merge main

Merge branch 'main' of github.com:immich-app/immich into web/automation-ui
2025-12-13 16:20:43 -08:00 · 2024-04-22 06:52:30 -05:00 · 2024-04-22 06:51:57 -05:00 · 2024-04-17 11:13:14 +02:00 · 2024-04-08 07:37:25 +02:00 · 2024-04-07 20:37:26 -05:00
3953 changed files with 197062 additions and 365974 deletions
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -1,67 +0,0 @@
-{
-  "name": "Immich - Backend, Frontend and ML",
-  "service": "immich-server",
-  "runServices": [
-    "immich-server",
-    "redis",
-    "database",
-    "immich-machine-learning"
-  ],
-  "dockerComposeFile": [
-    "../docker/docker-compose.dev.yml",
-    "./server/container-compose-overrides.yml"
-  ],
-  "customizations": {
-    "vscode": {
-      "extensions": [
-        "dbaeumer.vscode-eslint",
-        "esbenp.prettier-vscode",
-        "svelte.svelte-vscode",
-        "ms-vscode-remote.remote-containers",
-        "foxundermoon.shell-format",
-        "timonwong.shellcheck",
-        "rvest.vs-code-prettier-eslint",
-        "bluebrown.yamlfmt",
-        "vkrishna04.cspell-sync",
-        "vitest.explorer",
-        "ms-playwright.playwright",
-        "ms-azuretools.vscode-docker"
-      ]
-    }
-  },
-  "forwardPorts": [3000, 9231, 9230, 2283],
-  "portsAttributes": {
-    "3000": {
-      "label": "Immich - Frontend HTTP",
-      "description": "The frontend of the Immich project",
-      "onAutoForward": "openBrowserOnce"
-    },
-    "2283": {
-      "label": "Immich - API Server - HTTP",
-      "description": "The API server of the Immich project"
-    },
-    "9231": {
-      "label": "Immich - API Server - DEBUG",
-      "description": "The API server of the Immich project"
-    },
-    "9230": {
-      "label": "Immich - Workers - DEBUG",
-      "description": "The workers of the Immich project"
-    }
-  },
-  "overrideCommand": true,
-  "workspaceFolder": "/workspaces/immich",
-  "remoteUser": "node",
-  "userEnvProbe": "loginInteractiveShell",
-  "remoteEnv": {
-    // The location where your uploaded files are stored
-    "UPLOAD_LOCATION": "${localEnv:UPLOAD_LOCATION:./library}",
-    //  Connection secret for postgres. You should change it to a random password
-    //  Please use only the characters `A-Za-z0-9`, without special characters or spaces
-    "DB_PASSWORD": "${localEnv:DB_PASSWORD:postgres}",
-    //  The database username
-    "DB_USERNAME": "${localEnv:DB_USERNAME:postgres}",
-    //  The database name
-    "DB_DATABASE_NAME": "${localEnv:DB_DATABASE_NAME:immich}"
-  }
-}
--- a/.devcontainer/mobile/container-compose-overrides.yml
+++ b/.devcontainer/mobile/container-compose-overrides.yml
@@ -1,34 +0,0 @@
-services:
-  immich-server:
-    build:
-      target: dev-container-mobile
-    environment:
-      - IMMICH_SERVER_URL=http://127.0.0.1:2283/
-    volumes: !override # bind mount host to /workspaces/immich
-      - ..:/workspaces/immich
-      - cli_node_modules:/workspaces/immich/cli/node_modules
-      - e2e_node_modules:/workspaces/immich/e2e/node_modules
-      - open_api_node_modules:/workspaces/immich/open-api/typescript-sdk/node_modules
-      - server_node_modules:/workspaces/immich/server/node_modules
-      - web_node_modules:/workspaces/immich/web/node_modules
-      - ${UPLOAD_LOCATION}/photos:/workspaces/immich/server/upload
-      - ${UPLOAD_LOCATION}/photos/upload:/workspaces/immich/server/upload/upload
-      - /etc/localtime:/etc/localtime:ro
-
-  database:
-    volumes:
-      - ${UPLOAD_LOCATION}/postgres:/var/lib/postgresql/data
-
-volumes:
-  # Node modules for each service to avoid conflicts and ensure consistent dependencies
-  cli_node_modules:
-  e2e_node_modules:
-  open_api_node_modules:
-  server_node_modules:
-  web_node_modules:
-
-  # UPLOAD_LOCATION must be set to a absolute path or vol-upload
-  vol-upload:
-
-  # DB_DATA_LOCATION must be set to a absolute path or vol-database
-  vol-database:
--- a/.devcontainer/mobile/devcontainer.json
+++ b/.devcontainer/mobile/devcontainer.json
@@ -1,52 +0,0 @@
-{
-  "name": "Immich - Mobile",
-  "service": "immich-server",
-  "runServices": [
-    "immich-server",
-    "redis",
-    "database",
-    "immich-machine-learning"
-  ],
-  "dockerComposeFile": [
-    "../../docker/docker-compose.dev.yml",
-    "./container-compose-overrides.yml"
-  ],
-  "customizations": {
-    "vscode": {
-      "extensions": [
-        "Dart-Code.dart-code",
-        "Dart-Code.flutter",
-        "dcmdev.dcm-vscode-extension",
-        "esbenp.prettier-vscode",
-        "dbaeumer.vscode-eslint",
-        "esbenp.prettier-vscode",
-        "svelte.svelte-vscode",
-        "ms-vscode-remote.remote-containers",
-        "foxundermoon.shell-format",
-        "timonwong.shellcheck",
-        "rvest.vs-code-prettier-eslint",
-        "bluebrown.yamlfmt",
-        "vkrishna04.cspell-sync",
-        "vitest.explorer",
-        "ms-playwright.playwright",
-        "ms-azuretools.vscode-docker"
-      ]
-    }
-  },
-  "forwardPorts": [],
-  "overrideCommand": true,
-  "workspaceFolder": "/workspaces/immich",
-  "remoteUser": "node",
-  "userEnvProbe": "loginInteractiveShell",
-  "remoteEnv": {
-    // The location where your uploaded files are stored
-    "UPLOAD_LOCATION": "${localEnv:UPLOAD_LOCATION:./Library}",
-    //  Connection secret for postgres. You should change it to a random password
-    //  Please use only the characters `A-Za-z0-9`, without special characters or spaces
-    "DB_PASSWORD": "${localEnv:DB_PASSWORD:postgres}",
-    //  The database username
-    "DB_USERNAME": "${localEnv:DB_USERNAME:postgres}",
-    //  The database name
-    "DB_DATABASE_NAME": "${localEnv:DB_DATABASE_NAME:immich}"
-  }
-}
--- a/.devcontainer/server/container-common.sh
+++ b/.devcontainer/server/container-common.sh
@@ -1,82 +0,0 @@
-#!/bin/bash
-export IMMICH_PORT="${DEV_SERVER_PORT:-2283}"
-export DEV_PORT="${DEV_PORT:-3000}"
-
-# search for immich directory inside workspace.
-# /workspaces/immich is the bind mount, but other directories can be mounted if runing
-# Devcontainer: Clone [repository|pull request] in container volumne
-WORKSPACES_DIR="/workspaces"
-IMMICH_DIR="$WORKSPACES_DIR/immich"
-IMMICH_DEVCONTAINER_LOG="$HOME/immich-devcontainer.log"
-
-log() {
-    # Display command on console, log with timestamp to file
-    echo "$*"
-    echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*" >>"$IMMICH_DEVCONTAINER_LOG"
-}
-
-run_cmd() {
-    # Ensure log directory exists
-    mkdir -p "$(dirname "$IMMICH_DEVCONTAINER_LOG")"
-
-    log "$@"
-
-    # Execute command: display normally on console, log with timestamps to file
-    "$@" 2>&1 | tee >(while IFS= read -r line; do
-        echo "[$(date '+%Y-%m-%d %H:%M:%S')] $line" >>"$IMMICH_DEVCONTAINER_LOG"
-    done)
-
-    # Preserve exit status
-    return "${PIPESTATUS[0]}"
-}
-
-# Find directories excluding /workspaces/immich
-mapfile -t other_dirs < <(find "$WORKSPACES_DIR" -mindepth 1 -maxdepth 1 -type d ! -path "$IMMICH_DIR" ! -name ".*")
-
-if [ ${#other_dirs[@]} -gt 1 ]; then
-    log "Error: More than one directory found in $WORKSPACES_DIR other than $IMMICH_DIR."
-    exit 1
-elif [ ${#other_dirs[@]} -eq 1 ]; then
-    export IMMICH_WORKSPACE="${other_dirs[0]}"
-else
-    export IMMICH_WORKSPACE="$IMMICH_DIR"
-fi
-
-log "Found immich workspace in $IMMICH_WORKSPACE"
-log ""
-
-fix_permissions() {
-
-    log "Fixing permissions for ${IMMICH_WORKSPACE}"
-
-    run_cmd sudo find "${IMMICH_WORKSPACE}/server/upload" -not -path "${IMMICH_WORKSPACE}/server/upload/postgres/*" -not -path "${IMMICH_WORKSPACE}/server/upload/postgres" -exec chown node {} +
-
-    # Change ownership for directories that exist
-    for dir in "${IMMICH_WORKSPACE}/.vscode" \
-        "${IMMICH_WORKSPACE}/cli/node_modules" \
-        "${IMMICH_WORKSPACE}/e2e/node_modules" \
-        "${IMMICH_WORKSPACE}/open-api/typescript-sdk/node_modules" \
-        "${IMMICH_WORKSPACE}/server/node_modules" \
-        "${IMMICH_WORKSPACE}/server/dist" \
-        "${IMMICH_WORKSPACE}/web/node_modules" \
-        "${IMMICH_WORKSPACE}/web/dist"; do
-        if [ -d "$dir" ]; then
-            run_cmd sudo chown node -R "$dir"
-        fi
-    done
-
-    log ""
-}
-
-install_dependencies() {
-
-    log "Installing dependencies"
-    (
-        cd "${IMMICH_WORKSPACE}" || exit 1
-        run_cmd make install-server
-        run_cmd make install-sdk
-        run_cmd make build-sdk
-        run_cmd make install-web
-    )
-    log ""
-}
--- a/.devcontainer/server/container-compose-overrides.yml
+++ b/.devcontainer/server/container-compose-overrides.yml
@@ -1,48 +0,0 @@
-services:
-  immich-server:
-    build:
-      target: dev-container-server
-    env_file: !reset []
-    environment:
-      - IMMICH_SERVER_URL=http://127.0.0.1:2283/
-    volumes: !override
-      - ..:/workspaces/immich
-      - cli_node_modules:/workspaces/immich/cli/node_modules
-      - e2e_node_modules:/workspaces/immich/e2e/node_modules
-      - open_api_node_modules:/workspaces/immich/open-api/typescript-sdk/node_modules
-      - server_node_modules:/workspaces/immich/server/node_modules
-      - web_node_modules:/workspaces/immich/web/node_modules
-      - ${UPLOAD_LOCATION:-upload1-devcontainer-volume}${UPLOAD_LOCATION:+/photos}:/workspaces/immich/server/upload
-      - ${UPLOAD_LOCATION:-upload2-devcontainer-volume}${UPLOAD_LOCATION:+/photos/upload}:/workspaces/immich/server/upload/upload
-      - /etc/localtime:/etc/localtime:ro
-
-  immich-web:
-    env_file: !reset []
-
-  immich-machine-learning:
-    env_file: !reset []
-    
-  database:
-    env_file: !reset []
-    environment: !override
-      POSTGRES_PASSWORD: ${DB_PASSWORD-postgres}
-      POSTGRES_USER: ${DB_USERNAME-postgres}
-      POSTGRES_DB: ${DB_DATABASE_NAME-immich}
-      POSTGRES_INITDB_ARGS: '--data-checksums'
-      POSTGRES_HOST_AUTH_METHOD: md5
-    volumes: 
-      - ${UPLOAD_LOCATION:-postgres-devcontainer-volume}${UPLOAD_LOCATION:+/postgres}:/var/lib/postgresql/data
-
-  redis:
-    env_file: !reset []
-
-volumes:
-  # Node modules for each service to avoid conflicts and ensure consistent dependencies
-  cli_node_modules:
-  e2e_node_modules:
-  open_api_node_modules:
-  server_node_modules:
-  web_node_modules:
-  upload1-devcontainer-volume:
-  upload2-devcontainer-volume:
-  postgres-devcontainer-volume:
--- a/.devcontainer/server/container-start-backend.sh
+++ b/.devcontainer/server/container-start-backend.sh
@@ -1,17 +0,0 @@
-#!/bin/bash
-# shellcheck source=common.sh
-# shellcheck disable=SC1091
-source /immich-devcontainer/container-common.sh
-
-log "Starting Nest API Server"
-log ""
-cd "${IMMICH_WORKSPACE}/server" || (
-    log "Immich workspace not found"
-    exit 1
-)
-
-while true; do
-    run_cmd node ./node_modules/.bin/nest start --debug "0.0.0.0:9230" --watch
-    log "Nest API Server crashed with exit code $?.  Respawning in 3s ..."
-    sleep 3
-done
--- a/.devcontainer/server/container-start-frontend.sh
+++ b/.devcontainer/server/container-start-frontend.sh
@@ -1,22 +0,0 @@
-#!/bin/bash
-# shellcheck source=common.sh
-# shellcheck disable=SC1091
-source /immich-devcontainer/container-common.sh
-
-log "Starting Immich Web Frontend"
-log ""
-cd "${IMMICH_WORKSPACE}/web" || (
-    log "Immich Workspace not found"
-    exit 1
-)
-
-until curl --output /dev/null --silent --head --fail "http://127.0.0.1:${IMMICH_PORT}/api/server/config"; do
-    log "Waiting for api server..."
-    sleep 1
-done
-
-while true; do
-    run_cmd node ./node_modules/.bin/vite dev --host 0.0.0.0 --port "${DEV_PORT}"
-    log "Web crashed with exit code $?.  Respawning in 3s ..."
-    sleep 3
-done
--- a/.devcontainer/server/container-start.sh
+++ b/.devcontainer/server/container-start.sh
@@ -1,20 +0,0 @@
-#!/bin/bash
-# shellcheck source=common.sh
-# shellcheck disable=SC1091
-source /immich-devcontainer/container-common.sh
-
-log "Setting up Immich dev container..."
-fix_permissions
-
-log "Installing npm dependencies (node_modules)..."
-install_dependencies
-
-log "Setup complete, please wait while backend and frontend services automatically start"
-log
-log "If necessary, the services may be manually started using"
-log
-log "$ /immich-devcontainer/container-start-backend.sh"
-log "$ /immich-devcontainer/container-start-frontend.sh"
-log
-log "From different terminal windows, as these scripts automatically restart the server"
-log "on error, and will continuously run in a loop"
--- a/.dockerignore
+++ b/.dockerignore
@@ -4,7 +4,6 @@

 design/
 docker/
-!docker/scripts
 docs/
 e2e/
 fastlane/
@@ -22,12 +21,11 @@ open-api/typescript-sdk/node_modules/
 server/coverage/
 server/node_modules/
 server/upload/
-server/src/queries
 server/dist/
 server/www/
+server/test/assets/

 web/node_modules/
 web/coverage/
 web/.svelte-kit
 web/build/
-web/.env
--- a/.gitattributes
+++ b/.gitattributes
@@ -2,16 +2,12 @@ mobile/openapi/**/*.md -diff -merge
 mobile/openapi/**/*.md linguist-generated=true
 mobile/openapi/**/*.dart -diff -merge
 mobile/openapi/**/*.dart linguist-generated=true
+mobile/openapi/.openapi-generator/FILES -diff -merge
+mobile/openapi/.openapi-generator/FILES linguist-generated=true

 mobile/lib/**/*.g.dart -diff -merge
 mobile/lib/**/*.g.dart linguist-generated=true

-mobile/lib/**/*.drift.dart -diff -merge
-mobile/lib/**/*.drift.dart linguist-generated=true
-
-mobile/drift_schemas/main/drift_schema_*.json -diff -merge
-mobile/drift_schemas/main/drift_schema_*.json linguist-generated=true
-
 open-api/typescript-sdk/fetch-client.ts -diff -merge
 open-api/typescript-sdk/fetch-client.ts linguist-generated=true

--- a/.github/.nvmrc
+++ b/.github/.nvmrc
@@ -1 +0,0 @@
-22.16.0
--- a/.github/DISCUSSION_TEMPLATE/feature-request.yaml
+++ b/.github/DISCUSSION_TEMPLATE/feature-request.yaml
@@ -1,19 +1,18 @@
-title: '[Feature] feature-name-goes-here'
-labels: ['feature']
+title: "[Feature] <feature-name-goes-here>"
+labels: ["feature"]

 body:
  - type: markdown
    attributes:
      value: |
-        Please use this form to request new feature for Immich.
-        Stick to only a single feature per request. If you list multiple different features at once, 
-        your request will be closed.
+        Please use this form to request new feature for Immich

  - type: checkboxes
    attributes:
-      label: I have searched the existing feature requests, both open and closed, to make sure this is not a duplicate request.
+      label: I have searched the existing feature requests to make sure this is not a duplicate request.
      options:
-        - label: 'Yes'
+        - label: "Yes"
+          required: true

  - type: textarea
    id: feature
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1 +1,5 @@
-custom: ['https://buy.immich.app', 'https://immich.store']
+# These are supported funding model platforms
+
+github: immich-app
+liberapay: alex.tran1502
+custom: https://www.buymeacoffee.com/altran1502
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -1,12 +1,6 @@
 name: Report an issue with Immich
 description: Report an issue with Immich
 body:
-  - type: checkboxes
-    attributes:
-      label: I have searched the existing issues, both open and closed, to make sure this is not a duplicate report.
-      options:
-        - label: 'Yes'
-
  - type: markdown
    attributes:
      value: |
@@ -83,12 +77,13 @@ body:
    id: repro
    attributes:
      label: Reproduction steps
-      description: 'How do you trigger this bug? Please walk us through it step by step.'
+      description: "How do you trigger this bug? Please walk us through it step by step."
      value: |
        1.
        2.
        3.
        ...
+      render: bash
    validations:
      required: true

@@ -96,8 +91,7 @@ body:
    id: logs
    attributes:
      label: Relevant log output
-      description:
-        Please copy and paste any relevant logs below. (code formatting is
+      description: Please copy and paste any relevant logs below. (code formatting is
        enabled, no need for backticks)
      render: shell
    validations:
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,14 +1,11 @@
 blank_issues_enabled: false
 contact_links:
-  - name: ✋ I have a question or need support
-    url: https://discord.immich.app
+  - name: I have a question or need support
+    url: https://discord.gg/D8JsnBEuKb
    about: We use GitHub for tracking bugs, please check out our Discord channel for freaky fast support.
-  - name: 📷 My photo or video has a date, time, or timezone problem
-    url: https://github.com/immich-app/immich/discussions/12650
-    about: Upload a sample file to this discussion and we will take a look
-  - name: 🌟 Feature request
+  - name: Feature Request
    url: https://github.com/immich-app/immich/discussions/new?category=feature-request
    about: Please use our GitHub Discussion for making feature requests.
-  - name: 🫣 I'm unsure where to go
-    url: https://discord.immich.app
+  - name: I'm unsure where to go
+    url: https://discord.gg/D8JsnBEuKb
    about: If you are unsure where to go, then joining our Discord is recommended; Just ask!
--- a/.github/PULL_REQUEST_TEMPLATE/config.yml
+++ b/.github/PULL_REQUEST_TEMPLATE/config.yml
@@ -1 +1,2 @@
+blank_issues_enabled: false
 blank_pull_request_template_enabled: false
--- a/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md
+++ b/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md
@@ -0,0 +1,22 @@
+## Description
+<!--- Describe your changes in detail -->
+<!--- Why is this change required? What problem does it solve? -->
+<!--- If it fixes an open issue, please link to the issue here. -->
+
+Fixes # (issue)
+
+
+## How Has This Been Tested?
+
+<!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration -->
+
+- [ ] Test A
+- [ ] Test B
+
+## Screenshots (if appropriate):
+
+
+## Checklist:
+
+- [ ] I have performed a self-review of my own code
+- [ ] I have made corresponding changes to the documentation if applicable
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,7 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -1,38 +0,0 @@
-cli:
-  - changed-files:
-      - any-glob-to-any-file:
-          - cli/src/**
-
-documentation:
-  - changed-files:
-      - any-glob-to-any-file:
-          - docs/blob/**
-          - docs/docs/**
-          - docs/src/**
-          - docs/static/**
-
-🖥️web:
-  - changed-files:
-      - any-glob-to-any-file:
-          - web/src/**
-          - web/static/**
-
-📱mobile:
-  - changed-files:
-      - any-glob-to-any-file:
-          - mobile/lib/**
-          - mobile/test/**
-
-🗄️server:
-  - changed-files:
-      - any-glob-to-any-file:
-          - server/src/**
-          - server/test/**
-
-🧠machine-learning:
-  - changed-files:
-      - any-glob-to-any-file:
-          - machine-learning/app/**
-
-changelog:translation:
-  - head-branch: ['^chore/translations$']
--- a/.github/package-lock.json
+++ b/.github/package-lock.json
@@ -1,28 +0,0 @@
-{
-  "name": ".github",
-  "lockfileVersion": 3,
-  "requires": true,
-  "packages": {
-    "": {
-      "devDependencies": {
-        "prettier": "^3.5.3"
-      }
-    },
-    "node_modules/prettier": {
-      "version": "3.5.3",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.5.3.tgz",
-      "integrity": "sha512-QQtaxnoDJeAkDvDKWCLiwIXkTgRhwYDEQCghU9Z6q03iyek/rxRh/2lC3HB7P8sWT2xC/y5JDctPLBIGzHKbhw==",
-      "dev": true,
-      "license": "MIT",
-      "bin": {
-        "prettier": "bin/prettier.cjs"
-      },
-      "engines": {
-        "node": ">=14"
-      },
-      "funding": {
-        "url": "https://github.com/prettier/prettier?sponsor=1"
-      }
-    }
-  }
-}
--- a/.github/package.json
+++ b/.github/package.json
@@ -1,9 +0,0 @@
-{
-  "scripts": {
-    "format": "prettier --check .",
-    "format:fix": "prettier --write ."
-  },
-  "devDependencies": {
-    "prettier": "^3.5.3"
-  }
-}
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,36 +0,0 @@
-## Description
-
-<!--- Describe your changes in detail -->
-<!--- Why is this change required? What problem does it solve? -->
-<!--- If it fixes an open issue, please link to the issue here. -->
-
-Fixes # (issue)
-
-## How Has This Been Tested?
-
-<!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration -->
-
- [ ] Test A
- [ ] Test B
-
-<details><summary><h2>Screenshots (if appropriate)</h2></summary>
-
-<!-- Images go below this line. -->
-
-</details>
-
-<!-- API endpoint changes (if relevant)
-## API Changes
-The `/api/something` endpoint is now `/api/something-else`
-->
-
-## Checklist:
-
- [ ] I have performed a self-review of my own code
- [ ] I have made corresponding changes to the documentation if applicable
- [ ] I have no unrelated changes in the PR.
- [ ] I have confirmed that any new dependencies are strictly necessary.
- [ ] I have written tests for new code (if applicable)
- [ ] I have followed naming conventions/patterns in the surrounding code
- [ ] All code in `src/services/` uses repositories implementations for database calls, filesystem operations, etc.
- [ ] All code in `src/repositories/` is pretty basic/simple and does not have any immich specific logic (that belongs in `src/services/`)
--- a/.github/release.yml
+++ b/.github/release.yml
@@ -1,33 +1,41 @@
 changelog:
  categories:
-    - title: 🚨 Breaking Changes
+    - title: ⚠️ Breaking Changes
      labels:
-        - changelog:breaking-change
+        - breaking-change

