Update web/src/lib/components/photos-page/asset-grid.svelte

Co-authored-by: Daniel Dietzler <36593685+danieldietzler@users.noreply.github.com>
Update web/src/lib/actions/focus.ts
2025-12-07 13:21:02 -08:00 · 2024-05-27 21:02:08 +02:00 · 2024-05-27 21:02:01 +02:00 · 2024-05-25 12:58:49 +02:00
2635 changed files with 105617 additions and 252011 deletions
--- a/.devcontainer/.gitignore
+++ b/.devcontainer/.gitignore
@@ -1,2 +0,0 @@
-.env
-library
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -1,16 +0,0 @@
-ARG BASEIMAGE=mcr.microsoft.com/devcontainers/typescript-node:22@sha256:2ef23730ec68d8511ec8e6e0b82550ca728b256805d81f60ed890f3bfb21cfb9
-FROM ${BASEIMAGE}
-
-# Flutter SDK
-# https://flutter.dev/docs/development/tools/sdk/releases?tab=linux
-ENV FLUTTER_CHANNEL="stable"
-ENV FLUTTER_VERSION="3.29.1"
-ENV FLUTTER_HOME=/flutter
-ENV PATH=${PATH}:${FLUTTER_HOME}/bin
-
-# Flutter SDK
-RUN mkdir -p ${FLUTTER_HOME} \
-  && curl -C - --output flutter.tar.xz https://storage.googleapis.com/flutter_infra_release/releases/${FLUTTER_CHANNEL}/linux/flutter_linux_${FLUTTER_VERSION}-${FLUTTER_CHANNEL}.tar.xz \
-  && tar -xf flutter.tar.xz --strip-components=1 -C ${FLUTTER_HOME} \
-  && rm flutter.tar.xz \
-  && chown -R 1000:1000 ${FLUTTER_HOME}
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -1,26 +0,0 @@
-{
-  "name": "Immich",
-  "service": "immich-devcontainer",
-  "dockerComposeFile": [
-    "docker-compose.yml",
-    "../docker/docker-compose.dev.yml"
-  ],
-  "customizations": {
-    "vscode": {
-      "extensions": [
-        "Dart-Code.dart-code",
-        "Dart-Code.flutter",
-        "dbaeumer.vscode-eslint",
-        "dcmdev.dcm-vscode-extension",
-        "esbenp.prettier-vscode",
-        "svelte.svelte-vscode"
-      ]
-    }
-  },
-  "forwardPorts": [],
-  "initializeCommand": "bash .devcontainer/scripts/initializeCommand.sh",
-  "onCreateCommand": "bash .devcontainer/scripts/onCreateCommand.sh",
-  "overrideCommand": true,
-  "workspaceFolder": "/immich",
-  "remoteUser": "node"
-}
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@@ -1,8 +0,0 @@
-services:
-  immich-devcontainer:
-    build:
-      dockerfile: Dockerfile
-    extra_hosts:
-      - 'host.docker.internal:host-gateway'
-    volumes:
-      - ..:/immich:cached
--- a/.devcontainer/scripts/initializeCommand.sh
+++ b/.devcontainer/scripts/initializeCommand.sh
@@ -1,6 +0,0 @@
-#!/bin/bash
-
-# If .env file does not exist, create it by copying example.env from the docker folder
-if [ ! -f ".devcontainer/.env" ]; then
-    cp docker/example.env .devcontainer/.env
-fi
--- a/.devcontainer/scripts/onCreateCommand.sh
+++ b/.devcontainer/scripts/onCreateCommand.sh
@@ -1,25 +0,0 @@
-#!/bin/bash
-
-# Enable multiarch for arm64 if necessary
-if [ "$(dpkg --print-architecture)" = "arm64" ]; then
-    sudo dpkg --add-architecture amd64 && \
-    sudo apt-get update && \
-    sudo apt-get install -y --no-install-recommends \
-        qemu-user-static \
-        libc6:amd64 \
-        libstdc++6:amd64 \
-        libgcc1:amd64
-fi
-
-# Install DCM
-wget -qO- https://dcm.dev/pgp-key.public | sudo gpg --dearmor -o /usr/share/keyrings/dcm.gpg
-sudo echo 'deb [signed-by=/usr/share/keyrings/dcm.gpg arch=amd64] https://dcm.dev/debian stable main' | sudo tee /etc/apt/sources.list.d/dart_stable.list
-
-sudo apt-get update
-sudo apt-get install dcm
-
-dart --disable-analytics
-
-# Install immich
-cd /immich || exit
-make install-all
--- a/.dockerignore
+++ b/.dockerignore
@@ -4,7 +4,6 @@

