.org/)
+- [Nest.js](https://nestjs.com/)
+- [TypeORM](https://typeorm.io/) for database management.
+- [Jest](https://jestjs.io/) for testing.
+- [Python](https://www.python.org/) for Machine Learning.
+
+### Database
+
+- [PostgreSQL](https://www.postgresql.org/)
+- [Redis](https://redis.io/) for job queuing.
+- [Typesense](https://typesense.org/) for search.
+
+### Web Server
+
+- [NGINX](https://www.nginx.com/) for internal communication between containers and load balancing when scaling.

docs/docs/developer/contributing.md

@@ -0,0 +1,43 @@
+---
+sidebar_position: 3
+---
+
+# Contributing
+
+Contributions are welcome!
+
+## PR Checklist
+
+When contributing code through a pull request, please check the following:
+
+### Web Checks
+
+- [ ] `npm run lint` (linting via ESLint)
+- [ ] `npm run format` (formatting via Prettier)
+- [ ] `npm run check` (Type checking via SvelteKit)
+- [ ] `npm test` (Tests via Jest)
+
+:::tip
+Run all web checks with `npm run check:all`
+:::
+
+### Server Checks
+
+- [ ] `npm run lint` (linting via ESLint)
+- [ ] `npm run format` (formatting via Prettier)
+- [ ] `npm run check` (Type checking via `tsc`)
+- [ ] `npm test` (Tests via Jest)
+
+:::tip
+Run all server checks with `npm run check:all`
+:::
+
+### Open API
+
+The Open API client libraries need to be regenerated whenever there are changes to the `immich-openapi-specs.json` file.
+
+- [ ] `npm run api:generate`
+
+:::tip
+This can also be run via `make api` from the project root directory (not in the `server` folder)
+:::

docs/docs/developer/open-api.md

@@ -0,0 +1,7 @@
+---
+sidebar_position: 5
+---
+
+# Open API
+
+Immich uses the [Open API](https://swagger.io/specification/) standard to generate API documentation. To view the published docs see [here](/docs/api).

docs/docs/developer/setup.md

@@ -0,0 +1,118 @@
+---
+sidebar_position: 2
+---
+
+# Setup
+
+## Environment
+
+### Server and web app
+
+This environment includes the following services:
+
+- Core server - `/server/apps/immich`
+- Machine learning - `/machine-learning`
+- Microservices - `/server/apps/microservicess`
+- Web app - `/web`
+- Redis
+- PostgreSQL development database with exposed port `5432` so you can use any database client to acess it
+- NGINX Proxy - `nginx/nginx.conf`
+
+All the services are packaged to run as with single Docker Compose command.
+
+### Instructions
+
+1. Clone the project repo.
+2. Run `cp docker/example.env docker/.env`.
+3. Edit `docker/.env` to provide values for the required variable `UPLOAD_LOCATION`.
+4. From the root directory, run:
+
+```bash title="Start development server"
+make dev # required Makefile installed on the system.
+```
+
+5. Access the dev instance in your browser at http://localhost:2283, or connect via the mobile app.
+
+All the services will be started with hot-reloading enabled for a quick feedback loop.
+
+You can access the web from `http://your-machine-ip:2283` or `http://localhost:2283` and access the server from the mobile app at `http://your-machine-ip:2283/api`
+
+### Mobile app
+
+The mobile app `(/mobile)` will required Flutter toolchain to be installed on your system.
+
+Please refer to the [Flutter's official documentation](https://flutter.dev/docs/get-started/install) for more information on setting up the toolchain on your machine.
+
+### Connect to a remote backend
+
+If you only want to do web development connected to an existing, remote backend, follow these steps:
+
+1. Enter the web directory - `cd web/`
+2. Install web dependencies - `npm i`
+3. Start the web development server
+
+```
+PUBLIC_IMMICH_SERVER_URL=https://demo.immich.app/api npm run dev
+```
+
+## IDE setup
+
+### Lint / format extensions
+
+Setting these in the IDE give a better developer experience, auto-formatting code on save, and providing instant feedback on lint issues.
+
+### VSCode
+
+Install `Flutter`, `Prettier`, `ESLint` and `Svelte` extensions.
+
+in User `settings.json` (`cmd + shift + p` and search for `Open User Settings JSON`) add the following:
+
+```json title="settings.json"
+{
+  "editor.formatOnSave": true,
+  "[javascript][typescript][css]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.tabSize": 2,
+    "editor.formatOnSave": true
+  },
+  "[svelte]": {
+    "editor.defaultFormatter": "svelte.svelte-vscode",
+    "editor.tabSize": 2
+  },
+  "svelte.enable-ts-plugin": true,
+  "eslint.validate": ["javascript", "svelte"],
+  "[dart]": {
+    "editor.formatOnSave": true,
+    "editor.selectionHighlight": false,
+    "editor.suggest.snippetsPreventQuickSuggestions": false,
+    "editor.suggestSelection": "first",
+    "editor.tabCompletion": "onlySnippets",
+    "editor.wordBasedSuggestions": false,
+    "editor.defaultFormatter": "Dart-Code.dart-code"
+  }
+}
+```
+
+## OpenAPI generator
+
+OpenAPI is used to generate the client (Typescript, Dart) SDK. `openapi-generator-cli` can be installed [here](https://openapi-generator.tech/docs/installation/). When you add a new or modify an existing endpoint, you must run the command below to update the client SDK.
+
+```bash
+npm run api:generate # Run from the `server` directory
+```
+
+You can find the generated client SDK in the `web/src/api` for Typescript SDK and `mobile/openapi` for Dart SDK.
+
+## Database migrations
+
+After making any changes in the `server/libs/database/src/entities`, a database migration need to run in order to register the changes in the database. Follow the steps below to create a new migration.
+
+1. Attached to the server container shell.
+2. Run
+
+```bash
+npm run typeorm:migrations:generate ./libs/infra/src/<migration-name>
+```
+
+3. Check if the migration file makes sense.
+4. Move the migration file to folder `server/libs/database/src/migrations` in your code editor.