-    - title: 🫥 Deprecated Changes
+    - title: 🗄️ Server
      labels:
-        - changelog:deprecated
+        - 🗄️server

-    - title: 🔒 Security
+    - title: 📱 Mobile
      labels:
-        - changelog:security
+        - 📱mobile

-    - title: 🚀 Features
+    - title: 🖥️ Web
      labels:
-        - changelog:feature
+        - 🖥️web

-    - title: 🌟 Enhancements
+    - title: 🧠 Machine Learning
      labels:
-        - changelog:enhancement
+        - 🧠machine-learning

-    - title: 🐛 Bug fixes
+    - title: ⚡ CLI
      labels:
-        - changelog:bugfix
+        - cli

-    - title: 📚 Documentation
+    - title: 📓 Documentation
      labels:
-        - changelog:documentation
+        - documentation

-    - title: 🌐 Translations
+    - title: 🔨 Maintenance
      labels:
-        - changelog:translation
+        - deployment
+        - dependencies
+        - renovate
+        - maintenance
+        - tech-debt
+
+    - title: Other changes
+      labels:
+        - "*"
--- a/.github/workflows/build-mobile.yml
+++ b/.github/workflows/build-mobile.yml
@@ -7,15 +7,6 @@ on:
      ref:
        required: false
        type: string
-    secrets:
-      KEY_JKS:
-        required: true
-      ALIAS:
-        required: true
-      ANDROID_KEY_PASSWORD:
-        required: true
-      ANDROID_STORE_PASSWORD:
-        required: true
  pull_request:
  push:
    branches: [main]
@@ -24,59 +15,37 @@ concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

-permissions: {}
-
 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        with:
-          filters: |
-            mobile:
-              - 'mobile/**'
-            workflow:
-              - '.github/workflows/build-mobile.yml'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_call' || github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
-
  build-sign-android:
    name: Build and sign Android
-    needs: pre-job
-    permissions:
-      contents: read
    # Skip when PR from a fork
-    if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' && needs.pre-job.outputs.should_run == 'true' }}
+    if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }}
    runs-on: macos-14

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          ref: ${{ inputs.ref || github.sha }}
-          persist-credentials: false
+      - name: Determine ref
+        id: get-ref
+        run: |
+          input_ref="${{ inputs.ref }}"
+          github_ref="${{ github.sha }}"
+          ref="${input_ref:-$github_ref}"
+          echo "ref=$ref" >> $GITHUB_OUTPUT

-      - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ steps.get-ref.outputs.ref }}
+
+      - uses: actions/setup-java@v4
        with:
          distribution: 'zulu'
          java-version: '17'
          cache: 'gradle'

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@e938fdf56512cc96ef2f93601a5a40bde3801046 # v2.19.0
+        uses: subosito/flutter-action@v2
        with:
          channel: 'stable'
-          flutter-version-file: ./mobile/pubspec.yaml
+          flutter-version: '3.19.3'
          cache: true

      - name: Create the Keystore
@@ -89,14 +58,6 @@ jobs:
        working-directory: ./mobile
        run: flutter pub get

-      - name: Generate translation file
-        run: make translation
-        working-directory: ./mobile
-
-      - name: Generate platform APIs
-        run: make pigeon
-        working-directory: ./mobile
-
      - name: Build Android App Bundle
        working-directory: ./mobile
        env:
@@ -108,7 +69,7 @@ jobs:
          flutter build apk --release --split-per-abi --target-platform android-arm,android-arm64,android-x64

      - name: Publish Android Artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@v4
        with:
          name: release-apk-signed
          path: mobile/build/app/outputs/flutter-apk/*.apk
--- a/.github/workflows/cache-cleanup.yml
+++ b/.github/workflows/cache-cleanup.yml
@@ -8,38 +8,31 @@ concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

-permissions: {}
-
 jobs:
  cleanup:
    name: Cleanup
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      actions: write
    steps:
      - name: Check out code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v4

      - name: Cleanup
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          REF: ${{ github.ref }}
        run: |
          gh extension install actions/gh-actions-cache

          REPO=${{ github.repository }}
+          BRANCH=${{ github.ref }}

          echo "Fetching list of cache keys"
-          cacheKeysForPR=$(gh actions-cache list -R $REPO -B ${REF} -L 100 | cut -f 1 )
+          cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH -L 100 | cut -f 1 )

          ## Setting this to not fail the workflow while deleting cache keys.
          set +e
          echo "Deleting caches..."
          for cacheKey in $cacheKeysForPR
          do
-              gh actions-cache delete $cacheKey -R "$REPO" -B "${REF}" --confirm
+              gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm
          done
          echo "Done"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/cli.yml
+++ b/.github/workflows/cli.yml
@@ -1,43 +1,39 @@
 name: CLI Build
 on:
+  workflow_dispatch:
  push:
    branches: [main]
    paths:
-      - 'cli/**'
-      - '.github/workflows/cli.yml'
+      - "cli/**"
+      - ".github/workflows/cli.yml"
  pull_request:
+    branches: [main]
    paths:
-      - 'cli/**'
-      - '.github/workflows/cli.yml'
-  release:
-    types: [published]
+      - "cli/**"
+      - ".github/workflows/cli.yml"

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

-permissions: {}
+permissions:
+  packages: write

 jobs:
  publish:
-    name: CLI Publish
+    name: Publish
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    defaults:
      run:
        working-directory: ./cli

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
+      - uses: actions/checkout@v4
      # Setup .npmrc file to publish to npm
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      - uses: actions/setup-node@v4
        with:
-          node-version-file: './cli/.nvmrc'
-          registry-url: 'https://registry.npmjs.org'
+          node-version: "20.x"
+          registry-url: "https://registry.npmjs.org"
      - name: Prepare SDK
        run: npm ci --prefix ../open-api/typescript-sdk/
      - name: Build SDK
@@ -45,32 +41,27 @@ jobs:
      - run: npm ci
      - run: npm run build
      - run: npm publish
-        if: ${{ github.event_name == 'release' }}
+        if: ${{ github.event_name == 'workflow_dispatch' }}
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

  docker:
    name: Docker
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
    needs: publish

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v4

      - name: Set up QEMU
-        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
+        uses: docker/setup-qemu-action@v3.0.0

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@v3.3.0

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        uses: docker/login-action@v3
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          registry: ghcr.io
@@ -85,22 +76,22 @@ jobs:

      - name: Generate docker image tags
        id: metadata
-        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
+        uses: docker/metadata-action@v5
        with:
          flavor: |
            latest=false
          images: |
            name=ghcr.io/${{ github.repository_owner }}/immich-cli
          tags: |
-            type=raw,value=${{ steps.package-version.outputs.version }},enable=${{ github.event_name == 'release' }}
-            type=raw,value=latest,enable=${{ github.event_name == 'release' }}
+            type=raw,value=${{ steps.package-version.outputs.version }},enable=${{ github.event_name == 'workflow_dispatch' }}
+            type=raw,value=latest,enable=${{ github.event_name == 'workflow_dispatch' }}

      - name: Build and push image
-        uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6.17.0
+        uses: docker/build-push-action@v5.3.0
        with:
          file: cli/Dockerfile
          platforms: linux/amd64,linux/arm64
-          push: ${{ github.event_name == 'release' }}
+          push: ${{ github.event_name == 'workflow_dispatch' }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
          tags: ${{ steps.metadata.outputs.tags }}
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -9,14 +9,14 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: 'CodeQL'
+name: "CodeQL"

 on:
  push:
-    branches: ['main']
+    branches: [ "main" ]
  pull_request:
    # The branches below must be a subset of the branches above
-    branches: ['main']
+    branches: [ "main" ]
  schedule:
    - cron: '20 13 * * 1'

@@ -24,8 +24,6 @@ concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

-permissions: {}
-
 jobs:
  analyze:
    name: Analyze
@@ -44,13 +42,11 @@ jobs:

    steps:
    - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+      uses: actions/checkout@v4

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-        uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+      uses: github/codeql-action/init@v3
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,10 +56,11 @@ jobs:
        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
        # queries: security-extended,security-and-quality

+
    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
    # If this step fails, then you should remove it and run the build manually (see below)
    - name: Autobuild
-        uses: github/codeql-action/autobuild@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+      uses: github/codeql-action/autobuild@v3

    # ℹ️ Command-line programs to run using the OS shell.
    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -76,6 +73,6 @@ jobs:
    #   ./location_of_script_within_repo/buildscript.sh

    - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+      uses: github/codeql-action/analyze@v3
      with:
-          category: '/language:${{matrix.language}}'
+        category: "/language:${{matrix.language}}"
--- a/.github/workflows/docker-cleanup.yml
+++ b/.github/workflows/docker-cleanup.yml
@@ -0,0 +1,73 @@
+# This workflow runs on certain conditions to check for and potentially
+# delete container images from the GHCR which no longer have an associated
+# code branch.
+# Requires a PAT with the correct scope set in the secrets.
+#
+# This workflow will not trigger runs on forked repos.
+
+name: Docker Cleanup
+
+on:
+  pull_request:
+    types:
+      - "closed"
+  push:
+    paths:
+      - ".github/workflows/docker-cleanup.yml"
+
+concurrency:
+  group: registry-tags-cleanup
+  cancel-in-progress: false
+
+jobs:
+  cleanup-images:
+    name: Cleanup Stale Images Tags for ${{ matrix.primary-name }}
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - primary-name: "immich-server"
+          - primary-name: "immich-machine-learning"
+    env:
+      # Requires a personal access token with the OAuth scope delete:packages
+      TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
+    steps:
+      - name: Clean temporary images
+        if: "${{ env.TOKEN != '' }}"
+        uses: stumpylog/image-cleaner-action/ephemeral@v0.6.0
+        with:
+          token: "${{ env.TOKEN }}"
+          owner: "immich-app"
+          is_org: "true"
+          do_delete: "true"
+          package_name: "${{ matrix.primary-name }}"
+          scheme: "pull_request"
+          repo_name: "immich"
+          match_regex: '^pr-(\d+)$|^(\d+)$'
+
+  cleanup-untagged-images:
+    name: Cleanup Untagged Images Tags for ${{ matrix.primary-name }}
+    runs-on: ubuntu-22.04
+    needs:
+      - cleanup-images
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - primary-name: "immich-server"
+          - primary-name: "immich-machine-learning"
+          - primary-name: "immich-build-cache"
+    env:
+      # Requires a personal access token with the OAuth scope delete:packages
+      TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
+    steps:
+      - name: Clean untagged images
+        if: "${{ env.TOKEN != '' }}"
+        uses: stumpylog/image-cleaner-action/untagged@v0.6.0
+        with:
+          token: "${{ env.TOKEN }}"
+          owner: "immich-app"
+          do_delete: "true"
+          is_org: "true"
+          package_name: "${{ matrix.primary-name }}"
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -5,6 +5,7 @@ on:
  push:
    branches: [main]
  pull_request:
+    branches: [main]
  release:
    types: [published]

@@ -12,182 +13,118 @@ concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

-permissions: {}
+permissions:
+  packages: write

 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    outputs:
-      should_run_server: ${{ steps.found_paths.outputs.server == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_ml: ${{ steps.found_paths.outputs.machine-learning == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        with:
-          filters: |
-            server:
-              - 'server/**'
-              - 'openapi/**'
-              - 'web/**'
-              - 'i18n/**'
-            machine-learning:
-              - 'machine-learning/**'
-            workflow:
-              - '.github/workflows/docker.yml'
-              - '.github/workflows/multi-runner-build.yml'
-              - '.github/actions/image-build'
-
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
-
-  retag_ml:
-    name: Re-Tag ML
-    needs: pre-job
-    permissions:
-      contents: read
-      packages: write
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'false' && !github.event.pull_request.head.repo.fork }}
+  build_and_push:
+    name: Build and Push
    runs-on: ubuntu-latest
    strategy:
-      matrix:
-        suffix: ['', '-cuda', '-rocm', '-openvino', '-armnn', '-rknn']
-    steps:
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Re-tag image
-        env:
-          REGISTRY_NAME: 'ghcr.io'
-          REPOSITORY: ${{ github.repository_owner }}/immich-machine-learning
-          TAG_OLD: main${{ matrix.suffix }}
-          TAG_PR: ${{ github.event.number == 0 && github.ref_name || format('pr-{0}', github.event.number) }}${{ matrix.suffix }}
-          TAG_COMMIT: commit-${{ github.event_name != 'pull_request' && github.sha || github.event.pull_request.head.sha }}${{ matrix.suffix }}
-        run: |
-          docker buildx imagetools create -t "${REGISTRY_NAME}/${REPOSITORY}:${TAG_PR}" "${REGISTRY_NAME}/${REPOSITORY}:${TAG_OLD}"
-          docker buildx imagetools create -t "${REGISTRY_NAME}/${REPOSITORY}:${TAG_COMMIT}" "${REGISTRY_NAME}/${REPOSITORY}:${TAG_OLD}"
-
-  retag_server:
-    name: Re-Tag Server
-    needs: pre-job
-    permissions:
-      contents: read
-      packages: write
-    if: ${{ needs.pre-job.outputs.should_run_server == 'false' && !github.event.pull_request.head.repo.fork }}
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        suffix: ['']
-    steps:
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Re-tag image
-        env:
-          REGISTRY_NAME: 'ghcr.io'
-          REPOSITORY: ${{ github.repository_owner }}/immich-server
-          TAG_OLD: main${{ matrix.suffix }}
-          TAG_PR: ${{ github.event.number == 0 && github.ref_name || format('pr-{0}', github.event.number) }}${{ matrix.suffix }}
-          TAG_COMMIT: commit-${{ github.event_name != 'pull_request' && github.sha || github.event.pull_request.head.sha }}${{ matrix.suffix }}
-        run: |
-          docker buildx imagetools create -t "${REGISTRY_NAME}/${REPOSITORY}:${TAG_PR}" "${REGISTRY_NAME}/${REPOSITORY}:${TAG_OLD}"
-          docker buildx imagetools create -t "${REGISTRY_NAME}/${REPOSITORY}:${TAG_COMMIT}" "${REGISTRY_NAME}/${REPOSITORY}:${TAG_OLD}"
-
-  machine-learning:
-    name: Build and Push ML
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'true' }}
-    strategy:
+      # Prevent a failure in one image from stopping the other builds
      fail-fast: false
      matrix:
        include:
-          - device: cpu
-            tag-suffix: ''
-          - device: cuda
-            tag-suffix: '-cuda'
-            platforms: linux/amd64
-          - device: openvino
-            tag-suffix: '-openvino'
-            platforms: linux/amd64
-          - device: armnn
-            tag-suffix: '-armnn'
-            platforms: linux/arm64
-          - device: rknn
-            tag-suffix: '-rknn'
-            platforms: linux/arm64
-          - device: rocm
-            tag-suffix: '-rocm'
-            platforms: linux/amd64
-            runner-mapping: '{"linux/amd64": "mich"}'
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@094bfb927b8cd75b343abaac27b3241be0fccfe9 # multi-runner-build-workflow-0.1.0
-    permissions:
-      contents: read
-      actions: read
-      packages: write
-    secrets:
-      DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-      DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
-    with:
-      image: immich-machine-learning
+          - image: immich-machine-learning
            context: machine-learning
-      dockerfile: machine-learning/Dockerfile
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64,linux/arm64
+            device: cpu
+
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64
+            device: cuda
+            suffix: -cuda
+
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64
+            device: openvino
+            suffix: -openvino
+
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/arm64
+            device: armnn
+            suffix: -armnn
+
+          - image: immich-server
+            context: .
+            file: server/Dockerfile
+            platforms: linux/amd64,linux/arm64
+            device: cpu
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3.0.0
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3.3.0
+
+      - name: Login to Docker Hub
+        # Only push to Docker Hub when making a release
+        if: ${{ github.event_name == 'release' }}
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        # Skip when PR from a fork
+        if: ${{ !github.event.pull_request.head.repo.fork }}
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Generate docker image tags
+        id: metadata
+        uses: docker/metadata-action@v5
+        with:
+          flavor: |
+            # Disable latest tag
+            latest=false
+          images: |
+            name=ghcr.io/${{ github.repository_owner }}/${{matrix.image}}
+            name=altran1502/${{matrix.image}},enable=${{ github.event_name == 'release' }}
+          tags: |
+            # Tag with branch name
+            type=ref,event=branch,suffix=${{ matrix.suffix }}
+            # Tag with pr-number
+            type=ref,event=pr,suffix=${{ matrix.suffix }}
+            # Tag with git tag on release
+            type=ref,event=tag,suffix=${{ matrix.suffix }}
+            type=raw,value=release,enable=${{ github.event_name == 'release' }},suffix=${{ matrix.suffix }}
+
+      - name: Determine build cache output
+        id: cache-target
+        run: |
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+            # Essentially just ignore the cache output (PR can't write to registry cache)
+            echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
+          else
+            echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ matrix.image }}" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Build and push image
+        uses: docker/build-push-action@v5.3.0
+        with:
+          context: ${{ matrix.context }}
+          file: ${{ matrix.file }}
          platforms: ${{ matrix.platforms }}
-      runner-mapping: ${{ matrix.runner-mapping }}
-      tag-suffix: ${{ matrix.tag-suffix }}
-      dockerhub-push: ${{ github.event_name == 'release' }}
+          # Skip pushing when PR from a fork
+          push: ${{ !github.event.pull_request.head.repo.fork }}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{matrix.image}}
+          cache-to: ${{ steps.cache-target.outputs.cache-to }}
          build-args: |
            DEVICE=${{ matrix.device }}
-
-  server:
-    name: Build and Push Server
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@094bfb927b8cd75b343abaac27b3241be0fccfe9 # multi-runner-build-workflow-0.1.0
-    permissions:
-      contents: read
-      actions: read
-      packages: write
-    secrets:
-      DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-      DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
-    with:
-      image: immich-server
-      context: .
-      dockerfile: server/Dockerfile
-      dockerhub-push: ${{ github.event_name == 'release' }}
-      build-args: |
-        DEVICE=cpu
-
-  success-check-server:
-    name: Docker Build & Push Server Success
-    needs: [server, retag_server]
-    permissions: {}
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - uses: immich-app/devtools/actions/success-check@6b81b1572e466f7f48ba3c823159ce3f4a4d66a6 # success-check-action-0.0.3
-        with:
-          needs: ${{ toJSON(needs) }}
-
-  success-check-ml:
-    name: Docker Build & Push ML Success
-    needs: [machine-learning, retag_ml]
-    permissions: {}
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - uses: immich-app/devtools/actions/success-check@6b81b1572e466f7f48ba3c823159ce3f4a4d66a6 # success-check-action-0.0.3
-        with:
-          needs: ${{ toJSON(needs) }}
+          tags: ${{ steps.metadata.outputs.tags }}
+          labels: ${{ steps.metadata.outputs.labels }}
--- a/.github/workflows/docs-build.yml
+++ b/.github/workflows/docs-build.yml
@@ -1,76 +0,0 @@
-name: Docs build
-on:
-  push:
-    branches: [main]
-  pull_request:
-  release:
-    types: [published]
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-permissions: {}
-
-jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.docs == 'true' ||  steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        with:
-          filters: |
-            docs:
-              - 'docs/**'
-            workflow:
-              - '.github/workflows/docs-build.yml'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'release' || github.ref_name == 'main' }}" >> "$GITHUB_OUTPUT"
-
-  build:
-    name: Docs Build
-    needs: pre-job
-    permissions:
-      contents: read
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}
-    runs-on: ubuntu-latest
-    defaults:
-      run:
-        working-directory: ./docs
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './docs/.nvmrc'
-
-      - name: Run npm install
-        run: npm ci
-
-      - name: Check formatting
-        run: npm run format
-
-      - name: Run build
-        run: npm run build
-
-      - name: Upload build output
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
-        with:
-          name: docs-build-output
-          path: docs/build/
-          include-hidden-files: true
-          retention-days: 1
--- a/.github/workflows/docs-deploy.yml
+++ b/.github/workflows/docs-deploy.yml
@@ -1,217 +0,0 @@
-name: Docs deploy
-on:
-  workflow_run: # zizmor: ignore[dangerous-triggers] no attacker inputs are used here
-    workflows: ['Docs build']
-    types:
-      - completed
-
-jobs:
-  checks:
-    name: Docs Deploy Checks
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      pull-requests: read
-    outputs:
-      parameters: ${{ steps.parameters.outputs.result }}
-      artifact: ${{ steps.get-artifact.outputs.result }}
-    steps:
-      - if: ${{ github.event.workflow_run.conclusion != 'success' }}
-        run: echo 'The triggering workflow did not succeed' && exit 1
-      - name: Get artifact
-        id: get-artifact
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          script: |
-            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               run_id: context.payload.workflow_run.id,
-            });
-            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
-              return artifact.name == "docs-build-output"
-            })[0];
-            if (!matchArtifact) {
-              console.log("No artifact found with the name docs-build-output, build job was skipped")
-              return { found: false };
-            }
-            return { found: true, id: matchArtifact.id };
-      - name: Determine deploy parameters
-        id: parameters
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        env:
-          HEAD_SHA: ${{ github.event.workflow_run.head_sha }}
-        with:
-          script: |
-            const eventType = context.payload.workflow_run.event;
-            const isFork = context.payload.workflow_run.repository.fork;
-
-            let parameters;
-
-            console.log({eventType, isFork});
-
-            if (eventType == "push") {
-              const branch = context.payload.workflow_run.head_branch;
-              console.log({branch});
-              const shouldDeploy = !isFork && branch == "main";
-              parameters = {
-                event: "branch",
-                name: "main",
-                shouldDeploy
-              };
-            } else if (eventType == "pull_request") {
-              let pull_number = context.payload.workflow_run.pull_requests[0]?.number;
-              if(!pull_number) {
-                const {HEAD_SHA} = process.env;
-                const response = await github.rest.search.issuesAndPullRequests({q: `repo:${{ github.repository }} is:pr sha:${HEAD_SHA}`,per_page: 1,})
-                const items = response.data.items
-                if (items.length < 1) {
-                  throw new Error("No pull request found for the commit")
-                }
-                const pullRequestNumber = items[0].number
-                console.info("Pull request number is", pullRequestNumber)
-                pull_number = pullRequestNumber
-              }
-              const {data: pr} = await github.rest.pulls.get({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                pull_number
-              });
-
-              console.log({pull_number});
-
-              parameters = {
-                event: "pr",
-                name: `pr-${pull_number}`,
-                pr_number: pull_number,
-                shouldDeploy: true
-              };
-            } else if (eventType == "release") {
-              parameters = {
-                event: "release",
-                name: context.payload.workflow_run.head_branch,
-                shouldDeploy: !isFork
-              };
-            }
-
-            console.log(parameters);
-            return parameters;
-
-  deploy:
-    name: Docs Deploy
-    runs-on: ubuntu-latest
-    needs: checks
-    permissions:
-      contents: read
-      actions: read
-      pull-requests: write
-    if: ${{ fromJson(needs.checks.outputs.artifact).found && fromJson(needs.checks.outputs.parameters).shouldDeploy }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Load parameters
-        id: parameters
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        env:
-          PARAM_JSON: ${{ needs.checks.outputs.parameters }}
-        with:
-          script: |
-            const parameters = JSON.parse(process.env.PARAM_JSON);
-            core.setOutput("event", parameters.event);
-            core.setOutput("name", parameters.name);
-            core.setOutput("shouldDeploy", parameters.shouldDeploy);
-
-      - name: Download artifact
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        env:
-          ARTIFACT_JSON: ${{ needs.checks.outputs.artifact }}
-        with:
-          script: |
-            let artifact = JSON.parse(process.env.ARTIFACT_JSON);
-            let download = await github.rest.actions.downloadArtifact({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               artifact_id: artifact.id,
-               archive_format: 'zip',
-            });
-            let fs = require('fs');
-            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/docs-build-output.zip`, Buffer.from(download.data));
-
-      - name: Unzip artifact
-        run: unzip "${{ github.workspace }}/docs-build-output.zip" -d "${{ github.workspace }}/docs/build"
-
-      - name: Deploy Docs Subdomain
-        env:
-          TF_VAR_prefix_name: ${{ steps.parameters.outputs.name}}
-          TF_VAR_prefix_event_type: ${{ steps.parameters.outputs.event }}
-          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
-        uses: gruntwork-io/terragrunt-action@aee21a7df999be8b471c2a8564c6cd853cb674e1 # v2.1.8
-        with:
-          tg_version: '0.58.12'
-          tofu_version: '1.7.1'
-          tg_dir: 'deployment/modules/cloudflare/docs'
-          tg_command: 'apply'
-
-      - name: Deploy Docs Subdomain Output
-        id: docs-output
-        env:
-          TF_VAR_prefix_name: ${{ steps.parameters.outputs.name}}
-          TF_VAR_prefix_event_type: ${{ steps.parameters.outputs.event }}
-          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
-        uses: gruntwork-io/terragrunt-action@aee21a7df999be8b471c2a8564c6cd853cb674e1 # v2.1.8
-        with:
-          tg_version: '0.58.12'
-          tofu_version: '1.7.1'
-          tg_dir: 'deployment/modules/cloudflare/docs'
-          tg_command: 'output -json'
-
-      - name: Output Cleaning
-        id: clean
-        env:
-          TG_OUTPUT: ${{ steps.docs-output.outputs.tg_action_output }}
-        run: |
-          CLEANED=$(echo "$TG_OUTPUT" | sed 's|%0A|\n|g ; s|%3C|<|g' | jq -c .)
-          echo "output=$CLEANED" >> $GITHUB_OUTPUT
-
-      - name: Publish to Cloudflare Pages
-        # TODO: Action is deprecated
-        uses: cloudflare/pages-action@f0a1cd58cd66095dee69bfa18fa5efd1dde93bca # v1.5.0
-        with:
-          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN_PAGES_UPLOAD }}
-          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          projectName: ${{ fromJson(steps.clean.outputs.output).pages_project_name.value }}
-          workingDirectory: 'docs'
-          directory: 'build'
-          branch: ${{ steps.parameters.outputs.name }}
-          wranglerVersion: '3'
-
-      - name: Deploy Docs Release Domain
-        if: ${{ steps.parameters.outputs.event == 'release' }}
-        env:
-          TF_VAR_prefix_name: ${{ steps.parameters.outputs.name}}
-          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
-        uses: gruntwork-io/terragrunt-action@aee21a7df999be8b471c2a8564c6cd853cb674e1 # v2.1.8
-        with:
-          tg_version: '0.58.12'
-          tofu_version: '1.7.1'
-          tg_dir: 'deployment/modules/cloudflare/docs-release'
-          tg_command: 'apply'
-
-      - name: Comment
-        uses: actions-cool/maintain-one-comment@4b2dbf086015f892dcb5e8c1106f5fccd6c1476b # v3.2.0
-        if: ${{ steps.parameters.outputs.event == 'pr' }}
-        with:
-          number: ${{ fromJson(needs.checks.outputs.parameters).pr_number }}
-          body: |
-            📖 Documentation deployed to [${{ fromJson(steps.clean.outputs.output).immich_app_branch_subdomain.value }}](https://${{ fromJson(steps.clean.outputs.output).immich_app_branch_subdomain.value }})
-          emojis: 'rocket'
-          body-include: '<!-- Docs PR URL -->'
--- a/.github/workflows/docs-destroy.yml
+++ b/.github/workflows/docs-destroy.yml
@@ -1,40 +0,0 @@
-name: Docs destroy
-on:
-  pull_request_target: # zizmor: ignore[dangerous-triggers] no attacker inputs are used here
-    types: [closed]
-
-permissions: {}
-
-jobs:
-  deploy:
-    name: Docs Destroy
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Destroy Docs Subdomain
-        env:
-          TF_VAR_prefix_name: 'pr-${{ github.event.number }}'
-          TF_VAR_prefix_event_type: 'pr'
-          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
-        uses: gruntwork-io/terragrunt-action@aee21a7df999be8b471c2a8564c6cd853cb674e1 # v2.1.8
-        with:
-          tg_version: '0.58.12'
-          tofu_version: '1.7.1'
-          tg_dir: 'deployment/modules/cloudflare/docs'
-          tg_command: 'destroy -refresh=false'
-
-      - name: Comment
-        uses: actions-cool/maintain-one-comment@4b2dbf086015f892dcb5e8c1106f5fccd6c1476b # v3.2.0
-        with:
-          number: ${{ github.event.number }}
-          delete: true
-          body-include: '<!-- Docs PR URL -->'
--- a/.github/workflows/fix-format.yml
+++ b/.github/workflows/fix-format.yml
@@ -1,55 +0,0 @@
-name: Fix formatting
-
-on:
-  pull_request:
-    types: [labeled]
-
-permissions: {}
-
-jobs:
-  fix-formatting:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.label.name == 'fix:formatting' }}
-    permissions:
-      contents: write
-      pull-requests: write
-    steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
-      - name: 'Checkout'
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          ref: ${{ github.event.pull_request.head.ref }}
-          token: ${{ steps.generate-token.outputs.token }}
-          persist-credentials: true
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './server/.nvmrc'
-
-      - name: Fix formatting
-        run: make install-all && make format-all
-
-      - name: Commit and push
-        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
-        with:
-          default_author: github_actions
-          message: 'chore: fix formatting'
-
-      - name: Remove label
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        if: always()
-        with:
-          script: |
-            github.rest.issues.removeLabel({
-              issue_number: context.payload.pull_request.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              name: 'fix:formatting'
-            })
--- a/.github/workflows/pr-label-validation.yml
+++ b/.github/workflows/pr-label-validation.yml
@@ -1,24 +0,0 @@
-name: PR Label Validation
-
-on:
-  pull_request_target: # zizmor: ignore[dangerous-triggers] no attacker inputs are used here
-    types: [opened, labeled, unlabeled, synchronize]
-
-permissions: {}
-
-jobs:
-  validate-release-label:
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-      pull-requests: write
-    steps:
-      - name: Require PR to have a changelog label
-        uses: mheap/github-action-required-labels@fb29a14a076b0f74099f6198f77750e8fc236016 # v5.5.0
-        with:
-          mode: exactly
-          count: 1
-          use_regex: true
-          labels: 'changelog:.*'
-          add_comment: true
-          message: 'Label error. Requires {{errorString}} {{count}} of: {{ provided }}. Found: {{ applied }}. A maintainer will add the required label.'
--- a/.github/workflows/pr-labeler.yml
+++ b/.github/workflows/pr-labeler.yml
@@ -1,14 +0,0 @@
-name: 'Pull Request Labeler'
-on:
-  - pull_request_target # zizmor: ignore[dangerous-triggers] no attacker inputs are used here
-
-permissions: {}
-
-jobs:
-  labeler:
-    permissions:
-      contents: read
-      pull-requests: write
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0
--- a/.github/workflows/pr-require-conventional-commit.yml
+++ b/.github/workflows/pr-require-conventional-commit.yml
@@ -1,19 +0,0 @@
-name: PR Conventional Commit Validation
-
-on:
-  pull_request:
-    types: [opened, synchronize, reopened, edited]
-
-permissions: {}
-
-jobs:
-  validate-pr-title:
-    runs-on: ubuntu-latest
-    permissions:
-      pull-requests: write
-    steps:
-      - name: PR Conventional Commit Validation
-        uses: ytanikin/PRConventionalCommits@b628c5a234cc32513014b7bfdd1e47b532124d98 # 1.3.0
-        with:
-          task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]'
-          add_label: 'false'
--- a/.github/workflows/pr-require-label.yml
+++ b/.github/workflows/pr-require-label.yml
@@ -0,0 +1,13 @@
+name: Enforce PR labels
+
+on:
+  pull_request:
+    types: [labeled, unlabeled, opened, edited, synchronize]
+jobs:
+  enforce-label:
+    name: Enforce label
+    runs-on: ubuntu-latest
+    steps:
+    - if: toJson(github.event.pull_request.labels) == '[]'
+      run: exit 1
+
--- a/.github/workflows/prepare-release.yml
+++ b/.github/workflows/prepare-release.yml
@@ -21,90 +21,63 @@ concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}-root
  cancel-in-progress: true

