Immich is a high-performance self-hosted photo and video management solution that allows you to share and synchronize photos and videos between multiple devices. The documentation provides instructions on how to install Immich with Docker Compose, Kubernetes, Portainer, Unraid, TrueNAS Scale, and others. But what if you, like me, want to install on Podman? That’s the purpose of this post — to document how I deployed Immich on rootless Podman. Many thanks to the authors of the countless posts I read that enabled me to be successful with my deployment.
Perform the following steps to install Immich on rootless Podman:
Note: the initial commands assume you are running as the ‘root’ user. I know, I know, this is not recommended, that you should use ‘sudo’, etc., but since this is in my lab, I am willing to accept the risks while taking a shortcut.
Create the non-root user
useradd -c "Immich Container Account" -m immich
passwd immich <-- type the password for the immich account
loginctl enable-linger immich
Create the directory structure for the container
machinectl shell immich@
mkdir -p ~/container/immich/database
mkdir -p ~/container/immich/upload
mkdir -p ~/container/immich/cache
Create an environment file to store hostnames, IDs, and passwords used by the containers
vim ~/container/immich/environment.file
DB_HOSTNAME=immich
DB_USERNAME=postgres
DB_PASSWORD=postgres
DB_DATABASE_NAME=immich
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_DB=immich
REDIS_HOSTNAME=immich
Create the pod
podman pod create --name immich --publish 192.168.194.55:2283:2283
Note: I had to hard-code the IP address for the published port to get the port forwarding to work. Otherwise, it would default to IPv6 addressing. Please let me know if you are successful getting it working without it.
Note: You can specify any external port instead of 2283. If you change this port, change the firewall rules below.
Note: Beginning in v1.118.0 there is now port alignment with the internal port and the binding port. Therefore, the published port changes to 2283:2283 from 2282:3001.
Create the redis container
podman run \
--replace\
--detach \
--pod=immich \
--restart=always \
--name=immich-redis \
--label "io.containers.autoupdate=image" \
docker.io/redis:7.2.4
Create the database container
podman run \
--replace \
--detach \
--pod=immich \
--restart=always \
--name=immich-database \
--label "io.containers.autoupdate=image" \
--env-file=/home/immich/container/immich/environment.file \
--volume ~/container/immich/database:/var/lib/postgresql/data:Z \
docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0
Create the server container
podman run \
--replace \
--detach \
--pod=immich \
--restart=always \
--name=immich-server \
--label "io.containers.autoupdate=image" \
--env-file=/home/immich/container/immich/environment.file \
--volume ~/container/immich/upload:/usr/src/app/upload:z \
--volume /etc/localtime:/etc/localtime:ro \
ghcr.io/immich-app/immich-server:release
Create the machine learning container
podman run \
--replace \
--detach \
--pod=immich \
--restart=always \
--name=immich-machine-learning \
--label "io.containers.autoupdate=image" \
--env-file=/home/immich/container/immich/environment.file \
--volume ~/container/immich/cache:/cache:Z \
ghcr.io/immich-app/immich-machine-learning:release
Daemonize and start the pod
mkdir -p ~/.config/systemd/user
cd ~/.config/systemd/user
podman generate systemd --new --name --files immich
systemctl --user enable --now pod-immich.service
Enable the firewall rules
firewall-cmd --permanent --zone=home --add-port=2283/tcp
firewall-cmd --reload
Note: add the firewall rule to the appropriate zone. In my environment, I have a new zone named ‘home’ that I use.
When finished, Press ^] three times within 1s to exit session.