 design/
 docker/
-!docker/scripts
 docs/
 e2e/
 fastlane/
@@ -22,7 +21,6 @@ open-api/typescript-sdk/node_modules/
 server/coverage/
 server/node_modules/
 server/upload/
-server/src/queries
 server/dist/
 server/www/

@@ -30,4 +28,3 @@ web/node_modules/
 web/coverage/
 web/.svelte-kit
 web/build/
-web/.env
--- a/.gitattributes
+++ b/.gitattributes
@@ -6,9 +6,6 @@ mobile/openapi/**/*.dart linguist-generated=true
 mobile/lib/**/*.g.dart -diff -merge
 mobile/lib/**/*.g.dart linguist-generated=true

-mobile/lib/**/*.drift.dart -diff -merge
-mobile/lib/**/*.drift.dart linguist-generated=true
-
 open-api/typescript-sdk/fetch-client.ts -diff -merge
 open-api/typescript-sdk/fetch-client.ts linguist-generated=true

--- a/.github/.nvmrc
+++ b/.github/.nvmrc
@@ -1 +0,0 @@
-22.14.0
--- a/.github/DISCUSSION_TEMPLATE/feature-request.yaml
+++ b/.github/DISCUSSION_TEMPLATE/feature-request.yaml
@@ -1,19 +1,17 @@
-title: '[Feature] feature-name-goes-here'
-labels: ['feature']
+title: "[Feature] <feature-name-goes-here>"
+labels: ["feature"]

 body:
  - type: markdown
    attributes:
      value: |
-        Please use this form to request new feature for Immich.
-        Stick to only a single feature per request. If you list multiple different features at once, 
-        your request will be closed.
+        Please use this form to request new feature for Immich

  - type: checkboxes
    attributes:
-      label: I have searched the existing feature requests, both open and closed, to make sure this is not a duplicate request.
+      label: I have searched the existing feature requests to make sure this is not a duplicate request.
      options:
-        - label: 'Yes'
+        - label: "Yes"
          required: true

  - type: textarea
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1 +0,0 @@
-custom: ['https://buy.immich.app', 'https://immich.store']
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -1,13 +1,6 @@
 name: Report an issue with Immich
 description: Report an issue with Immich
 body:
-  - type: checkboxes
-    attributes:
-      label: I have searched the existing issues, both open and closed, to make sure this is not a duplicate report.
-      options:
-        - label: 'Yes'
-          required: true
-
  - type: markdown
    attributes:
      value: |
@@ -84,12 +77,13 @@ body:
    id: repro
    attributes:
      label: Reproduction steps
-      description: 'How do you trigger this bug? Please walk us through it step by step.'
+      description: "How do you trigger this bug? Please walk us through it step by step."
      value: |
        1.
        2.
        3.
        ...
+      render: bash
    validations:
      required: true