-permissions: {}
-
 jobs:
  bump_version:
    runs-on: ubuntu-latest
+
    outputs:
      ref: ${{ steps.push-tag.outputs.commit_long_sha }}
-    permissions: {} # No job-level permissions are needed because it uses the app-token
+
    steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4
        with:
-          token: ${{ steps.generate-token.outputs.token }}
-          persist-credentials: true
+          token: ${{ secrets.ORG_RELEASE_TOKEN }}

-      - name: Install uv
-        uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5.4.2
+      - name: Install Poetry
+        run: pipx install poetry

      - name: Bump version
-        env:
-          SERVER_BUMP: ${{ inputs.serverBump }}
-          MOBILE_BUMP: ${{ inputs.mobileBump }}
-        run: misc/release/pump-version.sh -s "${SERVER_BUMP}" -m "${MOBILE_BUMP}"
+        run: misc/release/pump-version.sh -s "${{ inputs.serverBump }}" -m "${{ inputs.mobileBump }}"

      - name: Commit and tag
        id: push-tag
-        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
+        uses: EndBug/add-and-commit@v9
        with:
-          default_author: github_actions
-          message: 'chore: version ${{ env.IMMICH_VERSION }}'
+          author_name: Alex The Bot
+          author_email: alex.tran1502@gmail.com
+          default_author: user_info
+          message: 'Version ${{ env.IMMICH_VERSION }}'
          tag: ${{ env.IMMICH_VERSION }}
          push: true

  build_mobile:
    uses: ./.github/workflows/build-mobile.yml
    needs: bump_version
-    permissions:
-      contents: read
-    secrets:
-      KEY_JKS: ${{ secrets.KEY_JKS }}
-      ALIAS: ${{ secrets.ALIAS }}
-      ANDROID_KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
-      ANDROID_STORE_PASSWORD: ${{ secrets.ANDROID_STORE_PASSWORD }}
+    secrets: inherit
    with:
      ref: ${{ needs.bump_version.outputs.ref }}

  prepare_release:
    runs-on: ubuntu-latest
    needs: build_mobile
-    permissions:
-      actions: read # To download the app artifact
-      # No content permissions are needed because it uses the app-token
-    steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

+    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4
        with:
-          token: ${{ steps.generate-token.outputs.token }}
-          persist-credentials: false
+          token: ${{ secrets.ORG_RELEASE_TOKEN }}

      - name: Download APK
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        uses: actions/download-artifact@v4
        with:
          name: release-apk-signed

      - name: Create draft release
-        uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 # v2.2.2
+        uses: softprops/action-gh-release@v2
        with:
          draft: true
          tag_name: ${{ env.IMMICH_VERSION }}
-          token: ${{ steps.generate-token.outputs.token }}
          generate_release_notes: true
          body_path: misc/release/notes.tmpl
          files: |
--- a/.github/workflows/preview-label.yaml
+++ b/.github/workflows/preview-label.yaml
@@ -1,35 +0,0 @@
-name: Preview label
-
-on:
-  pull_request:
-    types: [labeled, closed]
-
-permissions: {}
-
-jobs:
-  comment-status:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.action == 'labeled' && github.event.label.name == 'preview' }}
-    permissions:
-      pull-requests: write
-    steps:
-      - uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
-        with:
-          message-id: 'preview-status'
-          message: 'Deploying preview environment to https://pr-${{ github.event.pull_request.number }}.preview.internal.immich.cloud/'
-
-  remove-label:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.action == 'closed' && contains(github.event.pull_request.labels.*.name, 'preview') }}
-    permissions:
-      pull-requests: write
-    steps:
-      - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          script: |
-            github.rest.issues.removeLabel({
-              issue_number: context.payload.pull_request.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              name: 'preview'
-            })
--- a/.github/workflows/sdk.yml
+++ b/.github/workflows/sdk.yml
@@ -4,26 +4,22 @@ on:
  release:
    types: [published]

-permissions: {}
+permissions:
+  packages: write

 jobs:
  publish:
    name: Publish `@immich/sdk`
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    defaults:
      run:
        working-directory: ./open-api/typescript-sdk
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
+      - uses: actions/checkout@v4
      # Setup .npmrc file to publish to npm
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      - uses: actions/setup-node@v4
        with:
-          node-version-file: './open-api/typescript-sdk/.nvmrc'
+          node-version: '20.x'
          registry-url: 'https://registry.npmjs.org'
      - name: Install deps
        run: npm ci
--- a/.github/workflows/static_analysis.yml
+++ b/.github/workflows/static_analysis.yml
@@ -9,93 +9,26 @@ concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

-permissions: {}
-
 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        with:
-          filters: |
-            mobile:
-              - 'mobile/**'
-            workflow:
-              - '.github/workflows/static_analysis.yml'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
-
  mobile-dart-analyze:
    name: Run Dart Code Analysis
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}
+
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
+
    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v4

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@e938fdf56512cc96ef2f93601a5a40bde3801046 # v2.19.0
+        uses: subosito/flutter-action@v2
        with:
-          channel: 'stable'
-          flutter-version-file: ./mobile/pubspec.yaml
+          channel: "stable"
+          flutter-version: "3.19.3"

      - name: Install dependencies
        run: dart pub get
        working-directory: ./mobile

-      - name: Install DCM
-        run: |
-          sudo apt-get update
-          wget -qO- https://dcm.dev/pgp-key.public | sudo gpg --dearmor -o /usr/share/keyrings/dcm.gpg
-          echo 'deb [signed-by=/usr/share/keyrings/dcm.gpg arch=amd64] https://dcm.dev/debian stable main' | sudo tee /etc/apt/sources.list.d/dart_stable.list
-          sudo apt-get update
-          sudo apt-get install dcm
-
-      - name: Generate translation file
-        run: make translation
-        working-directory: ./mobile
-
-      - name: Run Build Runner
-        run: make build
-        working-directory: ./mobile
-
-      - name: Generate platform API
-        run: make pigeon
-        working-directory: ./mobile
-
-      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20.0.4
-        id: verify-changed-files
-        with:
-          files: |
-            mobile/**/*.g.dart
-            mobile/**/*.gr.dart
-            mobile/**/*.drift.dart
-
-      - name: Verify files have not changed
-        if: steps.verify-changed-files.outputs.files_changed == 'true'
-        env:
-          CHANGED_FILES: ${{ steps.verify-changed-files.outputs.changed_files }}
-        run: |
-          echo "ERROR: Generated files not up to date! Run make_build inside the mobile directory"
-          echo "Changed files: ${CHANGED_FILES}"
-          exit 1
-
      - name: Run dart analyze
        run: dart analyze --fatal-infos
        working-directory: ./mobile
@@ -104,37 +37,7 @@ jobs:
        run: dart format lib/ --set-exit-if-changed
        working-directory: ./mobile

-      - name: Run dart custom_lint
-        run: dart run custom_lint
-        working-directory: ./mobile
-
-      - name: Run DCM
-        run: dcm analyze lib
-        working-directory: ./mobile
-
-  zizmor:
-    name: zizmor
-    runs-on: ubuntu-latest
-    permissions:
-      security-events: write
-      contents: read
-      actions: read
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Install the latest version of uv
-        uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5.4.2
-
-      - name: Run zizmor 🌈
-        run: uvx zizmor --format=sarif . > results.sarif
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
-        with:
-          sarif_file: results.sarif
-          category: zizmor
+      # Enable after riverpod generator migration is completed
+      # - name: Run dart custom lint
+      #   run: dart run custom_lint
+      #   working-directory: ./mobile
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -9,81 +9,39 @@ concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

-permissions: {}
-
 jobs:
-  pre-job:
+  doc-tests:
+    name: Docs
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    outputs:
-      should_run_i18n: ${{ steps.found_paths.outputs.i18n == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_web: ${{ steps.found_paths.outputs.web == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_server: ${{ steps.found_paths.outputs.server == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_cli: ${{ steps.found_paths.outputs.cli == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e: ${{ steps.found_paths.outputs.e2e == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_mobile: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_ml: ${{ steps.found_paths.outputs.machine-learning == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e_web: ${{ steps.found_paths.outputs.e2e == 'true' || steps.found_paths.outputs.web == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e_server_cli: ${{ steps.found_paths.outputs.e2e == 'true' || steps.found_paths.outputs.server == 'true' || steps.found_paths.outputs.cli == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_.github: ${{ steps.found_paths.outputs['.github'] == 'true' || steps.should_force.outputs.should_force == 'true' }} # redundant to have should_force but if someone changes the trigger then this won't have to be changed
+    defaults:
+      run:
+        working-directory: ./docs
+
    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v4

-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        with:
-          filters: |
-            i18n:
-              - 'i18n/**'
-            web:
-              - 'web/**'
-              - 'i18n/**'
-              - 'open-api/typescript-sdk/**'
-            server:
-              - 'server/**'
-            cli:
-              - 'cli/**'
-              - 'open-api/typescript-sdk/**'
-            e2e:
-              - 'e2e/**'
-            mobile:
-              - 'mobile/**'
-            machine-learning:
-              - 'machine-learning/**'
-            workflow:
-              - '.github/workflows/test.yml'
-            .github:
-              - '.github/**'
+      - name: Run npm install
+        run: npm ci

-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
+      - name: Run formatter
+        run: npm run format
+        if: ${{ !cancelled() }}
+
+      - name: Run build
+        run: npm run build
+        if: ${{ !cancelled() }}

  server-unit-tests:
-    name: Test & Lint Server
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
+    name: Server
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    defaults:
      run:
        working-directory: ./server

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './server/.nvmrc'
+        uses: actions/checkout@v4

      - name: Run npm install
        run: npm ci
@@ -100,31 +58,25 @@ jobs:
        run: npm run check
        if: ${{ !cancelled() }}

-      - name: Run small tests & coverage
-        run: npm test
+      - name: Run unit tests & coverage
+        run: npm run test:cov
        if: ${{ !cancelled() }}

  cli-unit-tests:
-    name: Unit Test CLI
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_cli == 'true' }}
+    name: CLI
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    defaults:
      run:
        working-directory: ./cli

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v4

      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@v4
        with:
-          node-version-file: './cli/.nvmrc'
+          node-version: 20

      - name: Setup typescript-sdk
        run: npm ci && npm run build
@@ -146,68 +98,19 @@ jobs:
        if: ${{ !cancelled() }}

      - name: Run unit tests & coverage
-        run: npm run test
+        run: npm run test:cov
        if: ${{ !cancelled() }}

-  cli-unit-tests-win:
-    name: Unit Test CLI (Windows)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_cli == 'true' }}
-    runs-on: windows-latest
-    permissions:
-      contents: read
-    defaults:
-      run:
-        working-directory: ./cli
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './cli/.nvmrc'
-
-      - name: Setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-
-      - name: Install deps
-        run: npm ci
-
-      # Skip linter & formatter in Windows test.
-      - name: Run tsc
-        run: npm run check
-        if: ${{ !cancelled() }}
-
-      - name: Run unit tests & coverage
-        run: npm run test
-        if: ${{ !cancelled() }}
-
-  web-lint:
-    name: Lint Web
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_web == 'true' }}
-    runs-on: mich
-    permissions:
-      contents: read
+  web-unit-tests:
+    name: Web
+    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ./web

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './web/.nvmrc'
+        uses: actions/checkout@v4

      - name: Run setup typescript-sdk
        run: npm ci && npm run build
@@ -217,7 +120,7 @@ jobs:
        run: npm ci

      - name: Run linter
-        run: npm run lint:p
+        run: npm run lint
        if: ${{ !cancelled() }}

      - name: Run formatter
@@ -228,180 +131,31 @@ jobs:
        run: npm run check:svelte
        if: ${{ !cancelled() }}

-  web-unit-tests:
-    name: Test Web
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_web == 'true' }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    defaults:
-      run:
-        working-directory: ./web
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './web/.nvmrc'
-
-      - name: Run setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-
-      - name: Run npm install
-        run: npm ci
-
      - name: Run tsc
        run: npm run check:typescript
        if: ${{ !cancelled() }}

      - name: Run unit tests & coverage
-        run: npm run test
+        run: npm run test:cov
        if: ${{ !cancelled() }}

-  i18n-tests:
-    name: Test i18n
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_i18n == 'true' }}
+  e2e-tests:
+    name: End-to-End Tests
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './web/.nvmrc'
-
-      - name: Install dependencies
-        run: npm --prefix=web ci
-
-      - name: Format
-        run: npm --prefix=web run format:i18n
-
-      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20.0.4
-        id: verify-changed-files
-        with:
-          files: |
-            i18n/**
-
-      - name: Verify files have not changed
-        if: steps.verify-changed-files.outputs.files_changed == 'true'
-        env:
-          CHANGED_FILES: ${{ steps.verify-changed-files.outputs.changed_files }}
-        run: |
-          echo "ERROR: i18n files not up to date!"
-          echo "Changed files: ${CHANGED_FILES}"
-          exit 1
-
-  e2e-tests-lint:
-    name: End-to-End Lint
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e == 'true' }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    defaults:
      run:
        working-directory: ./e2e

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4
        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './e2e/.nvmrc'
-
-      - name: Run setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-        if: ${{ !cancelled() }}
-
-      - name: Install dependencies
-        run: npm ci
-        if: ${{ !cancelled() }}
-
-      - name: Run linter
-        run: npm run lint
-        if: ${{ !cancelled() }}
-
-      - name: Run formatter
-        run: npm run format
-        if: ${{ !cancelled() }}
-
-      - name: Run tsc
-        run: npm run check
-        if: ${{ !cancelled() }}
-
-  server-medium-tests:
-    name: Medium Tests (Server)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    defaults:
-      run:
-        working-directory: ./server
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './server/.nvmrc'
-
-      - name: Run npm install
-        run: npm ci
-
-      - name: Run medium tests
-        run: npm run test:medium
-        if: ${{ !cancelled() }}
-
-  e2e-tests-server-cli:
-    name: End-to-End Tests (Server & CLI)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e_server_cli == 'true' }}
-    runs-on: ${{ matrix.runner }}
-    permissions:
-      contents: read
-    defaults:
-      run:
-        working-directory: ./e2e
-    strategy:
-      matrix:
-        runner: [ubuntu-latest, ubuntu-24.04-arm]
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
          submodules: 'recursive'

      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@v4
        with:
-          node-version-file: './e2e/.nvmrc'
+          node-version: 20

      - name: Run setup typescript-sdk
        run: npm ci && npm run build
@@ -417,47 +171,16 @@ jobs:
        run: npm ci
        if: ${{ !cancelled() }}

-      - name: Docker build
-        run: docker compose build
+      - name: Run linter
+        run: npm run lint
        if: ${{ !cancelled() }}

-      - name: Run e2e tests (api & cli)
-        run: npm run test
+      - name: Run formatter
+        run: npm run format
        if: ${{ !cancelled() }}