docs/docs/features/_category_.json

@@ -0,0 +1,4 @@
+{
+  "label": "Features",
+  "position": 3
+}

docs/docs/features/automatic-backup.md

@@ -0,0 +1,36 @@
+# Automatic Backup
+
+A guide on how the foreground and background automatic backup works.
+
+<img src={require('./img/background-foreground-backup.png').default} width="50%" title="Foreground&Background Backup" />
+
+## Foreground backup
+
+If foreground backup is enabled: whenever the app is opened or resumed, it will check if any photos or videos in the selected album(s) have yet to be uploaded to the cloud (the remainder count). If there are any, they will be uploaded.
+
+## Background backup
+
+Background backup is available thanks to the contribution effort of [@zoodyy](https://github.com/zoodyy) and [@martyfuhry](https://github.com/martyfuhry).
+
+If background backup is enabled. The app will periodically check if there are any new photos or videos in the selected album(s) to be uploaded to the cloud. If there are, it will upload them to the cloud in the background.
+
+:::info Note
+
+#### General
+
+- The app must be in the background for the backup worker to start running.
+- If you reopen the app and the first page you see is the backup page, the counts will not reflect the background uploaded result. You have to navigate out of the page and come back to see the updated counts.
+
+#### Android
+
+- It is a well-known problem that some Android models are very strict with battery optimization settings, which can cause a problem with the background worker. Please visit [Don't kill my app](https://dontkillmyapp.com/) for a guide on disabling this setting on your phone.
+
+#### iOS
+
+- You must enable **Background App Refresh** for the app to work in the background. You can enable it in the Settings app under General > Background App Refresh.
+
+<div style={{textAlign: 'center'}}>
+<img src={require('./img/background-app-refresh.png').default} width="30%" title="background-app-refresh" />
+</div>
+
+:::

