This repository provides instructions and helper scripts to install Immich without Docker, natively.
-
This is tested on Ubuntu 22.04 (on both x86 and aarch64) as the host distro, but it will be similar on other distros. If you want to run this on a macOS, see 4v3ngR's unofficial macOS port.
-
This guide installs Immich to
/var/lib/immich
. To change it, replace it to the directory you want in this README andinstall.sh
's$IMMICH_PATH
. -
The install.sh script currently is using Immich v1.114.0. It should be noted that due to the fast-evolving nature of Immich, the install script may get broken if you replace the
$TAG
to something more recent. -
mimalloc
is deliberately disabled as this is a native install and sharing system library makes more sense. -
pgvector
is used instead ofpgvecto.rs
that the official Immich uses to remove an additional Rust build dependency. -
Microservice and machine-learning's host is opened to 0.0.0.0 in the default configuration. This behavior is changed to only accept 127.0.0.1 during installation. Only the main Immich service's port, 3001, is opened to 0.0.0.0.
-
Only the basic CPU configuration is used. Hardware-acceleration such as CUDA is unsupported. In my personal experience, importing about 10K photos on a x86 processor doesn't take an unreasonable amount of time (less than 30 minutes).
-
JPEG XL support may differ official Immich due to base-image's dependency differences.
As the time of writing, Node.js v20 LTS, PostgreSQL 16 and Redis 7.2.4 was used.
pgvector is included in the official PostgreSQL's APT repository:
sudo apt install postgresql(-16)-pgvector
Immich uses FFmpeg to process media.
FFmpeg provided by the distro is typically too old.
Either install it from jellyfin
or use FFmpeg Static Builds and install it to /usr/bin
.
sudo apt install --no-install-recommends \
python3-venv \
python3-dev \
uuid-runtime \
autoconf \
build-essential \
unzip \
jq \
perl \
libnet-ssleay-perl \
libio-socket-ssl-perl \
libcapture-tiny-perl \
libfile-which-perl \
libfile-chdir-perl \
libpkgconfig-perl \
libffi-checklib-perl \
libtest-warnings-perl \
libtest-fatal-perl \
libtest-needs-perl \
libtest2-suite-perl \
libsort-versions-perl \
libpath-tiny-perl \
libtry-tiny-perl \
libterm-table-perl \
libany-uri-escape-perl \
libmojolicious-perl \
libfile-slurper-perl \
liblcms2-2 \
wget
A separate Python's virtualenv will be stored to /var/lib/immich
.
This guide isolates Immich to run on a separate immich
user.
This provides basic permission isolation and protection.
sudo adduser \
--home /var/lib/immich/home \
--shell=/sbin/nologin \
--no-create-home \
--disabled-password \
--disabled-login \
immich
sudo mkdir -p /var/lib/immich
sudo chown immich:immich /var/lib/immich
sudo chmod 700 /var/lib/immich
Create a strong random string to be used with PostgreSQL immich database.
You need to save this and write to the env
file later.
sudo -u postgres psql
postgres=# create database immich;
postgres=# create user immich with encrypted password 'YOUR_STRONG_RANDOM_PW';
postgres=# grant all privileges on database immich to immich;
postgrse=# ALTER USER immich WITH SUPERUSER;
postgres=# \q
Save the env file to /var/lib/immich
, and configure on your own.
You'll only have to set DB_PASSWORD
.
sudo cp env /var/lib/immich
sudo chown immich:immich /var/lib/immich/env
Clone this repository to somewhere anyone can access (like /tmp) and run install.sh
as root.
Anytime Immich is updated, all you have to do is run it again.
In summary, the install.sh
script does the following:
-
Sets up a dedicated Python venv to
/var/lib/immich/app/machine-learning/venv
. -
Replaces
/usr/src
to/var/lib/immich
. -
Limits listening host from 0.0.0.0 to 127.0.0.1. If you do not want this to happen (make sure you fully understand the security risks!), comment out the
sed
command ininstall.sh
's "Use 127.0.0.1" part.
Because the install script switches to the immich user during installation, you must install systemd services manually:
sudo cp immich*.service /etc/systemd/system/
sudo systemctl daemon-reload
for i in immich*.service; do
sudo systemctl enable $i
sudo systemctl start $i
done
Your Immich installation should be running at 3001 port, listening from localhost (127.0.0.1).
Immich will additionally use localhost's 3002 and 3003 ports.
Please add firewall rules and apply https proxy and secure your Immich instance.
# Run as root!
# Remove Immich systemd services
for i in immich*.service; do
systemctl stop $i
systemctl disable $i
done
rm /etc/systemd/system/immich*.service
systemctl daemon-reload
# Remove Immich files
rm -rf /var/lib/immich
# Delete immich user
deluser immich
# Remove Immich DB
sudo -u postgres psql
postgres=# drop user immich;
postgres=# drop database immich;
postgres=# \q
# Optionally remove dependencies
# Review /var/log/apt/history.log and remove packages you've installed