-  e2e-tests-web:
-    name: End-to-End Tests (Web)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e_web == 'true' }}
-    runs-on: ${{ matrix.runner }}
-    permissions:
-      contents: read
-    defaults:
-      run:
-        working-directory: ./e2e
-    strategy:
-      matrix:
-        runner: [ubuntu-latest, ubuntu-24.04-arm]
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-          submodules: 'recursive'
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './e2e/.nvmrc'
-
-      - name: Run setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-        if: ${{ !cancelled() }}
-
-      - name: Install dependencies
-        run: npm ci
+      - name: Run tsc
+        run: npm run check
        if: ${{ !cancelled() }}

      - name: Install Playwright Browsers
@@ -468,183 +191,98 @@ jobs:
        run: docker compose build
        if: ${{ !cancelled() }}

+      - name: Run e2e tests (api & cli)
+        run: npm run test
+        if: ${{ !cancelled() }}
+
      - name: Run e2e tests (web)
        run: npx playwright test
        if: ${{ !cancelled() }}

-  success-check-e2e:
-    name: End-to-End Tests Success
-    needs: [e2e-tests-server-cli, e2e-tests-web]
-    permissions: {}
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - uses: immich-app/devtools/actions/success-check@6b81b1572e466f7f48ba3c823159ce3f4a4d66a6 # success-check-action-0.0.3
-        with:
-          needs: ${{ toJSON(needs) }}
-
  mobile-unit-tests:
-    name: Unit Test Mobile
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_mobile == 'true' }}
+    name: Mobile
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
+      - uses: actions/checkout@v4
      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@e938fdf56512cc96ef2f93601a5a40bde3801046 # v2.19.0
+        uses: subosito/flutter-action@v2
        with:
          channel: 'stable'
-          flutter-version-file: ./mobile/pubspec.yaml
-
-      - name: Generate translation file
-        run: make translation
-        working-directory: ./mobile
-
+          flutter-version: '3.19.3'
      - name: Run tests
        working-directory: ./mobile
        run: flutter test -j 1

  ml-unit-tests:
-    name: Unit Test ML
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'true' }}
+    name: Machine Learning
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    defaults:
      run:
        working-directory: ./machine-learning
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@v4
+      - name: Install poetry
+        run: pipx install poetry
+      - uses: actions/setup-python@v5
        with:
-          persist-credentials: false
-
-      - name: Install uv
-        uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5.4.2
-      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
-        # TODO: add caching when supported (https://github.com/actions/setup-python/pull/818)
-        # with:
-        #   python-version: 3.11
-        #   cache: 'uv'
+          python-version: 3.11
+          cache: 'poetry'
      - name: Install dependencies
        run: |
-          uv sync --extra cpu
+          poetry install --with dev --with cpu
      - name: Lint with ruff
        run: |
-          uv run ruff check --output-format=github immich_ml
+          poetry run ruff check --output-format=github app export
      - name: Check black formatting
        run: |
-          uv run black --check immich_ml
+          poetry run black --check app export
      - name: Run mypy type checking
        run: |
-          uv run mypy --strict immich_ml/
+          poetry run mypy --install-types --non-interactive --strict app/
      - name: Run tests and coverage
        run: |
-          uv run pytest --cov=immich_ml --cov-report term-missing
-
-  github-files-formatting:
-    name: .github Files Formatting
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs['should_run_.github'] == 'true' }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    defaults:
-      run:
-        working-directory: ./.github
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './.github/.nvmrc'
-
-      - name: Run npm install
-        run: npm ci
-
-      - name: Run formatter
-        run: npm run format
-        if: ${{ !cancelled() }}
+          poetry run pytest app --cov=app --cov-report term-missing

  shellcheck:
    name: ShellCheck
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
+      - uses: actions/checkout@v4
      - name: Run ShellCheck
        uses: ludeeus/action-shellcheck@master
        with:
          ignore_paths: >-
            **/open-api/**
-            **/openapi**
+            **/openapi/**
            **/node_modules/**

  generated-api-up-to-date:
    name: OpenAPI Clients
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './server/.nvmrc'
-
-      - name: Install server dependencies
-        run: npm --prefix=server ci
-
-      - name: Build the app
-        run: npm --prefix=server run build
-
+      - uses: actions/checkout@v4
      - name: Run API generation
        run: make open-api
-
      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20.0.4
+        uses: tj-actions/verify-changed-files@v19
        id: verify-changed-files
        with:
          files: |
            mobile/openapi
            open-api/typescript-sdk
-            open-api/immich-openapi-specs.json
-
      - name: Verify files have not changed
        if: steps.verify-changed-files.outputs.files_changed == 'true'
-        env:
-          CHANGED_FILES: ${{ steps.verify-changed-files.outputs.changed_files }}
        run: |
          echo "ERROR: Generated files not up to date!"
-          echo "Changed files: ${CHANGED_FILES}"
+          echo "Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}"
          exit 1

-  sql-schema-up-to-date:
-    name: SQL Schema Checks
+  generated-typeorm-migrations-up-to-date:
+    name: TypeORM Checks
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
    services:
      postgres:
-        image: ghcr.io/immich-app/postgres:14-vectorchord0.4.1
+        image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
@@ -662,14 +300,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Setup Node
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version-file: './server/.nvmrc'
+        uses: actions/checkout@v4

      - name: Install server dependencies
        run: npm ci
@@ -678,38 +309,35 @@ jobs:
        run: npm run build

      - name: Run existing migrations
-        run: npm run migrations:run
+        run: npm run typeorm:migrations:run

      - name: Test npm run schema:reset command works
-        run: npm run schema:reset
+        run: npm run typeorm:schema:reset

      - name: Generate new migrations
        continue-on-error: true
-        run: npm run migrations:generate src/TestMigration
+        run: npm run typeorm:migrations:generate ./src/migrations/TestMigration

      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20.0.4
+        uses: tj-actions/verify-changed-files@v19
        id: verify-changed-files
        with:
          files: |
-            server/src
+            server/src/migrations/
      - name: Verify migration files have not changed
        if: steps.verify-changed-files.outputs.files_changed == 'true'
-        env:
-          CHANGED_FILES: ${{ steps.verify-changed-files.outputs.changed_files }}
        run: |
          echo "ERROR: Generated migration files not up to date!"
-          echo "Changed files: ${CHANGED_FILES}"
-          cat ./src/*-TestMigration.ts
+          echo "Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}"
          exit 1

      - name: Run SQL generation
-        run: npm run sync:sql
+        run: npm run sql:generate
        env:
          DB_URL: postgres://postgres:postgres@localhost:5432/immich

      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20.0.4
+        uses: tj-actions/verify-changed-files@v19
        id: verify-changed-sql-files
        with:
          files: |
@@ -717,12 +345,9 @@ jobs:

      - name: Verify SQL files have not changed
        if: steps.verify-changed-sql-files.outputs.files_changed == 'true'
-        env:
-          CHANGED_FILES: ${{ steps.verify-changed-sql-files.outputs.changed_files }}
        run: |
          echo "ERROR: Generated SQL files not up to date!"
-          echo "Changed files: ${CHANGED_FILES}"
-          git diff
+          echo "Changed files: ${{ steps.verify-changed-sql-files.outputs.changed_files }}"
          exit 1

  # mobile-integration-tests:
--- a/.github/workflows/weblate-lock.yml
+++ b/.github/workflows/weblate-lock.yml
@@ -1,57 +0,0 @@
-name: Weblate checks
-
-on:
-  pull_request:
-    branches: [main]
-
-permissions: {}
-
-jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.i18n == 'true' && github.head_ref != 'chore/translations'}}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        with:
-          filters: |
-            i18n:
-              - 'i18n/!(en)**\.json'
-
-  enforce-lock:
-    name: Check Weblate Lock
-    needs: [pre-job]
-    runs-on: ubuntu-latest
-    permissions: {}
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}
-    steps:
-      - name: Check weblate lock
-        run: |
-          if [[ "false" = $(curl https://hosted.weblate.org/api/components/immich/immich/lock/ | jq .locked) ]]; then
-            exit 1
-          fi
-      - name: Find Pull Request
-        uses: juliangruber/find-pull-request-action@48b6133aa6c826f267ebd33aa2d29470f9d9e7d0 # v1.9.0
-        id: find-pr
-        with:
-          branch: chore/translations
-      - name: Fail if existing weblate PR
-        if: ${{ steps.find-pr.outputs.number }}
-        run: exit 1
-  success-check-lock:
-    name: Weblate Lock Check Success
-    needs: [enforce-lock]
-    runs-on: ubuntu-latest
-    permissions: {}
-    if: always()
-    steps:
-      - uses: immich-app/devtools/actions/success-check@6b81b1572e466f7f48ba3c823159ce3f4a4d66a6 # success-check-action-0.0.3
-        with:
-          needs: ${{ toJSON(needs) }}
--- a/.gitignore
+++ b/.gitignore
@@ -3,7 +3,6 @@
 .DS_Store
 .vscode/*
 !.vscode/launch.json
-!.vscode/extensions.json
 .idea

 docker/upload
@@ -15,12 +14,7 @@ mobile/gradle.properties
 mobile/openapi/pubspec.lock
 mobile/*.jks
 mobile/libisar.dylib
-mobile/openapi/test
-mobile/openapi/doc
-mobile/openapi/.openapi-generator/FILES

 open-api/typescript-sdk/build
 mobile/android/fastlane/report.xml
 mobile/ios/fastlane/report.xml
-
-vite.config.js.timestamp-*
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,6 +1,6 @@
 [submodule "mobile/.isar"]
 	path = mobile/.isar
 	url = https://github.com/isar/isar
-[submodule "e2e/test-assets"]
-	path = e2e/test-assets
+[submodule "server/test/assets"]
+	path = server/test/assets
 	url = https://github.com/immich-app/test-assets
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -1,10 +0,0 @@
-{
-  "recommendations": [
-    "esbenp.prettier-vscode",
-    "svelte.svelte-vscode",
-    "dbaeumer.vscode-eslint",
-    "dart-code.flutter",
-    "dart-code.dart-code",
-    "dcmdev.dcm-vscode-extension"
-  ]
-}
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -5,8 +5,8 @@
      "type": "node",
      "request": "attach",
      "restart": true,
-      "port": 9231,
-      "name": "Immich API Server",
+      "port": 9230,
+      "name": "Immich Server",
      "remoteRoot": "/usr/src/app",
      "localRoot": "${workspaceFolder}/server"
    },
@@ -14,8 +14,8 @@
      "type": "node",
      "request": "attach",
      "restart": true,
-      "port": 9230,
-      "name": "Immich Workers",
+      "port": 9231,
+      "name": "Immich Microservices",
      "remoteRoot": "/usr/src/app",
      "localRoot": "${workspaceFolder}/server"
    }
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,63 +1,34 @@
 {
-  "[css]": {
-    "editor.defaultFormatter": "esbenp.prettier-vscode",
  "editor.formatOnSave": true,
+  "[javascript][typescript][css]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.tabSize": 2,
+    "editor.formatOnSave": true
+  },
+  "[svelte]": {
+    "editor.defaultFormatter": "svelte.svelte-vscode",
    "editor.tabSize": 2
  },
+  "svelte.enable-ts-plugin": true,
+  "eslint.validate": [
+    "javascript",
+    "svelte"
+  ],
+  "typescript.preferences.importModuleSpecifier": "non-relative",
  "[dart]": {
-    "editor.defaultFormatter": "Dart-Code.dart-code",
    "editor.formatOnSave": true,
    "editor.selectionHighlight": false,
    "editor.suggest.snippetsPreventQuickSuggestions": false,
    "editor.suggestSelection": "first",
    "editor.tabCompletion": "onlySnippets",
-    "editor.wordBasedSuggestions": "off"
+    "editor.wordBasedSuggestions": "off",
+    "editor.defaultFormatter": "Dart-Code.dart-code"
  },
-  "[javascript]": {
-    "editor.codeActionsOnSave": {
-      "source.organizeImports": "explicit",
-      "source.removeUnusedImports": "explicit"
-    },
-    "editor.defaultFormatter": "esbenp.prettier-vscode",
-    "editor.formatOnSave": true,
-    "editor.tabSize": 2
-  },
-  "[json]": {
-    "editor.defaultFormatter": "esbenp.prettier-vscode",
-    "editor.formatOnSave": true,
-    "editor.tabSize": 2
-  },
-  "[jsonc]": {
-    "editor.defaultFormatter": "esbenp.prettier-vscode",
-    "editor.formatOnSave": true,
-    "editor.tabSize": 2
-  },
-  "[svelte]": {
-    "editor.codeActionsOnSave": {
-      "source.organizeImports": "explicit",
-      "source.removeUnusedImports": "explicit"
-    },
-    "editor.defaultFormatter": "svelte.svelte-vscode",
-    "editor.formatOnSave": true,
-    "editor.tabSize": 2
-  },
-  "[typescript]": {
-    "editor.codeActionsOnSave": {
-      "source.organizeImports": "explicit",
-      "source.removeUnusedImports": "explicit"
-    },
-    "editor.defaultFormatter": "esbenp.prettier-vscode",
-    "editor.formatOnSave": true,
-    "editor.tabSize": 2
-  },
-  "cSpell.words": ["immich"],
-  "editor.formatOnSave": true,
-  "eslint.validate": ["javascript", "svelte"],
+  "cSpell.words": [
+    "immich"
+  ],
  "explorer.fileNesting.enabled": true,
  "explorer.fileNesting.patterns": {
-    "*.dart": "${capture}.g.dart,${capture}.gr.dart,${capture}.drift.dart",
    "*.ts": "${capture}.spec.ts,${capture}.mock.ts"
-  },
-  "svelte.enable-ts-plugin": true,
-  "typescript.preferences.importModuleSpecifier": "non-relative"
+  }
 }
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -1,72 +0,0 @@
-{
-  "version": "2.0.0",
-  "tasks": [
-    {
-      "label": "Fix Permissions, Install Dependencies",
-      "type": "shell",
-      "command": "[ -f /immich-devcontainer/container-start.sh ] && /immich-devcontainer/container-start.sh || exit 0",
-      "presentation": {
-        "echo": true,
-        "reveal": "always",
-        "focus": false,
-        "panel": "dedicated",
-        "showReuseMessage": true,
-        "clear": false,
-        "group": "Devcontainer tasks",
-        "close": true
-      },
-      "runOptions": {
-        "runOn": "default"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Immich API Server (Nest)",
-      "dependsOn": ["Fix Permissions, Install Dependencies"],
-      "type": "shell",
-      "command": "[ -f /immich-devcontainer/container-start-backend.sh ] && /immich-devcontainer/container-start-backend.sh || exit 0",
-      "presentation": {
-        "echo": true,
-        "reveal": "always",
-        "focus": false,
-        "panel": "dedicated",
-        "showReuseMessage": true,
-        "clear": false,
-        "group": "Devcontainer tasks",
-        "close": true
-      },
-      "runOptions": {
-        "runOn": "default"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Immich Web Server (Vite)",
-      "dependsOn": ["Fix Permissions, Install Dependencies"],
-      "type": "shell",
-      "command": "[ -f /immich-devcontainer/container-start-frontend.sh ] && /immich-devcontainer/container-start-frontend.sh || exit 0",
-      "presentation": {
-        "echo": true,
-        "reveal": "always",
-        "focus": false,
-        "panel": "dedicated",
-        "showReuseMessage": true,
-        "clear": false,
-        "group": "Devcontainer tasks",
-        "close": true
-      },
-      "runOptions": {
-        "runOn": "default"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Immich Server and Web",
-      "dependsOn": ["Immich Web Server (Vite)", "Immich API Server (Nest)"],
-      "runOptions": {
-        "runOn": "folderOpen"
-      },
-      "problemMatcher": []
-    }
-  ]
-}
--- a/69
+++ b/69
@@ -10,6 +10,12 @@ dev-update:
 dev-scale:
 	docker compose -f ./docker/docker-compose.dev.yml up --build -V  --scale immich-server=3 --remove-orphans

+stage:
+	docker compose -f ./docker/docker-compose.staging.yml up --build -V --remove-orphans
+
+pull-stage:
+	docker compose -f ./docker/docker-compose.staging.yml pull
+
 .PHONY: e2e
 e2e:
 	docker compose -f ./e2e/docker-compose.yml up --build -V --remove-orphans
@@ -17,9 +23,6 @@ e2e:
 prod:
 	docker compose -f ./docker/docker-compose.prod.yml up --build -V --remove-orphans

-prod-down:
-	docker compose -f ./docker/docker-compose.prod.yml down --remove-orphans
-
 prod-scale:
 	docker compose -f ./docker/docker-compose.prod.yml up --build -V --scale immich-server=3 --scale immich-microservices=3 --remove-orphans

@@ -34,65 +37,7 @@ open-api-typescript:
 	cd ./open-api && bash ./bin/generate-open-api.sh typescript

 sql:
-	npm --prefix server run sync:sql
+	npm --prefix server run sql:generate

 attach-server:
 	docker exec -it docker_immich-server_1 sh
-
-renovate:
-  LOG_LEVEL=debug npx renovate --platform=local --repository-cache=reset
-
-MODULES = e2e server web cli sdk docs .github
-
-audit-%:
-	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) audit fix
-install-%:
-	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) i
-build-cli: build-sdk
-build-web: build-sdk
-build-%: install-%
-	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run build
-format-%:
-	npm --prefix $* run format:fix
-lint-%:
-	npm --prefix $* run lint:fix
-check-%:
-	npm --prefix $* run check
-check-web:
-	npm --prefix web run check:typescript
-	npm --prefix web run check:svelte
-test-%:
-	npm --prefix $* run test
-test-e2e:
-	docker compose -f ./e2e/docker-compose.yml build
-	npm --prefix e2e run test
-	npm --prefix e2e run test:web
-test-medium:
-	docker run \
-    --rm \
-    -v ./server/src:/usr/src/app/src \
-    -v ./server/test:/usr/src/app/test \
-    -v ./server/vitest.config.medium.mjs:/usr/src/app/vitest.config.medium.mjs \
-    -v ./server/tsconfig.json:/usr/src/app/tsconfig.json \
-    -e NODE_ENV=development \
-    immich-server:latest \
-    -c "npm ci && npm run test:medium -- --run"
-test-medium-dev:
-	docker exec -it immich_server /bin/sh -c "npm run test:medium"
-
-build-all: $(foreach M,$(filter-out e2e .github,$(MODULES)),build-$M) ;
-install-all: $(foreach M,$(MODULES),install-$M) ;
-check-all: $(foreach M,$(filter-out sdk cli docs .github,$(MODULES)),check-$M) ;
-lint-all: $(foreach M,$(filter-out sdk docs .github,$(MODULES)),lint-$M) ;
-format-all: $(foreach M,$(filter-out sdk,$(MODULES)),format-$M) ;
-audit-all:  $(foreach M,$(MODULES),audit-$M) ;
-hygiene-all: lint-all format-all check-all sql audit-all;
-test-all: $(foreach M,$(filter-out sdk docs .github,$(MODULES)),test-$M) ;
-
-clean:
-	find . -name "node_modules" -type d -prune -exec rm -rf '{}' +
-	find . -name "dist" -type d -prune -exec rm -rf '{}' +
-	find . -name "build" -type d -prune -exec rm -rf '{}' +
-	find . -name "svelte-kit" -type d -prune -exec rm -rf '{}' +
-	docker compose -f ./docker/docker-compose.dev.yml rm -v -f || true
-	docker compose -f ./e2e/docker-compose.yml rm -v -f || true
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 <p align="center"> 
  <br/>  
  <a href="https://opensource.org/license/agpl-v3"><img src="https://img.shields.io/badge/License-AGPL_v3-blue.svg?color=3F51B5&style=for-the-badge&label=License&logoColor=000000&labelColor=ececec" alt="License: AGPLv3"></a>
-  <a href="https://discord.immich.app">
+  <a href="https://discord.gg/D8JsnBEuKb">
    <img src="https://img.shields.io/discord/979116623879368755.svg?label=Discord&logo=Discord&style=for-the-badge&logoColor=000000&labelColor=ececec" alt="Discord"/>
  </a>
  <br/>  
@@ -17,7 +17,6 @@
 <img src="design/immich-screenshots.png" title="Main Screenshot">
 </a>
 <br/>
-
 <p align="center">
  <a href="readme_i18n/README_ca_ES.md">Català</a>
  <a href="readme_i18n/README_es_ES.md">Español</a>
@@ -29,13 +28,7 @@
  <a href="readme_i18n/README_nl_NL.md">Nederlands</a>
  <a href="readme_i18n/README_tr_TR.md">Türkçe</a>
  <a href="readme_i18n/README_zh_CN.md">中文</a>
-  <a href="readme_i18n/README_uk_UA.md">Українська</a>
  <a href="readme_i18n/README_ru_RU.md">Русский</a>
-  <a href="readme_i18n/README_pt_BR.md">Português Brasileiro</a>
-  <a href="readme_i18n/README_sv_SE.md">Svenska</a>
-  <a href="readme_i18n/README_ar_JO.md">العربية</a>
-  <a href="readme_i18n/README_vi_VN.md">Tiếng Việt</a>
-  <a href="readme_i18n/README_th_TH.md">ภาษาไทย</a>
 </p>

 ## Disclaimer
@@ -45,34 +38,45 @@
 - ⚠️ **Do not use the app as the only way to store your photos and videos.**
 - ⚠️ Always follow [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) backup plan for your precious photos and videos!

-> [!NOTE]
-> You can find the main documentation, including installation guides, at https://immich.app/.
+## Content

-## Links
-
- [Documentation](https://immich.app/docs)
- [About](https://immich.app/docs/overview/introduction)
- [Installation](https://immich.app/docs/install/requirements)
- [Roadmap](https://immich.app/roadmap)
+- [Official Documentation](https://immich.app/docs)
+- [Roadmap](https://github.com/orgs/immich-app/projects/1)
 - [Demo](#demo)
 - [Features](#features)
- [Translations](https://immich.app/docs/developer/translations)
- [Contributing](https://immich.app/docs/overview/support-the-project)
+- [Introduction](https://immich.app/docs/overview/introduction)
+- [Installation](https://immich.app/docs/install/requirements)
+- [Contribution Guidelines](https://immich.app/docs/overview/support-the-project)
+- [Support The Project](#support-the-project)
+
+## Documentation
+
+You can find the main documentation, including installation guides, at https://immich.app/.

 ## Demo

-Access the demo [here](https://demo.immich.app). For the mobile app, you can use `https://demo.immich.app` for the `Server Endpoint URL`.
+You can access the web demo at https://demo.immich.app

-### Login credentials
+For the mobile app, you can use `https://demo.immich.app/api` for the `Server Endpoint URL`

-| Email           | Password |
-| --------------- | -------- |
-| demo@immich.app | demo     |
+```bash title="Demo Credential"
+The credential
+email: demo@immich.app
+password: demo
+```
+
+```
+Spec: Free-tier Oracle VM - Amsterdam - 2.4Ghz quad-core ARM64 CPU, 24GB RAM
+```
+
+## Activities
+![Activities](https://repobeats.axiom.co/api/embed/9e86d9dc3ddd137161f2f6d2e758d7863b1789cb.svg "Repobeats analytics image")

 ## Features

+
 | Features                                     | Mobile | Web |
-| :------------------------------------------- | ------ | --- |
+| :--------------------------------------------- | -------- | ----- |
 | Upload and view videos and photos            | Yes    | Yes |
 | Auto backup when the app is opened           | Yes    | N/A |
 | Prevent duplication of assets                | Yes    | Yes |
@@ -92,7 +96,7 @@ Access the demo [here](https://demo.immich.app). For the mobile app, you can use
 | LivePhoto/MotionPhoto backup and playback    | Yes    | Yes |
 | Support 360 degree image display             | No     | Yes |
 | User-defined storage structure               | Yes    | Yes |
-| Public Sharing                               | Yes    | Yes |
+| Public Sharing                               | No     | Yes |
 | Archive and Favorites                        | Yes    | Yes |
 | Global Map                                   | Yes    | Yes |
 | Partner Sharing                              | Yes    | Yes |
@@ -101,22 +105,31 @@ Access the demo [here](https://demo.immich.app). For the mobile app, you can use
 | Offline support                              | Yes    | No  |
 | Read-only gallery                            | Yes    | Yes |
 | Stacked Photos                               | Yes    | Yes |
-| Tags                                         | No     | Yes |
-| Folder View                                  | Yes    | Yes |

-## Translations
+## Support the project

-Read more about translations [here](https://immich.app/docs/developer/translations).
+I've committed to this project, and I will not stop. I will keep updating the docs, adding new features, and fixing bugs. But I can't do it alone. So I need your help to give me additional motivation to keep going.