@@ -97,13 +91,12 @@ body:
    id: logs
    attributes:
      label: Relevant log output
-      description:
-        Please copy and paste any relevant logs below. (code formatting is
+      description: Please copy and paste any relevant logs below. (code formatting is
        enabled, no need for backticks)
      render: shell
    validations:
      required: false
-
+      
  - type: textarea
    attributes:
      label: Additional information
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,14 +1,11 @@
 blank_issues_enabled: false
 contact_links:
-  - name: ✋ I have a question or need support
-    url: https://discord.immich.app
+  - name: I have a question or need support
+    url: https://discord.gg/D8JsnBEuKb
    about: We use GitHub for tracking bugs, please check out our Discord channel for freaky fast support.
-  - name: 📷 My photo or video has a date, time, or timezone problem
-    url: https://github.com/immich-app/immich/discussions/12650
-    about: Upload a sample file to this discussion and we will take a look
-  - name: 🌟 Feature request
+  - name: Feature Request
    url: https://github.com/immich-app/immich/discussions/new?category=feature-request
    about: Please use our GitHub Discussion for making feature requests.
-  - name: 🫣 I'm unsure where to go
-    url: https://discord.immich.app
+  - name: I'm unsure where to go
+    url: https://discord.gg/D8JsnBEuKb
    about: If you are unsure where to go, then joining our Discord is recommended; Just ask!
--- a/.github/PULL_REQUEST_TEMPLATE/config.yml
+++ b/.github/PULL_REQUEST_TEMPLATE/config.yml
@@ -1 +1,2 @@
+blank_issues_enabled: false
 blank_pull_request_template_enabled: false
--- a/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md
+++ b/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md
@@ -0,0 +1,22 @@
+## Description
+<!--- Describe your changes in detail -->
+<!--- Why is this change required? What problem does it solve? -->
+<!--- If it fixes an open issue, please link to the issue here. -->
+
+Fixes # (issue)
+
+
+## How Has This Been Tested?
+
+<!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration -->
+
+- [ ] Test A
+- [ ] Test B
+
+## Screenshots (if appropriate):
+
+
+## Checklist:
+
+- [ ] I have performed a self-review of my own code
+- [ ] I have made corresponding changes to the documentation if applicable
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,7 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -1,38 +0,0 @@
-cli:
-  - changed-files:
-      - any-glob-to-any-file:
-          - cli/src/**
-
-documentation:
-  - changed-files:
-      - any-glob-to-any-file:
-          - docs/blob/**
-          - docs/docs/**
-          - docs/src/**
-          - docs/static/**
-
-🖥️web:
-  - changed-files:
-      - any-glob-to-any-file:
-          - web/src/**
-          - web/static/**
-
-📱mobile:
-  - changed-files:
-      - any-glob-to-any-file:
-          - mobile/lib/**
-          - mobile/test/**
-
-🗄️server:
-  - changed-files:
-      - any-glob-to-any-file:
-          - server/src/**
-          - server/test/**
-
-🧠machine-learning:
-  - changed-files:
-      - any-glob-to-any-file:
-          - machine-learning/app/**
-
-changelog:translation:
-  - head-branch: ['^chore/translations$']
--- a/.github/package-lock.json
+++ b/.github/package-lock.json
@@ -1,28 +0,0 @@
-{
-  "name": ".github",
-  "lockfileVersion": 3,
-  "requires": true,
-  "packages": {
-    "": {
-      "devDependencies": {
-        "prettier": "^3.5.3"
-      }
-    },
-    "node_modules/prettier": {
-      "version": "3.5.3",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.5.3.tgz",
-      "integrity": "sha512-QQtaxnoDJeAkDvDKWCLiwIXkTgRhwYDEQCghU9Z6q03iyek/rxRh/2lC3HB7P8sWT2xC/y5JDctPLBIGzHKbhw==",
-      "dev": true,
-      "license": "MIT",
-      "bin": {
-        "prettier": "bin/prettier.cjs"
-      },
-      "engines": {
-        "node": ">=14"
-      },
-      "funding": {
-        "url": "https://github.com/prettier/prettier?sponsor=1"
-      }
-    }
-  }
-}
--- a/.github/package.json
+++ b/.github/package.json
@@ -1,9 +0,0 @@
-{
-  "scripts": {
-    "format": "prettier --check .",
-    "format:fix": "prettier --write ."
-  },
-  "devDependencies": {
-    "prettier": "^3.5.3"
-  }
-}
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,36 +0,0 @@
-## Description
-
-<!--- Describe your changes in detail -->
-<!--- Why is this change required? What problem does it solve? -->
-<!--- If it fixes an open issue, please link to the issue here. -->
-
-Fixes # (issue)
-
-## How Has This Been Tested?
-
-<!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration -->
-
- [ ] Test A
- [ ] Test B
-
-<details><summary><h2>Screenshots (if appropriate)</h2></summary>
-
-<!-- Images go below this line. -->
-
-</details>
-
-<!-- API endpoint changes (if relevant)
-## API Changes
-The `/api/something` endpoint is now `/api/something-else`
-->
-
-## Checklist:
-
- [ ] I have performed a self-review of my own code
- [ ] I have made corresponding changes to the documentation if applicable
- [ ] I have no unrelated changes in the PR.
- [ ] I have confirmed that any new dependencies are strictly necessary.
- [ ] I have written tests for new code (if applicable)
- [ ] I have followed naming conventions/patterns in the surrounding code
- [ ] All code in `src/services/` uses repositories implementations for database calls, filesystem operations, etc.
- [ ] All code in `src/repositories/` is pretty basic/simple and does not have any immich specific logic (that belongs in `src/services/`)
--- a/.github/release.yml
+++ b/.github/release.yml
@@ -1,33 +1,41 @@
-changelog:
-  categories:
-    - title: 🚨 Breaking Changes
-      labels:
-        - changelog:breaking-change
-
-    - title: 🫥 Deprecated Changes
-      labels:
-        - changelog:deprecated
-
-    - title: 🔒 Security
-      labels:
-        - changelog:security
-
-    - title: 🚀 Features
-      labels:
-        - changelog:feature
-
-    - title: 🌟 Enhancements
-      labels:
-        - changelog:enhancement
-
-    - title: 🐛 Bug fixes
-      labels:
-        - changelog:bugfix
-
-    - title: 📚 Documentation
-      labels:
-        - changelog:documentation
-
-    - title: 🌐 Translations
-      labels:
-        - changelog:translation
+changelog:
+  categories:
+    - title: ⚠️ Breaking Changes
+      labels:
+        - breaking-change
+
+    - title: 🗄️ Server
+      labels:
+        - 🗄️server
+
+    - title: 📱 Mobile
+      labels:
+        - 📱mobile
+
+    - title: 🖥️ Web
+      labels:
+        - 🖥️web
+
+    - title: 🧠 Machine Learning
+      labels:
+        - 🧠machine-learning
+
+    - title: ⚡ CLI
+      labels:
+        - cli
+
+    - title: 📓 Documentation
+      labels:
+        - documentation
+
+    - title: 🔨 Maintenance
+      labels:
+        - deployment
+        - dependencies
+        - renovate
+        - maintenance
+        - tech-debt
+
+    - title: Other changes
+      labels:
+        - "*"
--- a/.github/workflows/build-mobile.yml
+++ b/.github/workflows/build-mobile.yml
@@ -16,30 +16,10 @@ concurrency:
  cancel-in-progress: true