docs/docs/features/bulk-upload.md

@@ -0,0 +1,103 @@
+# Bulk Upload (Using the CLI)
+
+You can use the CLI to upload an existing gallery to the Immich server
+
+[Immich CLI Repository](https://github.com/immich-app/CLI)
+
+## Requirements
+
+- Node.js 16 or above
+- Npm
+
+## Installation
+
+```bash
+npm i -g immich
+```
+
+## Quick Start
+
+Specify user's credential, Immich's server address and port and the directory you would like to upload videos/photos from.
+
+```
+immich upload --key HFEJ38DNSDUEG --server http://192.168.1.216:2283/api file1.jpg file2.jpg
+```
+
+By default, subfolders are not included. To upload a directory including subfolder, use the --recursive option:
+
+```
+immich upload --key HFEJ38DNSDUEG --server http://192.168.1.216:2283/api --recursive directory/
+```
+
+---
+
+### Options
+
+| Parameter        | Description                                                         |
+| ---------------- | ------------------------------------------------------------------- |
+| --yes / -y       | Assume yes on all interactive prompts                               |
+| --recursive / -r | Include subfolders                                                  |
+| --delete / -da   | Delete local assets after upload                                    |
+| --key / -k       | User's API key                                                      |
+| --server / -s    | Immich's server address                                             |
+| --threads / -t   | Number of threads to use (Default 5)                                |
+| --album/ -al     | Create albums for assets based on the parent folder or a given name |
+
+### Obtain the API Key
+
+The API key can be obtained in the user setting panel on the web interface.
+
+![Obtain Api Key](./img/obtain-api-key.png)
+
+### Run via Docker
+
+You can run the CLI inside of a docker container to avoid needing to install anything.
+
+:::caution Running inside Docker
+Be aware that as this runs inside a container, you need to mount the folder from which you want to import into the container.
+:::
+
+```bash title="Upload current directory"
+cd /DIRECTORY/WITH/IMAGES
+docker run -it --rm -v "$(pwd):/import" ghcr.io/immich-app/immich-cli:latest upload --key HFEJ38DNSDUEG --server http://192.168.1.216:2283/api
+```
+
+```bash title="Upload target directory"
+docker run -it --rm -v "/DIRECTORY/WITH/IMAGES:/import" ghcr.io/immich-app/immich-cli:latest upload --key HFEJ38DNSDUEG --server http://192.168.1.216:2283/api
+```
+
+```bash title="Create an alias"
+alias immich='docker run -it --rm -v "$(pwd):/import" ghcr.io/immich-app/immich-cli:latest'
+immich upload --key HFEJ38DNSDUEG --server http://192.168.1.216:2283/api
+```
+
+:::tip Internal networking
+If you are running the CLI container on the same machine as your Immich server, you may not be able to reach the external address. In that case, try the following steps:
+
+1. Find the internal Docker network used by Immich via `docker network ls`.
+2. Adapt the above command to pass the `--network <immich_network>` argument to `docker run`, substituting `<immich_network>` with the result from step 1.
+3. Use `--server http://immich-server:3001/` for the upload command instead of the external address.
+
+```bash title="Upload to internal address"
+docker run --network immich_default -it --rm -v "$(pwd):/import" ghcr.io/immich-app/immich-cli:latest upload --key HFEJ38DNSDUEG --server http://immich-server:3001/
+```
+
+:::
+
+### Run from source
+
+```bash title="Clone Repository"
+git clone https://github.com/immich-app/CLI
+```
+
+```bash title="Install dependencies"
+npm install
+```
+
+```bash title="Build the project"
+npm run build
+```
+
+```bash title="Run the command"
+node bin/index.js upload --key HFEJ38DNSDUEG --server http://192.168.1.216:2283/api --recursive your/asset/directory
+```

docs/docs/features/facial-recognition.md

@@ -0,0 +1,15 @@
+# Facial Recognition
+
+Immich recognizes faces in your photos and videos and groups them together. You can then assign names to the faces and search for them.
+
+The list of people is shown in the Explore page.
+
+<img src={require('./img/facial-recognition-1.png').default} title='Facial Recognition 1' />
+
+Upon clicking on a person, a list of assets that contain their face will be shown.
+
+<img src={require('./img/facial-recognition-2.png').default} title='Facial Recognition 2' />
+
+The asset detail view will also show the faces that are recognized in the asset.
+
+<img src={require('./img/facial-recognition-3.png').default} title='Facial Recognition 3' />