-<a href="https://hosted.weblate.org/engage/immich/">
-<img src="https://hosted.weblate.org/widget/immich/immich/multi-auto.svg" alt="Translation status" />
+As our hosts in the [selfhosted.show - In the episode 'The-organization-must-not-be-name is a Hostile Actor'](https://selfhosted.show/79?t=1418) said, this is a massive undertaking of what the team and I are doing. And I would love to someday be able to do this full-time, and I am asking for your help to make that happen.
+
+If you feel like this is the right cause and the app is something you are seeing yourself using for a long time, please consider supporting the project with the option below.
+
+### Donation
+
+- [Monthly donation](https://github.com/sponsors/immich-app) via GitHub Sponsors
+- [One-time donation](https://github.com/sponsors/immich-app?frequency=one-time&sponsor=alextran1502) via GitHub Sponsors
+- [Liberapay](https://liberapay.com/alex.tran1502/)
+- [buymeacoffee](https://www.buymeacoffee.com/altran1502)
+- Bitcoin: 3QVAb9dCHutquVejeNXitPqZX26Yg5kxb7
+- ZCash: u1smm4wvqegcp46zss2jf5xptchgeczp4rx7a0wu3mermf2wxahm26yyz5w9mw3f2p4emwlljxjumg774kgs8rntt9yags0whnzane4n67z4c7gppq4yyvcj404ne3r769prwzd9j8ntvqp44fa6d67sf7rmcfjmds3gmeceff4u8e92rh38nd30cr96xw6vfhk6scu4ws90ldzupr3sz
+
+## Contributors
+
+<a href="https://github.com/alextran1502/immich/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=immich-app/immich" width="100%"/>
 </a>

-## Repository activity
-
-![Activities](https://repobeats.axiom.co/api/embed/9e86d9dc3ddd137161f2f6d2e758d7863b1789cb.svg "Repobeats analytics image")
-
-## Star history
+## Star History

 <a href="https://star-history.com/#immich-app/immich&Date">
 <picture>
@@ -125,9 +138,3 @@ Read more about translations [here](https://immich.app/docs/developer/translatio
   <img alt="Star History Chart" src="https://api.star-history.com/svg?repos=immich-app/immich&type=Date" width="100%" />
 </picture>
 </a>
-
-## Contributors
-
-<a href="https://github.com/alextran1502/immich/graphs/contributors">
-  <img src="https://contrib.rocks/image?repo=immich-app/immich" width="100%"/>
-</a>
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,4 +2,4 @@

 ## Reporting a Vulnerability

-Please report security issues to `security@immich.app`
+Please report security issues to `alex.tran1502@gmail.com`
--- a/cli/.eslintignore
+++ b/cli/.eslintignore
@@ -0,0 +1 @@
+/dist
--- a/cli/.eslintrc.cjs
+++ b/cli/.eslintrc.cjs
@@ -0,0 +1,28 @@
+module.exports = {
+  parser: '@typescript-eslint/parser',
+  parserOptions: {
+    project: 'tsconfig.json',
+    sourceType: 'module',
+    tsconfigRootDir: __dirname,
+  },
+  plugins: ['@typescript-eslint/eslint-plugin'],
+  extends: ['plugin:@typescript-eslint/recommended', 'plugin:prettier/recommended', 'plugin:unicorn/recommended'],
+  root: true,
+  env: {
+    node: true,
+  },
+  ignorePatterns: ['.eslintrc.js'],
+  rules: {
+    '@typescript-eslint/interface-name-prefix': 'off',
+    '@typescript-eslint/explicit-function-return-type': 'off',
+    '@typescript-eslint/explicit-module-boundary-types': 'off',
+    '@typescript-eslint/no-explicit-any': 'off',
+    '@typescript-eslint/no-floating-promises': 'error',
+    'unicorn/prefer-module': 'off',
+    'unicorn/prevent-abbreviations': 'off',
+    'unicorn/no-process-exit': 'off',
+    'unicorn/import-style': 'off',
+    curly: 2,
+    'prettier/prettier': 0,
+  },
+};
--- a/cli/.nvmrc
+++ b/cli/.nvmrc
@@ -1 +0,0 @@
-22.16.0
--- a/cli/Dockerfile
+++ b/cli/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:22.16.0-alpine3.20@sha256:2289fb1fba0f4633b08ec47b94a89c7e20b829fc5679f9b7b298eaa2f1ed8b7e AS core
+FROM node:20-alpine3.19@sha256:ec0c413b1d84f3f7f67ec986ba885930c57b5318d2eb3abc6960ee05d4f2eb28 as core

 WORKDIR /usr/src/open-api/typescript-sdk
 COPY open-api/typescript-sdk/package*.json open-api/typescript-sdk/tsconfig*.json ./
--- a/cli/README.md
+++ b/cli/README.md
@@ -4,18 +4,8 @@ Please see the [Immich CLI documentation](https://immich.app/docs/features/comma

 # For developers

-Before building the CLI, you must build the immich server and the open-api client. To build the server run the following in the server folder:
-
-    $ npm install
-    $ npm run build
-
-Then, to build the open-api client run the following in the open-api folder:
-
-    $ ./bin/generate-open-api.sh
-
 To run the Immich CLI from source, run the following in the cli folder:

-    $ npm install
    $ npm run build
    $ ts-node .

@@ -27,4 +17,3 @@ You can also build and install the CLI using

    $ npm run build
    $ npm install -g .
-****
--- a/cli/eslint.config.mjs
+++ b/cli/eslint.config.mjs
@@ -1,51 +0,0 @@
-import js from '@eslint/js';
-import eslintPluginPrettierRecommended from 'eslint-plugin-prettier/recommended';
-import eslintPluginUnicorn from 'eslint-plugin-unicorn';
-import globals from 'globals';
-import path from 'node:path';
-import { fileURLToPath } from 'node:url';
-import typescriptEslint from 'typescript-eslint';
-
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
-
-export default typescriptEslint.config([
-  eslintPluginUnicorn.configs.recommended,
-  eslintPluginPrettierRecommended,
-  js.configs.recommended,
-  typescriptEslint.configs.recommended,
-  {
-    ignores: ['eslint.config.mjs', 'dist'],
-  },
-  {
-    languageOptions: {
-      globals: {
-        ...globals.node,
-      },
-
-      parser: typescriptEslint.parser,
-      ecmaVersion: 5,
-      sourceType: 'module',
-
-      parserOptions: {
-        project: 'tsconfig.json',
-        tsconfigRootDir: __dirname,
-      },
-    },
-
-    rules: {
-      '@typescript-eslint/interface-name-prefix': 'off',
-      '@typescript-eslint/explicit-function-return-type': 'off',
-      '@typescript-eslint/explicit-module-boundary-types': 'off',
-      '@typescript-eslint/no-explicit-any': 'off',
-      '@typescript-eslint/no-floating-promises': 'error',
-      'unicorn/prefer-module': 'off',
-      'unicorn/prevent-abbreviations': 'off',
-      'unicorn/no-process-exit': 'off',
-      'unicorn/import-style': 'off',
-      curly: 2,
-      'prettier/prettier': 0,
-      'object-shorthand': ['error', 'always'],
-    },
-  },
-]);
--- a/cli/package-lock.json
+++ b/cli/package-lock.json
--- a/cli/package.json
+++ b/cli/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@immich/cli",
-  "version": "2.2.69",
+  "version": "2.2.0",
  "description": "Command Line Interface (CLI) for Immich",
  "type": "module",
  "exports": "./dist/index.js",
@@ -13,33 +13,30 @@
    "cli"
  ],
  "devDependencies": {
-    "@eslint/eslintrc": "^3.1.0",
-    "@eslint/js": "^9.8.0",
    "@immich/sdk": "file:../open-api/typescript-sdk",
    "@types/byte-size": "^8.1.0",
    "@types/cli-progress": "^3.11.0",
    "@types/lodash-es": "^4.17.12",
-    "@types/micromatch": "^4.0.9",
    "@types/mock-fs": "^4.13.1",
-    "@types/node": "^22.15.31",
-    "@vitest/coverage-v8": "^3.0.0",
-    "byte-size": "^9.0.0",
+    "@types/node": "^20.3.1",
+    "@typescript-eslint/eslint-plugin": "^7.0.0",
+    "@typescript-eslint/parser": "^7.0.0",
+    "@vitest/coverage-v8": "^1.2.2",
+    "byte-size": "^8.1.1",
    "cli-progress": "^3.12.0",
    "commander": "^12.0.0",
-    "eslint": "^9.14.0",
-    "eslint-config-prettier": "^10.0.0",
+    "eslint": "^8.56.0",
+    "eslint-config-prettier": "^9.1.0",
    "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-unicorn": "^59.0.0",
-    "globals": "^16.0.0",
+    "eslint-plugin-unicorn": "^52.0.0",
+    "glob": "^10.3.1",
    "mock-fs": "^5.2.0",
    "prettier": "^3.2.5",
-    "prettier-plugin-organize-imports": "^4.0.0",
+    "prettier-plugin-organize-imports": "^3.2.4",
    "typescript": "^5.3.3",
-    "typescript-eslint": "^8.28.0",
-    "vite": "^6.0.0",
-    "vite-tsconfig-paths": "^5.0.0",
-    "vitest": "^3.0.0",
-    "vitest-fetch-mock": "^0.4.0",
+    "vite": "^5.0.12",
+    "vite-tsconfig-paths": "^4.3.2",
+    "vitest": "^1.2.2",
    "yaml": "^2.3.1"
  },
  "scripts": {
@@ -62,13 +59,6 @@
    "node": ">=20.0.0"
  },
  "dependencies": {
-    "chokidar": "^4.0.3",
-    "fast-glob": "^3.3.2",
-    "fastq": "^1.17.1",
-    "lodash-es": "^4.17.21",
-    "micromatch": "^4.0.8"
-  },
-  "volta": {
-    "node": "22.16.0"
+    "lodash-es": "^4.17.21"
  }
 }
--- a/cli/src/commands/asset.spec.ts
+++ b/cli/src/commands/asset.spec.ts
@@ -1,311 +0,0 @@
-import * as fs from 'node:fs';
-import * as os from 'node:os';
-import * as path from 'node:path';
-import { setTimeout as sleep } from 'node:timers/promises';
-import { describe, expect, it, MockedFunction, vi } from 'vitest';
-
-import { Action, checkBulkUpload, defaults, getSupportedMediaTypes, Reason } from '@immich/sdk';
-import createFetchMock from 'vitest-fetch-mock';
-
-import { checkForDuplicates, getAlbumName, startWatch, uploadFiles, UploadOptionsDto } from 'src/commands/asset';
-
-vi.mock('@immich/sdk');
-
-describe('getAlbumName', () => {
-  it('should return a non-undefined value', () => {
-    if (os.platform() === 'win32') {
-      // This is meaningless for Unix systems.
-      expect(getAlbumName(String.raw`D:\test\Filename.txt`, {} as UploadOptionsDto)).toBe('test');
-    }
-    expect(getAlbumName('D:/parentfolder/test/Filename.txt', {} as UploadOptionsDto)).toBe('test');
-  });
-
-  it('has higher priority to return `albumName` in `options`', () => {
-    expect(getAlbumName('/parentfolder/test/Filename.txt', { albumName: 'example' } as UploadOptionsDto)).toBe(
-      'example',
-    );
-  });
-});
-
-describe('uploadFiles', () => {
-  const testDir = fs.mkdtempSync(path.join(os.tmpdir(), 'test-'));
-  const testFilePath = path.join(testDir, 'test.png');
-  const testFileData = 'test';
-  const baseUrl = 'http://example.com';
-  const apiKey = 'key';
-  const retry = 3;
-
-  const fetchMocker = createFetchMock(vi);
-
-  beforeEach(() => {
-    // Create a test file
-    fs.writeFileSync(testFilePath, testFileData);
-
-    // Defaults
-    vi.mocked(defaults).baseUrl = baseUrl;
-    vi.mocked(defaults).headers = { 'x-api-key': apiKey };
-
-    fetchMocker.enableMocks();
-    fetchMocker.resetMocks();
-  });
-
-  it('returns new assets when upload file is successful', async () => {
-    fetchMocker.doMockIf(new RegExp(`${baseUrl}/assets$`), () => {
-      return {
-        status: 200,
-        body: JSON.stringify({ id: 'fc5621b1-86f6-44a1-9905-403e607df9f5', status: 'created' }),
-      };
-    });
-
-    await expect(uploadFiles([testFilePath], { concurrency: 1 })).resolves.toEqual([
-      {
-        filepath: testFilePath,
-        id: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-      },
-    ]);
-  });
-
-  it('returns new assets when upload file retry is successful', async () => {
-    let counter = 0;
-    fetchMocker.doMockIf(new RegExp(`${baseUrl}/assets$`), () => {
-      counter++;
-      if (counter < retry) {
-        throw new Error('Network error');
-      }
-
-      return {
-        status: 200,
-        body: JSON.stringify({ id: 'fc5621b1-86f6-44a1-9905-403e607df9f5', status: 'created' }),
-      };
-    });
-
-    await expect(uploadFiles([testFilePath], { concurrency: 1 })).resolves.toEqual([
-      {
-        filepath: testFilePath,
-        id: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-      },
-    ]);
-  });
-
-  it('returns new assets when upload file retry is failed', async () => {
-    fetchMocker.doMockIf(new RegExp(`${baseUrl}/assets$`), () => {
-      throw new Error('Network error');
-    });
-
-    await expect(uploadFiles([testFilePath], { concurrency: 1 })).resolves.toEqual([]);
-  });
-});
-
-describe('checkForDuplicates', () => {
-  const testDir = fs.mkdtempSync(path.join(os.tmpdir(), 'test-'));
-  const testFilePath = path.join(testDir, 'test.png');
-  const testFileData = 'test';
-  const testFileChecksum = 'a94a8fe5ccb19ba61c4c0873d391e987982fbbd3'; // SHA1
-  const retry = 3;
-
-  beforeEach(() => {
-    // Create a test file
-    fs.writeFileSync(testFilePath, testFileData);
-  });
-
-  it('checks duplicates', async () => {
-    vi.mocked(checkBulkUpload).mockResolvedValue({
-      results: [
-        {
-          action: Action.Accept,
-          id: testFilePath,
-        },
-      ],
-    });
-
-    await checkForDuplicates([testFilePath], { concurrency: 1 });
-
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: [
-          {
-            checksum: testFileChecksum,
-            id: testFilePath,
-          },
-        ],
-      },
-    });
-  });
-
-  it('returns duplicates when check duplicates is rejected', async () => {
-    vi.mocked(checkBulkUpload).mockResolvedValue({
-      results: [
-        {
-          action: Action.Reject,
-          id: testFilePath,
-          assetId: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-          reason: Reason.Duplicate,
-        },
-      ],
-    });
-
-    await expect(checkForDuplicates([testFilePath], { concurrency: 1 })).resolves.toEqual({
-      duplicates: [
-        {
-          filepath: testFilePath,
-          id: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-        },
-      ],
-      newFiles: [],
-    });
-  });
-
-  it('returns new assets when check duplicates is accepted', async () => {
-    vi.mocked(checkBulkUpload).mockResolvedValue({
-      results: [
-        {
-          action: Action.Accept,
-          id: testFilePath,
-        },
-      ],
-    });
-
-    await expect(checkForDuplicates([testFilePath], { concurrency: 1 })).resolves.toEqual({
-      duplicates: [],
-      newFiles: [testFilePath],
-    });
-  });
-
-  it('returns results when check duplicates retry is successful', async () => {
-    let mocked = vi.mocked(checkBulkUpload);
-    for (let i = 1; i < retry; i++) {
-      mocked = mocked.mockRejectedValueOnce(new Error('Network error'));
-    }
-    mocked.mockResolvedValue({
-      results: [
-        {
-          action: Action.Accept,
-          id: testFilePath,
-        },
-      ],
-    });
-
-    await expect(checkForDuplicates([testFilePath], { concurrency: 1 })).resolves.toEqual({
-      duplicates: [],
-      newFiles: [testFilePath],
-    });
-  });
-
-  it('returns results when check duplicates retry is failed', async () => {
-    vi.mocked(checkBulkUpload).mockRejectedValue(new Error('Network error'));
-
-    await expect(checkForDuplicates([testFilePath], { concurrency: 1 })).resolves.toEqual({
-      duplicates: [],
-      newFiles: [],
-    });
-  });
-});
-
-describe('startWatch', () => {
-  let testFolder: string;
-  let checkBulkUploadMocked: MockedFunction<typeof checkBulkUpload>;
-
-  beforeEach(async () => {
-    vi.restoreAllMocks();
-
-    vi.mocked(getSupportedMediaTypes).mockResolvedValue({
-      image: ['.jpg'],
-      sidecar: ['.xmp'],
-      video: ['.mp4'],
-    });
-
-    testFolder = await fs.promises.mkdtemp(path.join(os.tmpdir(), 'test-startWatch-'));
-    checkBulkUploadMocked = vi.mocked(checkBulkUpload);
-    checkBulkUploadMocked.mockResolvedValue({
-      results: [],
-    });
-  });
-
-  it('should start watching a directory and upload new files', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-
-    await startWatch([testFolder], { concurrency: 1 }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: [
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ],
-      },
-    });
-  });
-
-  it('should filter out unsupported files', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-    const unsupportedFilePath = path.join(testFolder, 'test.txt');
-
-    await startWatch([testFolder], { concurrency: 1 }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-    await fs.promises.writeFile(unsupportedFilePath, 'testtxt');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ]),
-      },
-    });
-
-    expect(checkBulkUpload).not.toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: unsupportedFilePath,
-          }),
-        ]),
-      },
-    });
-  });
-
-  it('should filger out ignored patterns', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-    const ignoredPattern = 'ignored';
-    const ignoredFolder = path.join(testFolder, ignoredPattern);
-    await fs.promises.mkdir(ignoredFolder, { recursive: true });
-    const ignoredFilePath = path.join(ignoredFolder, 'ignored.jpg');
-
-    await startWatch([testFolder], { concurrency: 1, ignore: ignoredPattern }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-    await fs.promises.writeFile(ignoredFilePath, 'ignoredjpg');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ]),
-      },
-    });
-
-    expect(checkBulkUpload).not.toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: ignoredFilePath,
-          }),
-        ]),
-      },
-    });
-  });
-
-  afterEach(async () => {
-    await fs.promises.rm(testFolder, { recursive: true, force: true });
-  });
-});
--- a/cli/src/commands/asset.ts
+++ b/cli/src/commands/asset.ts
@@ -1,9 +1,7 @@
 import {
  Action,
-  AssetBulkUploadCheckItem,
  AssetBulkUploadCheckResult,
-  AssetMediaResponseDto,
-  AssetMediaStatus,
+  AssetFileUploadResponseDto,
  addAssetsToAlbum,
  checkBulkUpload,
  createAlbum,
@@ -12,18 +10,13 @@ import {
  getSupportedMediaTypes,
 } from '@immich/sdk';
 import byteSize from 'byte-size';
-import { Matcher, watch as watchFs } from 'chokidar';
-import { MultiBar, Presets, SingleBar } from 'cli-progress';
+import { Presets, SingleBar } from 'cli-progress';
 import { chunk } from 'lodash-es';
-import micromatch from 'micromatch';
 import { Stats, createReadStream } from 'node:fs';
 import { stat, unlink } from 'node:fs/promises';
+import os from 'node:os';
 import path, { basename } from 'node:path';
-import { Queue } from 'src/queue';
-import { BaseOptions, Batcher, authenticate, crawl, sha1 } from 'src/utils';
-
-const UPLOAD_WATCH_BATCH_SIZE = 100;
-const UPLOAD_WATCH_DEBOUNCE_TIME_MS = 10_000;
+import { BaseOptions, authenticate, crawl, sha1 } from 'src/utils';

 const s = (count: number) => (count === 1 ? '' : 's');

@@ -31,9 +24,9 @@ const s = (count: number) => (count === 1 ? '' : 's');
 type AssetBulkUploadCheckResults = Array<AssetBulkUploadCheckResult & { id: string }>;
 type Asset = { id: string; filepath: string };

-export interface UploadOptionsDto {
+interface UploadOptionsDto {
  recursive?: boolean;
-  ignore?: string;
+  exclusionPatterns?: string[];
  dryRun?: boolean;
  skipHash?: boolean;
  delete?: boolean;
@@ -41,9 +34,6 @@ export interface UploadOptionsDto {
  albumName?: string;
  includeHidden?: boolean;
  concurrency: number;
-  progress?: boolean;
-  watch?: boolean;
-  jsonOutput?: boolean;
 }

 class UploadFile extends File {
@@ -63,100 +53,19 @@ class UploadFile extends File {
  }
 }

-const uploadBatch = async (files: string[], options: UploadOptionsDto) => {
-  const { newFiles, duplicates } = await checkForDuplicates(files, options);
-  const newAssets = await uploadFiles(newFiles, options);
-  if (options.jsonOutput) {
-    console.log(JSON.stringify({ newFiles, duplicates, newAssets }, undefined, 4));
-  }
-  await updateAlbums([...newAssets, ...duplicates], options);
-  await deleteFiles(
-    newAssets.map(({ filepath }) => filepath),
-    options,
-  );
-};
-
-export const startWatch = async (
-  paths: string[],
-  options: UploadOptionsDto,
-  {
-    batchSize = UPLOAD_WATCH_BATCH_SIZE,
-    debounceTimeMs = UPLOAD_WATCH_DEBOUNCE_TIME_MS,
-  }: { batchSize?: number; debounceTimeMs?: number } = {},
-) => {
-  const watcherIgnored: Matcher[] = [];
-  const { image, video } = await getSupportedMediaTypes();
-  const extensions = new Set([...image, ...video]);
-
-  if (options.ignore) {
-    watcherIgnored.push((path) => micromatch.contains(path, `**/${options.ignore}`));
-  }
-
-  const pathsBatcher = new Batcher<string>({
-    batchSize,
-    debounceTimeMs,
-    onBatch: async (paths: string[]) => {
-      const uniquePaths = [...new Set(paths)];
-      await uploadBatch(uniquePaths, options);
-    },
-  });
-
-  const onFile = async (path: string, stats?: Stats) => {
-    if (stats?.isDirectory()) {
-      return;
-    }
-    const ext = '.' + path.split('.').pop()?.toLowerCase();
-    if (!ext || !extensions.has(ext)) {
-      return;
-    }
-
-    if (!options.progress) {
-      // logging when progress is disabled as it can cause issues with the progress bar rendering
-      console.log(`Change detected: ${path}`);
-    }
-    pathsBatcher.add(path);
-  };
-  const fsWatcher = watchFs(paths, {
-    ignoreInitial: true,
-    ignored: watcherIgnored,
-    alwaysStat: true,
-    awaitWriteFinish: true,
-    depth: options.recursive ? undefined : 1,
-    persistent: true,
-  })
-    .on('add', onFile)
-    .on('change', onFile)
-    .on('error', (error) => console.error(`Watcher error: ${error}`));
-
-  process.on('SIGINT', async () => {
-    console.log('Exiting...');
-    await fsWatcher.close();
-    process.exit();
-  });
-};
-
 export const upload = async (paths: string[], baseOptions: BaseOptions, options: UploadOptionsDto) => {
  await authenticate(baseOptions);

  const scanFiles = await scan(paths, options);
-
  if (scanFiles.length === 0) {
-    if (options.watch) {
-      console.log('No files found initially.');
-    } else {
    console.log('No files found, exiting');
    return;
  }
-  }

