for the installation of immich, i used my truenas scale server. since it uses docker, it was a bit convenient for me. though it came with a few hiccups that i was able to address.
the first thing was creating a new dataset within the pool i created. you will an immich dataset with two child datasets, one for uploads and one for your database. when creating the upload dataset, create it as an ‘app’. the database dataset can be created as ‘generic’. by doing this, it will inherit the proper permissions needed for the immich installation. the explanation is that the uploads folder is used by the app which is ran by the default apps user in truenas. the database folder needs the netdata user in order for it to function properly, which will be done at the app configuration screen.
once this is done, navigate to the apps tab on the left. search for immich and press install. if it prompts you to enter a dataset, just select the one you create your datasets in. when you do this, it will just have an install button for future apps.
once you pass this step, configure the application to your liking with the timezone, image, machine learning, passwords, database storage type. keep the default user and group configuration unless you want that changed. the ‘568’ is a reference to the default apps user and group in truenas. if you decide to run immich as a different user, make sure it reflects in the uploads dataset.
network configuration section is pretty much defaults. you can change the port if you want, that is what i did, but personal preference. it just made it easier for my reverse proxy settings.
storage configuration section is where you want to change two sections. the data storage and postgres database storage. these will be changed to host path in the drop down menu. you can then type in the path or use the gui to drop down to the proper path.
for the postgres database, check the box ‘automatic permissions’. and then for the resources section, configure how much according to your truenas system. below this, you can also do gpu pass-through if there is access to a gpu.
from there, save the app and it should deploy automatically. this is where i had issues since i have truenas installed as a virtual machine in proxmox and had memory ballooning enabled. which means that the four gigs of memory i set as the minimum, was the only memory allocated for it, which bottlenecked my immich container. it kept deploying and restarting, so i turned it off and it deployed just fine.
if you have a reverse proxy service and dns setup, i highly recommend setting it up to be accessed from a domain name. and it is also access by https. there is documentation on how to do this local https access in the earlier months.
now going into immich, the first steps is to create an admin user, so note this account. from there follow the steps, i disabled all of the services since i don’t want this service reaching the internet as much. after this, immich is pretty much ready to use for photo and video backup and viewing.
oauth2 is supported so i configured it for authentik. the process was fairly easy since authentik has documentation on their website. follow the steps and paste in the proper client id and client secret. the first time i did this, i had issues with the login and linking accounts since i forgot to add a signing key. be sure to add a signing key to the provider since immich is looking for one.
test this out by logging into an authentik account, or link your authentik admin account to the immich admin user’s account. there is a separate button generated for oauth login, you can customize what this says.
this is as far as i got with configuring immich. likely this will be a local service and hidden behind my network. i will have to vpn in to access the photos and videos that i have backed up. i do not want this exposed to the inter-webs.
update, there is a mobile app which makes syncing and uploading photos fairly easy. the setup is straight forward and makes for a perfect interface for mobile use. there is also a section for auto discovery since it can swap between a public instance and local instance, which is very nice. i can access the service over the public or locally. which speeds up transfer speeds by a lot.
otherwise, i setup an smtp server so that when i create users, they are notified when their account is created and sends them their credentials to login. i decided 100gb was a good starting quota, and i will increase it as i see fit for the users.