{"id":38,"date":"2024-06-14T18:04:57","date_gmt":"2024-06-14T23:04:57","guid":{"rendered":"https:\/\/www.eeinc.us\/homelab\/?p=38"},"modified":"2024-10-16T13:31:11","modified_gmt":"2024-10-16T18:31:11","slug":"deploying-immich-with-rootless-podman","status":"publish","type":"post","link":"https:\/\/homelab.eeinc.us\/index.php\/2024\/06\/14\/deploying-immich-with-rootless-podman\/","title":{"rendered":"Deploying Immich with rootless podman"},"content":{"rendered":"\n

Immich<\/a> is a high-performance self-hosted photo and video management solution that allows you to share and synchronize photos and videos between multiple devices. The documentation<\/a> provides instructions on how to install Immich with Docker Compose, Kubernetes, Portainer, Unraid, TrueNAS Scale, and others. But what if you, like me, want to install on Podman? That’s the purpose of this post — to document how I deployed Immich on rootless Podman. Many thanks to the authors of the countless posts I read that enabled me to be successful with my deployment.<\/p>\n\n\n\n

Perform the following steps to install Immich on rootless Podman:<\/p>\n\n\n\n

Note:<\/strong> the initial commands assume you are running as the ‘root’ user. I know, I know, this is not recommended, that you should use ‘sudo’, etc., but since this is in my lab, I am willing to accept the risks while taking a shortcut.<\/p>\n\n\n\n

Create the non-root user<\/p>\n\n\n\n

useradd -c \"Immich Container Account\" -m immich
passwd immich <-- type the password for the immich account
loginctl enable-linger immich<\/code><\/p>\n\n\n\n

Create the directory structure for the container<\/p>\n\n\n\n

machinectl shell immich@
mkdir -p ~\/container\/immich\/database
mkdir -p ~\/container\/immich\/upload
mkdir -p ~\/container\/immich\/cache<\/code><\/p>\n\n\n\n

Create an environment file to store hostnames, IDs, and passwords used by the containers<\/p>\n\n\n\n

vim ~\/container\/immich\/environment.file<\/code><\/p>\n\n\n\n

DB_HOSTNAME=immich
DB_USERNAME=postgres
DB_PASSWORD=postgres
DB_DATABASE_NAME=immich
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_DB=immich
REDIS_HOSTNAME=immich<\/code><\/p>\n\n\n\n

Create the pod<\/p>\n\n\n\n

podman pod create --name immich --publish 192.168.194.55:2283:2283<\/code><\/p>\n\n\n\n

Note:<\/strong> I had to hard-code the IP address for the published port to get the port forwarding to work. Otherwise, it would default to IPv6 addressing. Please let me know if you are successful getting it working without it.<\/p>\n\n\n\n

Note:<\/strong> You can specify any external port instead of 2283<\/code>. If you change this port, change the firewall rules below.<\/p>\n\n\n\n

Note:<\/strong> Beginning in v1.118.0 there is now port alignment with the internal port and the binding port. Therefore, the published port changes to 2283:2283<\/strong><\/code> from 2282:3001<\/strong><\/code>.<\/p>\n\n\n\n

Create the redis container<\/strong><\/p>\n\n\n\n

podman run \\<\/code>
--replace\\<\/code>
--detach \\<\/code>
--pod=immich \\<\/code>
--restart=always \\<\/code>
--name=immich-redis \\<\/code>
--label \"io.containers.autoupdate=image\" \\<\/code>
docker.io\/redis:7.2.4<\/code><\/p>\n\n\n\n

Create the database container<\/strong><\/p>\n\n\n\n

podman run \\<\/code>
--replace \\<\/code>
--detach \\<\/code>
--pod=immich \\<\/code>
--restart=always \\<\/code>
--name=immich-database \\<\/code>
--label \"io.containers.autoupdate=image\" \\<\/code>
--env-file=\/home\/immich\/container\/immich\/environment.file \\<\/code>
--volume ~\/container\/immich\/database:\/var\/lib\/postgresql\/data:Z<\/code> \\
docker.io\/tensorchord\/pgvecto-rs:pg14-v0.2.0<\/code><\/p>\n\n\n\n

Create the server container<\/strong><\/p>\n\n\n\n

podman run \\<\/code>
--replace \\<\/code>
--detach \\<\/code>
--pod=immich \\<\/code>
--restart=always \\<\/code>
--name=immich-server \\<\/code>
--label \"io.containers.autoupdate=image\" \\<\/code>
--env-file=\/home\/immich\/container\/immich\/environment.file \\<\/code>
--volume ~\/container\/immich\/upload:\/usr\/src\/app\/upload:z \\<\/code>
--volume \/etc\/localtime:\/etc\/localtime:ro \\<\/code>
ghcr.io\/immich-app\/immich-server:release<\/code><\/p>\n\n\n\n

Create the machine learning container<\/strong><\/p>\n\n\n\n

podman run \\<\/code>
--replace \\<\/code>
--detach \\<\/code>
--pod=immich \\<\/code>
--restart=always \\<\/code>
--name=immich-machine-learning \\<\/code>
--label \"io.containers.autoupdate=image\" \\<\/code>
--env-file=\/home\/immich\/container\/immich\/environment.file \\<\/code>
--volume ~\/container\/immich\/cache:\/cache:Z \\<\/code>
ghcr.io\/immich-app\/immich-machine-learning:release<\/code><\/p>\n\n\n\n

Daemonize and start the pod<\/p>\n\n\n\n

mkdir -p ~\/.config\/systemd\/user
cd ~\/.config\/systemd\/user
podman generate systemd --new --name --files immich
systemctl --user enable --now pod-immich.service<\/code><\/p>\n\n\n\n

Enable the firewall rules<\/p>\n\n\n\n

firewall-cmd --permanent --zone=home --add-port=2283\/tcp
firewall-cmd --reload<\/code><\/p>\n\n\n\n

Note:<\/strong> add the firewall rule to the appropriate zone. In my environment, I have a new zone named ‘home’ that I use.<\/p>\n\n\n\n

When finished, Press ^] three times within 1s to exit session.<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"

Immich is a high-performance self-hosted photo and video management solution that allows you to share and synchronize photos and videos between multiple devices. The documentation provides instructions on how to install Immich with Docker Compose, Kubernetes, Portainer, Unraid, TrueNAS Scale, and others. But what if you, like me, want to install on Podman? That’s the<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-38","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/posts\/38","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/comments?post=38"}],"version-history":[{"count":12,"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/posts\/38\/revisions"}],"predecessor-version":[{"id":75,"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/posts\/38\/revisions\/75"}],"wp:attachment":[{"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/media?parent=38"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/categories?post=38"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/homelab.eeinc.us\/index.php\/wp-json\/wp\/v2\/tags?post=38"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}