-  if (options.watch) {
-    console.log('Watching for changes...');
-    await startWatch(paths, options);
-    // watcher does not handle the initial scan
-    // as the scan() is a more efficient quick start with batched results
-  }
-
-  await uploadBatch(scanFiles, options);
+  const { newFiles, duplicates } = await checkForDuplicates(scanFiles, options);
+  const newAssets = await uploadFiles(newFiles, options);
+  await updateAlbums([...newAssets, ...duplicates], options);
+  await deleteFiles(newFiles, options);
 };

 const scan = async (pathsToCrawl: string[], options: UploadOptionsDto) => {
@@ -166,7 +75,7 @@ const scan = async (pathsToCrawl: string[], options: UploadOptionsDto) => {
  const files = await crawl({
    pathsToCrawl,
    recursive: options.recursive,
-    exclusionPattern: options.ignore,
+    exclusionPatterns: options.exclusionPatterns,
    includeHidden: options.includeHidden,
    extensions: [...image, ...video],
  });
@@ -174,102 +83,48 @@ const scan = async (pathsToCrawl: string[], options: UploadOptionsDto) => {
  return files;
 };

-export const checkForDuplicates = async (files: string[], { concurrency, skipHash, progress }: UploadOptionsDto) => {
+const checkForDuplicates = async (files: string[], { concurrency, skipHash }: UploadOptionsDto) => {
  if (skipHash) {
    console.log('Skipping hash check, assuming all files are new');
    return { newFiles: files, duplicates: [] };
  }

-  let multiBar: MultiBar | undefined;
-
-  if (progress) {
-    multiBar = new MultiBar(
-      { format: '{message} | {bar} | {percentage}% | ETA: {eta}s | {value}/{total} assets' },
+  const progressBar = new SingleBar(
+    { format: 'Checking files | {bar} | {percentage}% | ETA: {eta}s | {value}/{total} assets' },
    Presets.shades_classic,
  );
-  } else {
-    console.log(`Received ${files.length} files, hashing...`);
-  }

-  const hashProgressBar = multiBar?.create(files.length, 0, { message: 'Hashing files          ' });
-  const checkProgressBar = multiBar?.create(files.length, 0, { message: 'Checking for duplicates' });
+  progressBar.start(files.length, 0);

  const newFiles: string[] = [];
  const duplicates: Asset[] = [];

-  const checkBulkUploadQueue = new Queue<AssetBulkUploadCheckItem[], void>(
-    async (assets: AssetBulkUploadCheckItem[]) => {
-      const response = await checkBulkUpload({ assetBulkUploadCheckDto: { assets } });
+  try {
+    // TODO refactor into a queue
+    for (const items of chunk(files, concurrency)) {
+      const dto = await Promise.all(items.map(async (filepath) => ({ id: filepath, checksum: await sha1(filepath) })));
+      const { results } = await checkBulkUpload({ assetBulkUploadCheckDto: { assets: dto } });

-      const results = response.results as AssetBulkUploadCheckResults;
-
-      for (const { id: filepath, assetId, action } of results) {
+      for (const { id: filepath, assetId, action } of results as AssetBulkUploadCheckResults) {
        if (action === Action.Accept) {
          newFiles.push(filepath);
        } else {
          // rejects are always duplicates
          duplicates.push({ id: assetId as string, filepath });
        }
+        progressBar.increment();
      }
-
-      checkProgressBar?.increment(assets.length);
-    },
-    { concurrency, retry: 3 },
-  );
-
-  const results: { id: string; checksum: string }[] = [];
-  let checkBulkUploadRequests: AssetBulkUploadCheckItem[] = [];
-
-  const queue = new Queue<string, AssetBulkUploadCheckItem[]>(
-    async (filepath: string): Promise<AssetBulkUploadCheckItem[]> => {
-      const dto = { id: filepath, checksum: await sha1(filepath) };
-
-      results.push(dto);
-      checkBulkUploadRequests.push(dto);
-      if (checkBulkUploadRequests.length === 5000) {
-        const batch = checkBulkUploadRequests;
-        checkBulkUploadRequests = [];
-        void checkBulkUploadQueue.push(batch);
    }
-
-      hashProgressBar?.increment();
-      return results;
-    },
-    { concurrency, retry: 3 },
-  );
-
-  for (const item of files) {
-    void queue.push(item);
+  } finally {
+    progressBar.stop();
  }

-  await queue.drained();
-
-  if (checkBulkUploadRequests.length > 0) {
-    void checkBulkUploadQueue.push(checkBulkUploadRequests);
-  }
-
-  await checkBulkUploadQueue.drained();
-
-  multiBar?.stop();
-
  console.log(`Found ${newFiles.length} new files and ${duplicates.length} duplicate${s(duplicates.length)}`);

-  // Report failures
-  const failedTasks = queue.tasks.filter((task) => task.status === 'failed');
-  if (failedTasks.length > 0) {
-    console.log(`Failed to verify ${failedTasks.length} file${s(failedTasks.length)}:`);
-    for (const task of failedTasks) {
-      console.log(`- ${task.data} - ${task.error}`);
-    }
-  }
-
  return { newFiles, duplicates };
 };

-export const uploadFiles = async (
-  files: string[],
-  { dryRun, concurrency, progress }: UploadOptionsDto,
-): Promise<Asset[]> => {
+const uploadFiles = async (files: string[], { dryRun, concurrency }: UploadOptionsDto): Promise<Asset[]> => {
  if (files.length === 0) {
    console.log('All assets were already uploaded, nothing to do.');
    return [];
@@ -286,23 +141,15 @@ export const uploadFiles = async (

  if (dryRun) {
    console.log(`Would have uploaded ${files.length} asset${s(files.length)} (${byteSize(totalSize)})`);
-    return files.map((filepath) => ({ id: '', filepath }));
+    return [];
  }

-  let uploadProgress: SingleBar | undefined;
-
-  if (progress) {
-    uploadProgress = new SingleBar(
-      {
-        format: 'Uploading assets | {bar} | {percentage}% | ETA: {eta_formatted} | {value_formatted}/{total_formatted}',
-      },
+  const uploadProgress = new SingleBar(
+    { format: 'Uploading assets | {bar} | {percentage}% | ETA: {eta_formatted} | {value_formatted}/{total_formatted}' },
    Presets.shades_classic,
  );
-  } else {
-    console.log(`Uploading ${files.length} asset${s(files.length)} (${byteSize(totalSize)})`);
-  }
-  uploadProgress?.start(totalSize, 0);
-  uploadProgress?.update({ value_formatted: 0, total_formatted: byteSize(totalSize) });
+  uploadProgress.start(totalSize, 0);
+  uploadProgress.update({ value_formatted: 0, total_formatted: byteSize(totalSize) });

  let duplicateCount = 0;
  let duplicateSize = 0;
@@ -311,16 +158,16 @@ export const uploadFiles = async (

  const newAssets: Asset[] = [];

-  const queue = new Queue<string, AssetMediaResponseDto>(
-    async (filepath: string) => {
-      const stats = statsMap.get(filepath);
-      if (!stats) {
-        throw new Error(`Stats not found for ${filepath}`);
-      }
-
+  try {
+    for (const items of chunk(files, concurrency)) {
+      await Promise.all(
+        items.map(async (filepath) => {
+          const stats = statsMap.get(filepath) as Stats;
          const response = await uploadFile(filepath, stats);
+
          newAssets.push({ id: response.id, filepath });
-      if (response.status === AssetMediaStatus.Duplicate) {
+
+          if (response.duplicate) {
            duplicateCount++;
            duplicateSize += stats.size ?? 0;
          } else {
@@ -328,39 +175,24 @@ export const uploadFiles = async (
            successSize += stats.size ?? 0;
          }

-      uploadProgress?.update(successSize, { value_formatted: byteSize(successSize + duplicateSize) });
+          uploadProgress.update(successSize, { value_formatted: byteSize(successSize + duplicateSize) });

          return response;
-    },
-    { concurrency, retry: 3 },
+        }),
      );
-
-  for (const item of files) {
-    void queue.push(item);
    }
-
-  await queue.drained();
-
-  uploadProgress?.stop();
+  } finally {
+    uploadProgress.stop();
+  }

  console.log(`Successfully uploaded ${successCount} new asset${s(successCount)} (${byteSize(successSize)})`);
  if (duplicateCount > 0) {
    console.log(`Skipped ${duplicateCount} duplicate asset${s(duplicateCount)} (${byteSize(duplicateSize)})`);
  }
-
-  // Report failures
-  const failedTasks = queue.tasks.filter((task) => task.status === 'failed');
-  if (failedTasks.length > 0) {
-    console.log(`Failed to upload ${failedTasks.length} asset${s(failedTasks.length)}:`);
-    for (const task of failedTasks) {
-      console.log(`- ${task.data} - ${task.error}`);
-    }
-  }
-
  return newAssets;
 };

-const uploadFile = async (input: string, stats: Stats): Promise<AssetMediaResponseDto> => {
+const uploadFile = async (input: string, stats: Stats): Promise<AssetFileUploadResponseDto> => {
  const { baseUrl, headers } = defaults;

  const assetPath = path.parse(input);
@@ -393,7 +225,7 @@ const uploadFile = async (input: string, stats: Stats): Promise<AssetMediaRespon
    formData.append('sidecarData', sidecarData);
  }

-  const response = await fetch(`${baseUrl}/assets`, {
+  const response = await fetch(`${baseUrl}/asset/upload`, {
    method: 'post',
    redirect: 'error',
    headers: headers as Record<string, string>,
@@ -412,7 +244,7 @@ const deleteFiles = async (files: string[], options: UploadOptionsDto): Promise<
  }

  if (options.dryRun) {
-    console.log(`Would have deleted ${files.length} local asset${s(files.length)}`);
+    console.log(`Would now have deleted assets, but skipped due to dry run`);
    return;
  }

@@ -453,7 +285,7 @@ const updateAlbums = async (assets: Asset[], options: UploadOptionsDto) => {
  if (dryRun) {
    // TODO print asset counts for new albums
    console.log(`Would have created ${newAlbums.size} new album${s(newAlbums.size)}`);
-    console.log(`Would have updated albums of ${assets.length} asset${s(assets.length)}`);
+    console.log(`Would have updated ${assets.length} asset${s(assets.length)}`);
    return;
  }

@@ -513,9 +345,7 @@ const updateAlbums = async (assets: Asset[], options: UploadOptionsDto) => {
  }
 };

-// `filepath` valid format:
-// - Windows: `D:\\test\\Filename.txt` or `D:/test/Filename.txt`
-// - Unix: `/test/Filename.txt`
-export const getAlbumName = (filepath: string, options: UploadOptionsDto) => {
-  return options.albumName ?? path.basename(path.dirname(filepath));
+const getAlbumName = (filepath: string, options: UploadOptionsDto) => {
+  const folderName = os.platform() === 'win32' ? filepath.split('\\').at(-2) : filepath.split('/').at(-2);
+  return options.albumName ?? folderName;
 };
--- a/cli/src/commands/auth.ts
+++ b/cli/src/commands/auth.ts
@@ -1,4 +1,4 @@
-import { getMyUser } from '@immich/sdk';
+import { getMyUserInfo } from '@immich/sdk';
 import { existsSync } from 'node:fs';
 import { mkdir, unlink } from 'node:fs/promises';
 import { BaseOptions, connect, getAuthFilePath, logError, withError, writeAuthFile } from 'src/utils';
@@ -10,13 +10,13 @@ export const login = async (url: string, key: string, options: BaseOptions) => {

  await connect(url, key);

-  const [error, user] = await withError(getMyUser());
+  const [error, userInfo] = await withError(getMyUserInfo());
  if (error) {
    logError(error, 'Failed to load user info');
    process.exit(1);
  }

-  console.log(`Logged in as ${user.email}`);
+  console.log(`Logged in as ${userInfo.email}`);

  if (!existsSync(configDir)) {
    // Create config folder if it doesn't exist
--- a/cli/src/commands/server-info.ts
+++ b/cli/src/commands/server-info.ts
@@ -1,4 +1,4 @@
-import { getAssetStatistics, getMyUser, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
+import { getAssetStatistics, getMyUserInfo, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
 import { BaseOptions, authenticate } from 'src/utils';

 export const serverInfo = async (options: BaseOptions) => {
@@ -8,7 +8,7 @@ export const serverInfo = async (options: BaseOptions) => {
    getServerVersion(),
    getSupportedMediaTypes(),
    getAssetStatistics({}),
-    getMyUser(),
+    getMyUserInfo(),
  ]);

  console.log(`Server Info (via ${userInfo.email})`);
--- a/cli/src/index.ts
+++ b/cli/src/index.ts
@@ -44,7 +44,7 @@ program
  .description('Upload assets')
  .usage('[paths...] [options]')
  .addOption(new Option('-r, --recursive', 'Recursive').env('IMMICH_RECURSIVE').default(false))
-  .addOption(new Option('-i, --ignore <pattern>', 'Pattern to ignore').env('IMMICH_IGNORE_PATHS'))
+  .addOption(new Option('-i, --ignore [paths...]', 'Paths to ignore').env('IMMICH_IGNORE_PATHS').default([]))
  .addOption(new Option('-h, --skip-hash', "Don't hash files before upload").env('IMMICH_SKIP_HASH').default(false))
  .addOption(new Option('-H, --include-hidden', 'Include hidden folders').env('IMMICH_INCLUDE_HIDDEN').default(false))
  .addOption(
@@ -60,27 +60,14 @@ program
  .addOption(
    new Option('-n, --dry-run', "Don't perform any actions, just show what will be done")
      .env('IMMICH_DRY_RUN')
-      .default(false)
-      .conflicts('skipHash'),
+      .default(false),
  )
  .addOption(
    new Option('-c, --concurrency <number>', 'Number of assets to upload at the same time')
      .env('IMMICH_UPLOAD_CONCURRENCY')
      .default(4),
  )
-  .addOption(
-    new Option('-j, --json-output', 'Output detailed information in json format')
-      .env('IMMICH_JSON_OUTPUT')
-      .default(false),
-  )
  .addOption(new Option('--delete', 'Delete local assets after upload').env('IMMICH_DELETE_ASSETS'))
-  .addOption(new Option('--no-progress', 'Hide progress bars').env('IMMICH_PROGRESS_BAR').default(true))
-  .addOption(
-    new Option('--watch', 'Watch for changes and upload automatically')
-      .env('IMMICH_WATCH_CHANGES')
-      .default(false)
-      .implies({ progress: false }),
-  )
  .argument('[paths...]', 'One or more paths to assets to be uploaded')
  .action((paths, options) => upload(paths, program.opts(), options));

--- a/cli/src/queue.ts
+++ b/cli/src/queue.ts
@@ -1,131 +0,0 @@
-import * as fastq from 'fastq';
-import { uniqueId } from 'lodash-es';
-
-export type Task<T, R> = {
-  readonly id: string;
-  status: 'idle' | 'processing' | 'succeeded' | 'failed';
-  data: T;
-  error: unknown | undefined;
-  count: number;
-  // TODO: Could be useful to adding progress property.
-  // TODO: Could be useful to adding start_at/end_at/duration properties.
-  result: undefined | R;
-};
-
-export type QueueOptions = {
-  verbose?: boolean;
-  concurrency?: number;
-  retry?: number;
-  // TODO: Could be useful to adding timeout property for retry.
-};
-
-export type ComputedQueueOptions = Required<QueueOptions>;
-
-export const defaultQueueOptions = {
-  concurrency: 1,
-  retry: 0,
-  verbose: false,
-};
-
-/**
- * An in-memory queue that processes tasks in parallel with a given concurrency.
- * @see {@link https://www.npmjs.com/package/fastq}
- * @template T - The type of the worker task data.
- * @template R - The type of the worker output data.
- */
-export class Queue<T, R> {
-  private readonly queue: fastq.queueAsPromised<string, Task<T, R>>;
-  private readonly store = new Map<string, Task<T, R>>();
-  readonly options: ComputedQueueOptions;
-  readonly worker: (data: T) => Promise<R>;
-
-  /**
-   * Create a new queue.
-   * @param worker - The worker function that processes the task.
-   * @param options - The queue options.
-   */
-  constructor(worker: (data: T) => Promise<R>, options?: QueueOptions) {
-    this.options = { ...defaultQueueOptions, ...options };
-    this.worker = worker;
-    this.store = new Map<string, Task<T, R>>();
-    this.queue = this.buildQueue();
-  }
-
-  get tasks(): Task<T, R>[] {
-    const tasks: Task<T, R>[] = [];
-    for (const task of this.store.values()) {
-      tasks.push(task);
-    }
-    return tasks;
-  }
-
-  getTask(id: string): Task<T, R> {
-    const task = this.store.get(id);
-    if (!task) {
-      throw new Error(`Task with id ${id} not found`);
-    }
-    return task;
-  }
-
-  /**
-   * Wait for the queue to be empty.
-   * @returns Promise<void> - The returned Promise will be resolved when all tasks in the queue have been processed by a worker.
-   * This promise could be ignored as it will not lead to a `unhandledRejection`.
-   */
-  drained(): Promise<void> {
-    return this.queue.drained();
-  }
-
-  /**
-   * Add a task at the end of the queue.
-   * @see {@link https://www.npmjs.com/package/fastq}
-   * @param data
-   * @returns Promise<void> - A Promise that will be fulfilled (rejected) when the task is completed successfully (unsuccessfully).
-   * This promise could be ignored as it will not lead to a `unhandledRejection`.
-   */
-  async push(data: T): Promise<Task<T, R>> {
-    const id = uniqueId();
-    const task: Task<T, R> = { id, status: 'idle', error: undefined, count: 0, data, result: undefined };
-    this.store.set(id, task);
-    return this.queue.push(id);
-  }
-
-  // TODO: Support more function delegation to fastq.
-
-  private buildQueue(): fastq.queueAsPromised<string, Task<T, R>> {
-    return fastq.promise((id: string) => {
-      const task = this.getTask(id);
-      return this.work(task);
-    }, this.options.concurrency);
-  }
-
-  private async work(task: Task<T, R>): Promise<Task<T, R>> {
-    task.count += 1;
-    task.error = undefined;
-    task.status = 'processing';
-    if (this.options.verbose) {
-      console.log('[task] processing:', task);
-    }
-    try {
-      task.result = await this.worker(task.data);
-      task.status = 'succeeded';
-      if (this.options.verbose) {
-        console.log('[task] succeeded:', task);
-      }
-      return task;
-    } catch (error) {
-      task.error = error;
-      task.status = 'failed';
-      if (this.options.verbose) {
-        console.log('[task] failed:', task);
-      }
-      if (this.options.retry > 0 && task.count < this.options.retry) {
-        if (this.options.verbose) {
-          console.log('[task] retry:', task);
-        }
-        return this.work(task);
-      }
-      return task;
-    }
-  }
-}
--- a/cli/src/utils.spec.ts
+++ b/cli/src/utils.spec.ts
@@ -1,21 +1,14 @@
 import mockfs from 'mock-fs';
-import { readFileSync } from 'node:fs';
-import { Batcher, CrawlOptions, crawl } from 'src/utils';
-import { Mock } from 'vitest';
+import { CrawlOptions, crawl } from 'src/utils';

 interface Test {
  test: string;
  options: Omit<CrawlOptions, 'extensions'>;
  files: Record<string, boolean>;
-  skipOnWin32?: boolean;
 }

 const cwd = process.cwd();

-const readContent = (path: string) => {
-  return readFileSync(path).toString();
-};
-
 const extensions = [
  '.jpg',
  '.jpeg',
@@ -50,18 +43,6 @@ const tests: Test[] = [
      '/photos/image.jpg': true,
    },
  },
-  {
-    test: 'should crawl folders with quotes',
-    options: {
-      pathsToCrawl: ["/photo's/", '/photo"s/', '/photo`s/'],
-    },
-    files: {
-      "/photo's/image1.jpg": true,
-      '/photo"s/image2.jpg': true,
-      '/photo`s/image3.jpg': true,
-    },
-    skipOnWin32: true, // single quote interferes with mockfs root on Windows
-  },
  {
    test: 'should crawl a single file',
    options: {
@@ -85,7 +66,7 @@ const tests: Test[] = [
    test: 'should exclude by file extension',
    options: {
      pathsToCrawl: ['/photos/'],
-      exclusionPattern: '**/*.tif',
+      exclusionPatterns: ['**/*.tif'],
    },
    files: {
      '/photos/image.jpg': true,
@@ -96,7 +77,7 @@ const tests: Test[] = [
    test: 'should exclude by file extension without case sensitivity',
    options: {
      pathsToCrawl: ['/photos/'],
-      exclusionPattern: '**/*.TIF',
+      exclusionPatterns: ['**/*.TIF'],
    },
    files: {
      '/photos/image.jpg': true,
@@ -107,7 +88,7 @@ const tests: Test[] = [
    test: 'should exclude by folder',
    options: {
      pathsToCrawl: ['/photos/'],
-      exclusionPattern: '**/raw/**',
+      exclusionPatterns: ['**/raw/**'],
      recursive: true,
    },
    files: {
@@ -129,7 +110,17 @@ const tests: Test[] = [
      '/albums/image3.jpg': true,
    },
  },
-
+  {
+    test: 'should support globbing paths',
+    options: {
+      pathsToCrawl: ['/photos*'],
+    },
+    files: {
+      '/photos1/image1.jpg': true,
+      '/photos2/image2.jpg': true,
+      '/images/image3.jpg': false,
+    },
+  },
  {
    test: 'should crawl a single path without trailing slash',
    options: {
@@ -227,7 +218,7 @@ const tests: Test[] = [
    test: 'should support ignoring full filename',
    options: {
      pathsToCrawl: ['/photos'],
-      exclusionPattern: '**/image2.jpg',
+      exclusionPatterns: ['**/image2.jpg'],
    },
    files: {
      '/photos/image1.jpg': true,
@@ -239,7 +230,7 @@ const tests: Test[] = [
    test: 'should support ignoring file extensions',
    options: {
      pathsToCrawl: ['/photos'],
-      exclusionPattern: '**/*.png',
+      exclusionPatterns: ['**/*.png'],
    },
    files: {
      '/photos/image1.jpg': true,
@@ -252,7 +243,7 @@ const tests: Test[] = [
    options: {
      pathsToCrawl: ['/photos'],
      recursive: true,
-      exclusionPattern: '**/raw/**',
+      exclusionPatterns: ['**/raw/**'],
    },
    files: {
      '/photos/image1.jpg': true,
@@ -265,10 +256,9 @@ const tests: Test[] = [
  {
    test: 'should support ignoring absolute paths',
    options: {
-      // Currently, fast-glob has some caveat when dealing with `/`.
-      pathsToCrawl: ['/*s'],
+      pathsToCrawl: ['/'],
      recursive: true,
-      exclusionPattern: '/images/**',
+      exclusionPatterns: ['/images/**'],
    },
    files: {
      '/photos/image1.jpg': true,
@@ -284,58 +274,17 @@ describe('crawl', () => {
  });

  describe('crawl', () => {
-    for (const { test: name, options, files, skipOnWin32 } of tests) {
-      if (process.platform === 'win32' && skipOnWin32) {
-        test.skip(name);
-        continue;
-      }
-      it(name, async () => {
-        // The file contents is the same as the path.
-        mockfs(Object.fromEntries(Object.keys(files).map((file) => [file, file])));
+    for (const { test, options, files } of tests) {
+      it(test, async () => {
+        mockfs(Object.fromEntries(Object.keys(files).map((file) => [file, ''])));

        const actual = await crawl({ ...options, extensions });
        const expected = Object.entries(files)
          .filter((entry) => entry[1])
          .map(([file]) => file);

-        // Compare file's content instead of path since a file can be represent in multiple ways.
-        expect(actual.map((path) => readContent(path)).sort()).toEqual(expected.sort());
+        expect(actual.sort()).toEqual(expected.sort());
      });
    }
  });
 });
-
-describe('Batcher', () => {
-  let batcher: Batcher;
-  let onBatch: Mock;
-  beforeEach(() => {
-    onBatch = vi.fn();
-    batcher = new Batcher({ batchSize: 2, onBatch });
-  });
-
-  it('should trigger onBatch() when a batch limit is reached', async () => {
-    batcher.add('a');
-    batcher.add('b');
-    batcher.add('c');
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a', 'b']);
-  });
-
-  it('should trigger onBatch() when flush() is called', async () => {
-    batcher.add('a');
-    batcher.flush();
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a']);
-  });
-
-  it('should trigger onBatch() when debounce time reached', async () => {
-    vi.useFakeTimers();
-    batcher = new Batcher({ batchSize: 2, debounceTimeMs: 100, onBatch });
-    batcher.add('a');
-    expect(onBatch).not.toHaveBeenCalled();
-    vi.advanceTimersByTime(200);
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a']);
-    vi.useRealTimers();
-  });
-});
--- a/cli/src/utils.ts
+++ b/cli/src/utils.ts
@@ -1,10 +1,9 @@
-import { getMyUser, init, isHttpError } from '@immich/sdk';
-import { convertPathToPattern, glob } from 'fast-glob';
+import { defaults, getMyUserInfo, isHttpError } from '@immich/sdk';
+import { glob } from 'glob';
 import { createHash } from 'node:crypto';
 import { createReadStream } from 'node:fs';
 import { readFile, stat, writeFile } from 'node:fs/promises';
-import { platform } from 'node:os';
-import { join, resolve } from 'node:path';
+import { join } from 'node:path';
 import yaml from 'yaml';

 export interface BaseOptions {
@@ -47,9 +46,10 @@ export const connect = async (url: string, key: string) => {
    // noop
  }

-  init({ baseUrl: url, apiKey: key });
+  defaults.baseUrl = url;
+  defaults.headers = { 'x-api-key': key };

-  const [error] = await withError(getMyUser());
+  const [error] = await withError(getMyUserInfo());
  if (isHttpError(error)) {
    logError(error, 'Failed to connect to server');
    process.exit(1);
@@ -104,16 +104,11 @@ export interface CrawlOptions {
  pathsToCrawl: string[];
  recursive?: boolean;
  includeHidden?: boolean;
-  exclusionPattern?: string;
+  exclusionPatterns?: string[];
  extensions: string[];
 }
-
-const convertPathToPatternOnWin = (path: string) => {
-  return platform() === 'win32' ? convertPathToPattern(path) : path;
-};
-
 export const crawl = async (options: CrawlOptions): Promise<string[]> => {
-  const { extensions: extensionsWithPeriod, recursive, pathsToCrawl, exclusionPattern, includeHidden } = options;
+  const { extensions: extensionsWithPeriod, recursive, pathsToCrawl, exclusionPatterns, includeHidden } = options;
  const extensions = extensionsWithPeriod.map((extension) => extension.replace('.', ''));

  if (pathsToCrawl.length === 0) {
@@ -125,42 +120,45 @@ export const crawl = async (options: CrawlOptions): Promise<string[]> => {

  for await (const currentPath of pathsToCrawl) {
    try {
-      const absolutePath = resolve(currentPath);
-      const stats = await stat(absolutePath);
+      const stats = await stat(currentPath);
      if (stats.isFile() || stats.isSymbolicLink()) {
-        crawledFiles.push(absolutePath);
+        crawledFiles.push(currentPath);
      } else {
-        patterns.push(convertPathToPatternOnWin(absolutePath));
+        patterns.push(currentPath);
      }
    } catch (error: any) {
      if (error.code === 'ENOENT') {
-        patterns.push(convertPathToPatternOnWin(currentPath));
+        patterns.push(currentPath);
      } else {
        throw error;
      }
    }
  }

-  if (patterns.length === 0) {
+  let searchPattern: string;
+  if (patterns.length === 1) {
+    searchPattern = patterns[0];
+  } else if (patterns.length === 0) {
    return crawledFiles;
+  } else {
+    searchPattern = '{' + patterns.join(',') + '}';
  }

-  const searchPatterns = patterns.map((pattern) => {
-    let escapedPattern = pattern.replaceAll("'", "[']").replaceAll('"', '["]').replaceAll('`', '[`]');
  if (recursive) {
-      escapedPattern = escapedPattern + '/**';
+    searchPattern = searchPattern + '/**/';
  }
-    return `${escapedPattern}/*.{${extensions.join(',')}}`;
+
+  searchPattern = `${searchPattern}/*.{${extensions.join(',')}}`;
+
+  const globbedFiles = await glob(searchPattern, {
+    absolute: true,
+    nocase: true,
+    nodir: true,
+    dot: includeHidden,
+    ignore: exclusionPatterns,
  });

-  const globbedFiles = await glob(searchPatterns, {
-    absolute: true,
-    caseSensitiveMatch: false,
-    dot: includeHidden,
-    ignore: [`**/${exclusionPattern}`],
-  });
-  globbedFiles.push(...crawledFiles);
-  return globbedFiles.sort();
+  return [...crawledFiles, ...globbedFiles].sort();
 };

 export const sha1 = (filepath: string) => {
@@ -172,64 +170,3 @@ export const sha1 = (filepath: string) => {
    rs.on('end', () => resolve(hash.digest('hex')));
  });
 };
-
-/**
- * Batches items and calls onBatch to process them
- * when the batch size is reached or the debounce time has passed.
- */
-export class Batcher<T = unknown> {
-  private items: T[] = [];
-  private readonly batchSize: number;
-  private readonly debounceTimeMs?: number;
-  private readonly onBatch: (items: T[]) => void;
-  private debounceTimer?: NodeJS.Timeout;
-
-  constructor({
-    batchSize,
-    debounceTimeMs,
-    onBatch,
-  }: {
-    batchSize: number;
-    debounceTimeMs?: number;
-    onBatch: (items: T[]) => Promise<void>;
-  }) {
-    this.batchSize = batchSize;
-    this.debounceTimeMs = debounceTimeMs;
-    this.onBatch = onBatch;
-  }
-
-  private setDebounceTimer() {
-    if (this.debounceTimer) {
-      clearTimeout(this.debounceTimer);
-    }
-    if (this.debounceTimeMs) {
-      this.debounceTimer = setTimeout(() => this.flush(), this.debounceTimeMs);
-    }
-  }
-
-  private clearDebounceTimer() {
-    if (this.debounceTimer) {
-      clearTimeout(this.debounceTimer);
-      this.debounceTimer = undefined;
-    }
-  }
-
-  add(item: T) {
-    this.items.push(item);
-    this.setDebounceTimer();
-    if (this.items.length >= this.batchSize) {
-      this.flush();
-    }
-  }
-
-  flush() {
-    this.clearDebounceTimer();
-    if (this.items.length === 0) {
-      return;
-    }
-
-    this.onBatch(this.items);
-
-    this.items = [];
-  }
-}
--- a/cli/src/version.ts
+++ b/cli/src/version.ts
@@ -0,0 +1,37 @@
+import { version } from '../package.json';
+
+export interface ICliVersion {
+  major: number;
+  minor: number;
+  patch: number;
+}
+
+export class CliVersion implements ICliVersion {
+  constructor(
+    public readonly major: number,
+    public readonly minor: number,
+    public readonly patch: number,
+  ) {}
+
+  toString() {
+    return `${this.major}.${this.minor}.${this.patch}`;
+  }
+
+  toJSON() {
+    const { major, minor, patch } = this;
+    return { major, minor, patch };
+  }
+
+  static fromString(version: string): CliVersion {
+    const regex = /v?(?<major>\d+)\.(?<minor>\d+)\.(?<patch>\d+)/i;
+    const matchResult = version.match(regex);
+    if (matchResult) {
+      const [, major, minor, patch] = matchResult.map(Number);
+      return new CliVersion(major, minor, patch);
+    } else {
+      throw new Error(`Invalid version format: ${version}`);
+    }
+  }
+}
+
+export const cliVersion = CliVersion.fromString(version);
--- a/cli/vite.config.ts
+++ b/cli/vite.config.ts
@@ -2,7 +2,6 @@ import { defineConfig } from 'vite';
 import tsconfigPaths from 'vite-tsconfig-paths';

 export default defineConfig({
-  resolve: { alias: { src: '/src' } },
  build: {
    rollupOptions: {
      input: 'src/index.ts',
--- a/deployment/.gitignore
+++ b/deployment/.gitignore
@@ -1,38 +0,0 @@
-# OpenTofu
-
-# Local .terraform directories
-**/.terraform/*
-
-# .tfstate files
-*.tfstate
-*.tfstate.*
-
-# Crash log files
-crash.log
-crash.*.log
-
-# Ignore override files as they are usually used to override resources locally and so
-# are not checked in
-override.tf
-override.tf.json
-*_override.tf
-*_override.tf.json
-
-# Include override files you do wish to add to version control using negated pattern
-# !example_override.tf
-
-# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
-# example: *tfplan*
-
-# Ignore CLI configuration files
-.terraformrc
-terraform.rc
-
-# Terragrunt
-
-# terragrunt cache directories
-**/.terragrunt-cache/*
-
-# Terragrunt debug output file (when using `--terragrunt-debug` option)
-# See: https://terragrunt.gruntwork.io/docs/reference/cli-options/#terragrunt-debug
-terragrunt-debug.tfvars.json
--- a/deployment/modules/cloudflare/docs-release/.terraform.lock.hcl
+++ b/deployment/modules/cloudflare/docs-release/.terraform.lock.hcl
@@ -1,38 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.52.0"
-  constraints = "4.52.0"
-  hashes = [
-    "h1:2BEJyXJtYC4B4nda/WCYUmuJYDaYk88F8t1pwPzr0iQ=",
-    "h1:4IASk5SESeWKQ7JU0+M7KApuF5mZyklvwMXPBabim3c=",
-    "h1:5ImZxxALSnWfH/4EXw/wFirSmk5Tr0ACmcysy51AafE=",
-    "h1:6TJ3dxLSin4ZKBJLsZDn95H2ZYnGm8S7GGHvvXuuMQU=",
-    "h1:IzTUjg9kQ4N3qizP9CjYLeHwjsuGgtxwXvfUQWyOLcA=",
-    "h1:NTaOQfYINA0YTG/V1/9+SYtgX1it63+cBugj4WK4FWc=",
-    "h1:PXH48LuJn329sCfMXprdMDk51EZaWFyajVvS03qhQLs=",
-    "h1:Pi5M+GeoMSN2eJ6QnIeXjBf19O+rby/74CfB2ocpv20=",
-    "h1:ShXZ2ZjBvm3thfoPPzPT8+OhyismnydQVkUAfI8X12w=",
-    "h1:WQ9hu0Wge2msBbODfottCSKgu8oKUrw4Opz+fDPVVHk=",
-    "h1:Z5yXML2DE0uH9UU+M0ut9JMQAORcwVZz1CxBHzeBmao=",
-    "h1:jqI2qKknpleS3JDSplyGYHMu0u9K/tor1ZOjFwDgEMk=",
-    "h1:kgfutDh14Q5nw4eg6qGFamFxIiY8Ae0FPKRBLDOzpcI=",
-    "h1:zCAO7GZmfYhWb+i6TfqlqhMeDyPZWGio2IzEzAh3YTs=",
-    "zh:19be1a91c982b902c42aba47766860dfa5dc151eed1e95fd39ca642229381ef0",
-    "zh:1de451c4d1ecf7efbe67b6dace3426ba810711afdd644b0f1b870364c8ae91f8",
-    "zh:352b4a2120173298622e669258744554339d959ac3a95607b117a48ee4a83238",
-    "zh:3c6f1346d9154afbd2d558fabb4b0150fc8d559aa961254144fe1bc17fe6032f",
-    "zh:4c4c92d53fb535b1e0eff26f222bbd627b97d3b4c891ec9c321268676d06152f",
-    "zh:53276f68006c9ceb7cdb10a6ccf91a5c1eadd1407a28edb5741e84e88d7e29e8",
-    "zh:7925a97773948171a63d4f65bb81ee92fd6d07a447e36012977313293a5435c9",
-    "zh:7dfb0a4496cfe032437386d0a2cd9229a1956e9c30bd920923c141b0f0440060",
-    "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:8d4aa79f0a414bb4163d771063c70cd991c8fac6c766e685bac2ee12903c5bd6",
-    "zh:a67540c13565616a7e7e51ee9366e88b0dc60046e1d75c72680e150bd02725bb",
-    "zh:a936383a4767f5393f38f622e92bf2d0c03fe04b69c284951f27345766c7b31b",
-    "zh:d4887d73c466ff036eecf50ad6404ba38fd82ea4855296b1846d244b0f13c380",
-    "zh:e9093c8bd5b6cd99c81666e315197791781b8f93afa14fc2e0f732d1bb2a44b7",
-    "zh:efd3b3f1ec59a37f635aa1d4efcf178734c2fcf8ddb0d56ea690bec342da8672",
-  ]
-}
--- a/deployment/modules/cloudflare/docs-release/config.tf
+++ b/deployment/modules/cloudflare/docs-release/config.tf
@@ -1,11 +0,0 @@
-terraform {
-  backend "pg" {}
-  required_version = "~> 1.7"
-
-  required_providers {
-    cloudflare = {
-      source = "cloudflare/cloudflare"
-      version = "4.52.0"
-    }
-  }
-}
--- a/deployment/modules/cloudflare/docs-release/domain.tf
+++ b/deployment/modules/cloudflare/docs-release/domain.tf
@@ -1,14 +0,0 @@
-resource "cloudflare_pages_domain" "immich_app_release_domain" {
-  account_id   = var.cloudflare_account_id
-  project_name = data.terraform_remote_state.cloudflare_account.outputs.immich_app_archive_pages_project_name
-  domain       = "immich.app"
-}
-
-resource "cloudflare_record" "immich_app_release_domain" {
-  name = "immich.app"
-  proxied = true
-  ttl = 1
-  type = "CNAME"
-  content = data.terraform_remote_state.cloudflare_immich_app_docs.outputs.immich_app_branch_pages_hostname
-  zone_id = data.terraform_remote_state.cloudflare_account.outputs.immich_app_zone_id
-}
--- a/deployment/modules/cloudflare/docs-release/providers.tf
+++ b/deployment/modules/cloudflare/docs-release/providers.tf
@@ -1,3 +0,0 @@
-provider "cloudflare" {
-  api_token = data.terraform_remote_state.api_keys_state.outputs.terraform_key_cloudflare_docs
-}
--- a/deployment/modules/cloudflare/docs-release/remote-state.tf
+++ b/deployment/modules/cloudflare/docs-release/remote-state.tf
@@ -1,27 +0,0 @@
-data "terraform_remote_state" "api_keys_state" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_api_keys"
-  }
-}
-
-data "terraform_remote_state" "cloudflare_account" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_account"
-  }
-}
-
-data "terraform_remote_state" "cloudflare_immich_app_docs" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_immich_app_docs_${var.prefix_name}"
-  }
-}
-
--- a/deployment/modules/cloudflare/docs-release/terragrunt.hcl
+++ b/deployment/modules/cloudflare/docs-release/terragrunt.hcl
@@ -1,20 +0,0 @@
-terraform {
-  source = "."
-
-  extra_arguments custom_vars {
-    commands = get_terraform_commands_that_need_vars()
-  }
-}
-
-include {
-  path = find_in_parent_folders("state.hcl")
-}
-
-remote_state {
-  backend = "pg"
-
-  config = {
-    conn_str = get_env("TF_STATE_POSTGRES_CONN_STR")
-    schema_name = "prod_cloudflare_immich_app_docs_release"
-  }
-}
--- a/deployment/modules/cloudflare/docs-release/variables.tf
+++ b/deployment/modules/cloudflare/docs-release/variables.tf
@@ -1,4 +0,0 @@
-variable "cloudflare_account_id" {}
-variable "tf_state_postgres_conn_str" {}
-
-variable "prefix_name" {}
--- a/deployment/modules/cloudflare/docs/.terraform.lock.hcl
+++ b/deployment/modules/cloudflare/docs/.terraform.lock.hcl
@@ -1,38 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.52.0"
-  constraints = "4.52.0"
-  hashes = [
-    "h1:2BEJyXJtYC4B4nda/WCYUmuJYDaYk88F8t1pwPzr0iQ=",
-    "h1:4IASk5SESeWKQ7JU0+M7KApuF5mZyklvwMXPBabim3c=",
-    "h1:5ImZxxALSnWfH/4EXw/wFirSmk5Tr0ACmcysy51AafE=",
-    "h1:6TJ3dxLSin4ZKBJLsZDn95H2ZYnGm8S7GGHvvXuuMQU=",
-    "h1:IzTUjg9kQ4N3qizP9CjYLeHwjsuGgtxwXvfUQWyOLcA=",
-    "h1:NTaOQfYINA0YTG/V1/9+SYtgX1it63+cBugj4WK4FWc=",
-    "h1:PXH48LuJn329sCfMXprdMDk51EZaWFyajVvS03qhQLs=",
-    "h1:Pi5M+GeoMSN2eJ6QnIeXjBf19O+rby/74CfB2ocpv20=",
-    "h1:ShXZ2ZjBvm3thfoPPzPT8+OhyismnydQVkUAfI8X12w=",
-    "h1:WQ9hu0Wge2msBbODfottCSKgu8oKUrw4Opz+fDPVVHk=",
-    "h1:Z5yXML2DE0uH9UU+M0ut9JMQAORcwVZz1CxBHzeBmao=",
-    "h1:jqI2qKknpleS3JDSplyGYHMu0u9K/tor1ZOjFwDgEMk=",
-    "h1:kgfutDh14Q5nw4eg6qGFamFxIiY8Ae0FPKRBLDOzpcI=",
-    "h1:zCAO7GZmfYhWb+i6TfqlqhMeDyPZWGio2IzEzAh3YTs=",
-    "zh:19be1a91c982b902c42aba47766860dfa5dc151eed1e95fd39ca642229381ef0",
-    "zh:1de451c4d1ecf7efbe67b6dace3426ba810711afdd644b0f1b870364c8ae91f8",
-    "zh:352b4a2120173298622e669258744554339d959ac3a95607b117a48ee4a83238",
-    "zh:3c6f1346d9154afbd2d558fabb4b0150fc8d559aa961254144fe1bc17fe6032f",
-    "zh:4c4c92d53fb535b1e0eff26f222bbd627b97d3b4c891ec9c321268676d06152f",
-    "zh:53276f68006c9ceb7cdb10a6ccf91a5c1eadd1407a28edb5741e84e88d7e29e8",
-    "zh:7925a97773948171a63d4f65bb81ee92fd6d07a447e36012977313293a5435c9",
-    "zh:7dfb0a4496cfe032437386d0a2cd9229a1956e9c30bd920923c141b0f0440060",
-    "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:8d4aa79f0a414bb4163d771063c70cd991c8fac6c766e685bac2ee12903c5bd6",
-    "zh:a67540c13565616a7e7e51ee9366e88b0dc60046e1d75c72680e150bd02725bb",
-    "zh:a936383a4767f5393f38f622e92bf2d0c03fe04b69c284951f27345766c7b31b",
-    "zh:d4887d73c466ff036eecf50ad6404ba38fd82ea4855296b1846d244b0f13c380",
-    "zh:e9093c8bd5b6cd99c81666e315197791781b8f93afa14fc2e0f732d1bb2a44b7",
-    "zh:efd3b3f1ec59a37f635aa1d4efcf178734c2fcf8ddb0d56ea690bec342da8672",
-  ]
-}
--- a/deployment/modules/cloudflare/docs/config.tf
+++ b/deployment/modules/cloudflare/docs/config.tf
@@ -1,11 +0,0 @@
-terraform {
-  backend "pg" {}
-  required_version = "~> 1.7"
-
-  required_providers {
-    cloudflare = {
-      source = "cloudflare/cloudflare"
-      version = "4.52.0"
-    }
-  }
-}
--- a/deployment/modules/cloudflare/docs/domain.tf
+++ b/deployment/modules/cloudflare/docs/domain.tf
@@ -1,26 +0,0 @@
-resource "cloudflare_pages_domain" "immich_app_branch_domain" {
-  account_id   = var.cloudflare_account_id
-  project_name = local.is_release ? data.terraform_remote_state.cloudflare_account.outputs.immich_app_archive_pages_project_name : data.terraform_remote_state.cloudflare_account.outputs.immich_app_preview_pages_project_name
-  domain       = "${var.prefix_name}.${local.deploy_domain_prefix}.immich.app"
-}
-
-resource "cloudflare_record" "immich_app_branch_subdomain" {
-  name    = "${var.prefix_name}.${local.deploy_domain_prefix}.immich.app"
-  proxied = true
-  ttl     = 1
-  type    = "CNAME"
-  content   = "${replace(var.prefix_name, "/\\/|\\./", "-")}.${local.is_release ? data.terraform_remote_state.cloudflare_account.outputs.immich_app_archive_pages_project_subdomain : data.terraform_remote_state.cloudflare_account.outputs.immich_app_preview_pages_project_subdomain}"
-  zone_id = data.terraform_remote_state.cloudflare_account.outputs.immich_app_zone_id
-}
-
-output "immich_app_branch_subdomain" {
-  value = cloudflare_record.immich_app_branch_subdomain.hostname
-}
-
-output "immich_app_branch_pages_hostname" {
-  value = cloudflare_record.immich_app_branch_subdomain.content
-}
-
-output "pages_project_name" {
-  value = cloudflare_pages_domain.immich_app_branch_domain.project_name
-}
--- a/deployment/modules/cloudflare/docs/locals.tf
+++ b/deployment/modules/cloudflare/docs/locals.tf
@@ -1,7 +0,0 @@
-locals {
-  domain_name = "immich.app"
-  preview_prefix = contains(["branch", "pr"], var.prefix_event_type) ? "preview" : ""
-  archive_prefix = contains(["release"], var.prefix_event_type) ? "archive" : ""
-  deploy_domain_prefix = coalesce(local.preview_prefix, local.archive_prefix)
-  is_release = contains(["release"], var.prefix_event_type)
-}
--- a/deployment/modules/cloudflare/docs/providers.tf
+++ b/deployment/modules/cloudflare/docs/providers.tf
@@ -1,3 +0,0 @@
-provider "cloudflare" {
-  api_token = data.terraform_remote_state.api_keys_state.outputs.terraform_key_cloudflare_docs
-}
--- a/deployment/modules/cloudflare/docs/remote-state.tf
+++ b/deployment/modules/cloudflare/docs/remote-state.tf
@@ -1,17 +0,0 @@
-data "terraform_remote_state" "api_keys_state" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_api_keys"
-  }
-}
-
-data "terraform_remote_state" "cloudflare_account" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_account"
-  }
-}
--- a/deployment/modules/cloudflare/docs/terragrunt.hcl
+++ b/deployment/modules/cloudflare/docs/terragrunt.hcl
@@ -1,24 +0,0 @@
-terraform {
-  source = "."
-
-  extra_arguments custom_vars {
-    commands = get_terraform_commands_that_need_vars()
-  }
-}
-
-include {
-  path = find_in_parent_folders("state.hcl")
-}
-
-locals {
-  prefix_name = get_env("TF_VAR_prefix_name")
-}
-
-remote_state {
-  backend = "pg"
-
-  config = {
-    conn_str = get_env("TF_STATE_POSTGRES_CONN_STR")
-    schema_name = "prod_cloudflare_immich_app_docs_${local.prefix_name}"
-  }
-}
--- a/deployment/modules/cloudflare/docs/variables.tf
+++ b/deployment/modules/cloudflare/docs/variables.tf
@@ -1,5 +0,0 @@
-variable "cloudflare_account_id" {}
-variable "tf_state_postgres_conn_str" {}
-
-variable "prefix_name" {}
-variable "prefix_event_type" {}
--- a/deployment/state.hcl
+++ b/deployment/state.hcl
@@ -1,20 +0,0 @@
-locals {
-  cloudflare_account_id = get_env("CLOUDFLARE_ACCOUNT_ID")
-  cloudflare_api_token  = get_env("CLOUDFLARE_API_TOKEN")
-
-  tf_state_postgres_conn_str = get_env("TF_STATE_POSTGRES_CONN_STR")
-}
-
-remote_state {
-  backend = "pg"
-
-  config = {
-    conn_str = local.tf_state_postgres_conn_str
-  }
-}
-
-inputs = {
-  cloudflare_account_id      = local.cloudflare_account_id
-  cloudflare_api_token       = local.cloudflare_api_token
-  tf_state_postgres_conn_str = local.tf_state_postgres_conn_str
-}
--- a/docker/docker-compose.dev.yml
+++ b/docker/docker-compose.dev.yml
@@ -1,31 +1,16 @@
-#
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
-#
-# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
-#
-# The compose file on main may not be compatible with the latest release.
-
-# For development see:
+# See:
 # - https://immich.app/docs/developer/setup
 # - https://immich.app/docs/developer/troubleshooting

 name: immich-dev

-services:
-  immich-server:
-    container_name: immich_server
-    command: ['/usr/src/app/bin/immich-dev']
+x-server-build: &server-common
  image: immich-server-dev:latest
-    # extends:
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
  build:
    context: ../
    dockerfile: server/Dockerfile
    target: dev
-    restart: unless-stopped
+  restart: always
  volumes:
    - ../server:/usr/src/app
    - ../open-api:/usr/src/open-api
@@ -35,52 +20,50 @@ services:
    - /etc/localtime:/etc/localtime:ro
  env_file:
    - .env
-    environment:
-      IMMICH_REPOSITORY: immich-app/immich
-      IMMICH_REPOSITORY_URL: https://github.com/immich-app/immich
-      IMMICH_SOURCE_REF: local
-      IMMICH_SOURCE_COMMIT: af2efbdbbddc27cd06142f22253ccbbbbeec1f55
-      IMMICH_SOURCE_URL: https://github.com/immich-app/immich/commit/af2efbdbbddc27cd06142f22253ccbbbbeec1f55
-      IMMICH_BUILD: '9654404849'
-      IMMICH_BUILD_URL: https://github.com/immich-app/immich/actions/runs/9654404849
-      IMMICH_BUILD_IMAGE: development
-      IMMICH_BUILD_IMAGE_URL: https://github.com/immich-app/immich/pkgs/container/immich-server
-      IMMICH_THIRD_PARTY_SOURCE_URL: https://github.com/immich-app/immich/
-      IMMICH_THIRD_PARTY_BUG_FEATURE_URL: https://github.com/immich-app/immich/issues
-      IMMICH_THIRD_PARTY_DOCUMENTATION_URL: https://immich.app/docs
-      IMMICH_THIRD_PARTY_SUPPORT_URL: https://immich.app/docs/community-guides
  ulimits:
    nofile:
      soft: 1048576
      hard: 1048576
+
+services:
+  immich-server:
+    container_name: immich_server
+    command: ['/usr/src/app/bin/immich-dev', 'immich']
+    <<: *server-common
    ports:
+      - 3001:3001
      - 9230:9230
-      - 9231:9231
-      - 2283:2283
    depends_on:
      - redis
      - database
-    healthcheck:
-      disable: false
+
+  immich-microservices:
+    container_name: immich_microservices
+    command: ['/usr/src/app/bin/immich-dev', 'microservices']
+    <<: *server-common
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    ports:
+      - 9231:9230
+    depends_on:
+      - database
+      - immich-server

  immich-web:
    container_name: immich_web
    image: immich-web-dev:latest
-    # Needed for rootless docker setup, see https://github.com/moby/moby/issues/45919
-    # user: 0:0
    build:
      context: ../web
    command: ['/usr/src/app/bin/immich-web']
    env_file:
      - .env
    ports:
-      - 3000:3000
+      - 2283:3000
      - 24678:24678
    volumes:
      - ../web:/usr/src/app
-      - ../i18n:/usr/src/i18n
      - ../open-api/:/usr/src/open-api/
-      # - ../../ui:/usr/ui
      - /usr/src/app/node_modules
    ulimits:
      nofile:
@@ -95,12 +78,12 @@ services:
    image: immich-machine-learning-dev:latest
    # extends:
    #   file: hwaccel.ml.yml
-    #   service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference
    build:
      context: ../machine-learning
      dockerfile: Dockerfile
      args:
-        - DEVICE=cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference
+        - DEVICE=cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference
    ports:
      - 3003:3003
    volumes:
@@ -111,30 +94,26 @@ services:
    depends_on:
      - database
    restart: unless-stopped
-    healthcheck:
-      disable: false

  redis:
    container_name: immich_redis
-    image: docker.io/valkey/valkey:8-bookworm@sha256:fec42f399876eb6faf9e008570597741c87ff7662a54185593e74b09ce83d177
-    healthcheck:
-      test: redis-cli ping || exit 1
+    image: redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de2672

  database:
    container_name: immich_postgres
-    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.2-pgvectors0.2.0
+    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    env_file:
      - .env
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
-      POSTGRES_INITDB_ARGS: '--data-checksums'
    volumes:
      - ${UPLOAD_LOCATION}/postgres:/var/lib/postgresql/data
    ports:
      - 5432:5432
-  # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
+  
+  # set IMMICH_METRICS=true in .env to enable metrics
  # immich-prometheus:
  #   container_name: immich_prometheus
  #   ports:
--- a/docker/docker-compose.prod.yml
+++ b/docker/docker-compose.prod.yml
@@ -1,21 +1,7 @@
-#
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
-#
-# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
-#
-# The compose file on main may not be compatible with the latest release.
-
 name: immich-prod

-services:
-  immich-server:
-    container_name: immich_server
+x-server-build: &server-common
  image: immich-server:latest
-    # extends:
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
  build:
    context: ../
    dockerfile: server/Dockerfile
@@ -24,65 +10,73 @@ services:
    - /etc/localtime:/etc/localtime:ro
  env_file:
    - .env
+  restart: always
+
+services:
+  immich-server:
+    container_name: immich_server
+    command: ['start.sh', 'immich']
+    <<: *server-common
    ports:
-      - 2283:2283
+      - 2283:3001
    depends_on:
      - redis
      - database
-    restart: always
-    healthcheck:
-      disable: false
+
+  immich-microservices:
+    container_name: immich_microservices
+    command: ['start.sh', 'microservices']
+    <<: *server-common
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    depends_on:
+      - redis
+      - database
+      - immich-server

  immich-machine-learning:
    container_name: immich_machine_learning
    image: immich-machine-learning:latest
    # extends:
    #   file: hwaccel.ml.yml
-    #   service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference
    build:
      context: ../machine-learning
      dockerfile: Dockerfile
      args:
-        - DEVICE=cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference
-    ports:
-      - 3003:3003
+        - DEVICE=cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always
-    healthcheck:
-      disable: false

  redis:
    container_name: immich_redis
-    image: docker.io/valkey/valkey:8-bookworm@sha256:fec42f399876eb6faf9e008570597741c87ff7662a54185593e74b09ce83d177
-    healthcheck:
-      test: redis-cli ping || exit 1
+    image: redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de2672
    restart: always

  database:
    container_name: immich_postgres
-    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.2-pgvectors0.2.0
+    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    env_file:
      - .env
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
-      POSTGRES_INITDB_ARGS: '--data-checksums'
    volumes:
      - ${UPLOAD_LOCATION}/postgres:/var/lib/postgresql/data
    ports:
      - 5432:5432
-    restart: always

-  # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
+  # set IMMICH_METRICS=true in .env to enable metrics
  immich-prometheus:
    container_name: immich_prometheus
    ports:
      - 9090:9090
-    image: prom/prometheus@sha256:9abc6cf6aea7710d163dbb28d8eeb7dc5baef01e38fa4cd146a406dd9f07f70d
+    image: prom/prometheus@sha256:4f6c47e39a9064028766e8c95890ed15690c30f00c4ba14e7ce6ae1ded0295b1
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml
      - prometheus-data:/prometheus
@@ -94,7 +88,7 @@ services:
    command: ['./run.sh', '-disable-reporting']
    ports:
      - 3000:3000
-    image: grafana/grafana:12.0.1-ubuntu@sha256:65575bb9c761335e2ff30e364f21d38632e3b2e75f5f81d83cc92f44b9bbc055
+    image: grafana/grafana:10.4.2-ubuntu@sha256:4f55071b556fb03f12b41423c98a185ed6695ed9ff2558e35805f0dd765fd958
    volumes:
      - grafana-data:/var/lib/grafana

--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -1,11 +1,10 @@
 #
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
+# WARNING: Make sure to use the docker-compose.yml of the current release:
 #
 # https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
 #
 # The compose file on main may not be compatible with the latest release.
+#

 name: immich

@@ -13,59 +12,63 @@ services:
  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
-    # extends:
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    command: ['start.sh', 'immich']
    volumes:
-      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
    ports:
-      - '2283:2283'
+      - 2283:3001
+    depends_on:
+      - redis
+      - database
+    restart: always
+
+  immich-microservices:
+    container_name: immich_microservices
+    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/hardware-transcoding
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
+    command: ['start.sh', 'microservices']
+    volumes:
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
+      - /etc/localtime:/etc/localtime:ro
+    env_file:
+      - .env
    depends_on:
      - redis
      - database
    restart: always
-    healthcheck:
-      disable: false

  immich-machine-learning:
    container_name: immich_machine_learning
-    # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag.
+    # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
    # Example tag: ${IMMICH_VERSION:-release}-cuda
    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
    #   file: hwaccel.ml.yml
-    #   service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always
-    healthcheck:
-      disable: false

  redis:
    container_name: immich_redis
-    image: docker.io/valkey/valkey:8-bookworm@sha256:fec42f399876eb6faf9e008570597741c87ff7662a54185593e74b09ce83d177
-    healthcheck:
-      test: redis-cli ping || exit 1
+    image: registry.hub.docker.com/library/redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de2672
    restart: always

  database:
    container_name: immich_postgres
-    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.2-pgvectors0.2.0
+    image: registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
-      POSTGRES_INITDB_ARGS: '--data-checksums'
-      # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs
-      # DB_STORAGE_TYPE: 'HDD'
    volumes:
-      # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
    restart: always

--- a/docker/example.env
+++ b/docker/example.env
@@ -3,20 +3,17 @@
 # The location where your uploaded files are stored
 UPLOAD_LOCATION=./library

-# The location where your database files are stored. Network shares are not supported for the database
-DB_DATA_LOCATION=./postgres
-
-# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
-# TZ=Etc/UTC
-
 # The Immich version to use. You can pin this to a specific version like "v1.71.0"
 IMMICH_VERSION=release

 # Connection secret for postgres. You should change it to a random password
-# Please use only the characters `A-Za-z0-9`, without special characters or spaces
 DB_PASSWORD=postgres

 # The values below this line do not need to be changed
 ###################################################################################
+DB_HOSTNAME=immich_postgres
 DB_USERNAME=postgres
 DB_DATABASE_NAME=immich
+DB_DATA_LOCATION=./postgres
+
+REDIS_HOSTNAME=immich_redis
--- a/docker/hwaccel.ml.yml
+++ b/docker/hwaccel.ml.yml
@@ -1,3 +1,5 @@
+version: "3.8"
+
 # Configurations for hardware-accelerated machine learning

 # If using Unraid or another platform that doesn't allow multiple Compose files,
@@ -14,13 +16,6 @@ services:
      - /lib/firmware/mali_csffw.bin:/lib/firmware/mali_csffw.bin:ro # Mali firmware for your chipset (not always required depending on the driver)
      - /usr/lib/libmali.so:/usr/lib/libmali.so:ro # Mali driver for your chipset (always required)

-  rknn:
-    security_opt:
-      - systempaths=unconfined
-      - apparmor=unconfined
-    devices:
-      - /dev/dri:/dev/dri
-
  cpu: {}

  cuda:
@@ -33,16 +28,9 @@ services:
              capabilities:
                - gpu

-  rocm:
-    group_add:
-      - video
-    devices:
-      - /dev/dri:/dev/dri
-      - /dev/kfd:/dev/kfd
-
  openvino:
    device_cgroup_rules:
-      - 'c 189:* rmw'
+      - "c 189:* rmw"
    devices:
      - /dev/dri:/dev/dri
    volumes:
--- a/docker/hwaccel.transcoding.yml
+++ b/docker/hwaccel.transcoding.yml
@@ -1,3 +1,5 @@
+version: "3.8"
+
 # Configurations for hardware-accelerated transcoding

 # If using Unraid or another platform that doesn't allow multiple Compose files,
@@ -48,8 +50,8 @@ services:
  vaapi-wsl: # use this for VAAPI if you're running Immich in WSL2
    devices:
      - /dev/dri:/dev/dri
-      - /dev/dxg:/dev/dxg
    volumes:
      - /usr/lib/wsl:/usr/lib/wsl
    environment:
+      - LD_LIBRARY_PATH=/usr/lib/wsl/lib
      - LIBVA_DRIVER_NAME=d3d12
--- a/docker/prometheus.yml
+++ b/docker/prometheus.yml
@@ -3,10 +3,10 @@ global:
  evaluation_interval: 15s

 scrape_configs:
-  - job_name: immich_api
+  - job_name: immich_server
    static_configs:
      - targets: ['immich-server:8081']
  
  - job_name: immich_microservices
    static_configs:
-      - targets: ['immich-server:8082']
+      - targets: ['immich-microservices:8081']
--- a/docker/scripts/get-cpus.sh
+++ b/docker/scripts/get-cpus.sh
@@ -1,49 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-LOG_LEVEL="${IMMICH_LOG_LEVEL:='info'}"
-
-logDebug() {
-    if [ "$LOG_LEVEL" = "debug" ] || [ "$LOG_LEVEL" = "verbose" ]; then
-        echo "DEBUG: $1" >&2
-    fi
-}
-
-if [ -f /sys/fs/cgroup/cgroup.controllers ]; then
-    logDebug "cgroup v2 detected."
-    if [ -f /sys/fs/cgroup/cpu.max ]; then
-        read -r quota period </sys/fs/cgroup/cpu.max
-        if [ "$quota" = "max" ]; then
-            logDebug "No CPU limits set."
-            unset quota period
-        fi
-    else
-        logDebug "/sys/fs/cgroup/cpu.max not found."
-    fi
-else
-    logDebug "cgroup v1 detected."
-
-    if [ -f /sys/fs/cgroup/cpu/cpu.cfs_quota_us ] && [ -f /sys/fs/cgroup/cpu/cpu.cfs_period_us ]; then
-        quota=$(cat /sys/fs/cgroup/cpu/cpu.cfs_quota_us)
-        period=$(cat /sys/fs/cgroup/cpu/cpu.cfs_period_us)
-
-        if [ "$quota" = "-1" ]; then
-            logDebug "No CPU limits set."
-            unset quota period
-        fi
-    else
-        logDebug "/sys/fs/cgroup/cpu/cpu.cfs_quota_us or /sys/fs/cgroup/cpu/cpu.cfs_period_us not found."
-    fi
-fi
-
-if [ -n "${quota:-}" ] && [ -n "${period:-}" ]; then
-    cpus=$((quota / period))
-    if [ "$cpus" -eq 0 ]; then
-        cpus=1
-    fi
-else
-    cpus=$(grep -c ^processor /proc/cpuinfo)
-fi
-
-echo "$cpus"
--- a/docs/.nvmrc
+++ b/docs/.nvmrc
@@ -1 +0,0 @@
-22.16.0
--- a/docs/README.md
+++ b/docs/README.md
@@ -5,13 +5,13 @@ This website is built using [Docusaurus](https://docusaurus.io/), a modern stati
 ### Installation

 ```
-$ npm install
+$ yarn
 ```

 ### Local Development

 ```
-$ npm run start
+$ yarn start
 ```

 This command starts a local development server and opens up a browser window. Most changes are reflected live without having to restart the server.
@@ -19,7 +19,7 @@ This command starts a local development server and opens up a browser window. Mo
 ### Build

 ```
-$ npm run build
+$ yarn build
 ```

 This command generates static content into the `build` directory and can be served using any static contents hosting service.
@@ -29,13 +29,13 @@ This command generates static content into the `build` directory and can be serv
 Using SSH:

 ```
-$ USE_SSH=true npm run deploy
+$ USE_SSH=true yarn deploy
 ```

 Not using SSH:

 ```
-$ GIT_USER=<Your GitHub username> npm run deploy
+$ GIT_USER=<Your GitHub username> yarn deploy
 ```

 If you are using GitHub pages for hosting, this command is a convenient way to build the website and push to the `gh-pages` branch.
--- a/docs/blog/2023/06-24/update.mdx
+++ b/docs/blog/2023/06-24/update.mdx
@@ -94,7 +94,7 @@ Thank you, and I am asking for your support for the project. I hope to be a full
 - Bitcoin: 3QVAb9dCHutquVejeNXitPqZX26Yg5kxb7
 - Give a project a star - the contributors love gazing at the stars and seeing their creations shining in the sky.

-Join our friendly [Discord](https://discord.immich.app) to talk and discuss Immich, tech, or anything
+Join our friendly [Discord](https://discord.gg/D8JsnBEuKb) to talk and discuss Immich, tech, or anything

 Cheer!

--- a/docs/blog/2023/07-29/update.mdx
+++ b/docs/blog/2023/07-29/update.mdx
@@ -142,7 +142,7 @@ Thank you, and I am asking for your support for the project. I hope to be a full
 - Bitcoin: 3QVAb9dCHutquVejeNXitPqZX26Yg5kxb7
 - Give a project a star - the contributors love gazing at the stars and seeing their creations shining in the sky.

-Join our friendly [Discord](https://discord.immich.app) to talk and discuss Immich, tech, or anything
+Join our friendly [Discord](https://discord.gg/D8JsnBEuKb) to talk and discuss Immich, tech, or anything

 Cheer!

--- a/docs/blog/2024/immich-core-team-goes-fulltime.mdx
+++ b/docs/blog/2024/immich-core-team-goes-fulltime.mdx
@@ -1,75 +0,0 @@
---
-title: The Immich core team goes full-time
-authors: [alextran]
-tags: [update, announcement, FUTO]
-date: 2024-05-01T00:00
---
-
-**Immich is joining [FUTO](https://futo.org/)!**
-
-Since the beginning of this adventure, my goal has always been to create a better world for my children. Memories are priceless, and privacy should not be a luxury. However, building quality open source has its challenges. Over the past two years, it has taken significant dedication, time, and effort.
-
-Recently, a company in Austin, Texas, called FUTO contacted the team. FUTO strives to develop quality and sustainable open software. They build software alternatives that focus on giving control to users. From their mission statement:
-
-“Computers should belong to you, the people. We develop and fund technology to give them back.”
-
-FUTO loved Immich and wanted to see if we’d consider working with them to take the project to the next level. In short, FUTO offered to:
-
- Pay the core team to work on Immich full-time
- Let us keep full autonomy about the project’s direction and leadership
- Continue to license Immich under AGPL
- Keep Immich’s development direction with no paywalled features
- Keep Immich “built for the people” (no ads, data mining/selling, or alternative motives)
- Provide us with financial, technical, legal, and administrative support
-
-After careful deliberation, the team decided that FUTO’s vision closely aligns with our own: to build a better future by providing a polished, performant, and privacy-preserving open-source software solution for photo and video management delivered in a sustainable way.
-
-Immich’s future has never looked brighter, and we look forward to realizing our vision for Immich as part of FUTO.
-
-If you have more questions, we’ll host a Q&A live stream on May 9th at 3PM UTC (10AM CST). [You can ask questions here](https://www.live-ask.com/event/01HWP2SB99A1K8EXFBDKZ5Z9CF), and the stream will be live [here on our YouTube channel](https://youtube.com/live/cwz2iZwYpgg).
-
-Cheers,
-
-The Immich Team
-
---
-
-## FAQs
-
-### What is FUTO?
-
-[https://futo.org/what-is-futo/](https://futo.org/what-is-futo/)
-
-### Will the license change?
-
-No. Immich will continue to be licensed under AGPL without a CLA.
-
-### Will Immich continue to be free?
-
-Yes. The Immich source code will remain freely available under the AGPL license.
-
-### Is Immich getting VC funding?
-
-No. Venture capital implies investment in a business, often with the expectation of a future payout (exit plan). Immich is neither a business that can be acquired nor comes with a money-making exit plan.
-
-### I am currently supporting Immich through GitHub sponsors. What will happen to my donation?
-
-Effective immediately, all donations to the Immich organization will be canceled. In the future, we will offer an optional, modest payment option instead. Thank you to everyone who donated to help us get this far!
-
-### How is funding sustainable?
-
-Immich and FUTO believe a sustainable future requires a model that does not rely on users-as-a-product. To this end, FUTO advocates that users pay for good, open software. In keeping with this model, we will adopt a purchase price. This means we no longer accept donations, but — _without limiting features for those who do not pay_ — we will soon allow you to purchase Immich through a modest payment. We encourage you to pay for the high-quality software you use to foster a healthy software culture where developers build great applications without hidden motives for their users.
-
-### When does this change take effect?
-
-This change takes effect immediately.
-
-### What will change?
-
-The following things will change as Immich joins FUTO:
-
- The brand, logo, and other Immich trademarks will be transferred to FUTO.
- We will stop all donations to the project.
- The core team can now dedicate our full attention to Immich
- Before the end of the year, we plan to have a roadmap for what it will take to get Immich to a stable release.
- Bugs will be squashed, and features will be delivered faster.
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Alex Tran	736b968eab	merge main	2024-04-22 06:52:30 -05:00
Alex Tran	d5d8426bda	Merge branch 'main' of github.com:immich-app/immich into web/automation-ui	2024-04-22 06:51:57 -05:00
Alex	7e92ef9428	Merge branch 'main' of github.com:immich-app/immich into web/automation-ui	2024-04-17 11:13:14 +02:00
Alex	372fae20d9	light theme	2024-04-08 07:37:25 +02:00
Alex	16543a233b	basic ui complete	2024-04-07 20:37:26 -05:00
Alex	73b961f5fa	colors	2024-04-07 19:38:23 -05:00
Alex	e0d15c96f1	feat(web): workflow automation ui	2024-04-07 19:18:49 -05:00