 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
-        with:
-          filters: |
-            mobile:
-              - 'mobile/**'
-            workflow:
-              - '.github/workflows/build-mobile.yml'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_call' || github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
-
  build-sign-android:
    name: Build and sign Android
-    needs: pre-job
    # Skip when PR from a fork
-    if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' && needs.pre-job.outputs.should_run == 'true' }}
+    if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }}
    runs-on: macos-14

    steps:
@@ -51,21 +31,21 @@ jobs:
          ref="${input_ref:-$github_ref}"
          echo "ref=$ref" >> $GITHUB_OUTPUT

-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: actions/checkout@v4
        with:
          ref: ${{ steps.get-ref.outputs.ref }}

-      - uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4
+      - uses: actions/setup-java@v4
        with:
          distribution: 'zulu'
          java-version: '17'
          cache: 'gradle'

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@e938fdf56512cc96ef2f93601a5a40bde3801046 # v2
+        uses: subosito/flutter-action@v2
        with:
          channel: 'stable'
-          flutter-version-file: ./mobile/pubspec.yaml
+          flutter-version: '3.22.0'
          cache: true

      - name: Create the Keystore
@@ -89,7 +69,7 @@ jobs:
          flutter build apk --release --split-per-abi --target-platform android-arm,android-arm64,android-x64

      - name: Publish Android Artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
+        uses: actions/upload-artifact@v4
        with:
          name: release-apk-signed
          path: mobile/build/app/outputs/flutter-apk/*.apk
--- a/.github/workflows/cache-cleanup.yml
+++ b/.github/workflows/cache-cleanup.yml
@@ -14,7 +14,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4

      - name: Cleanup
        run: |
--- a/.github/workflows/cli.yml
+++ b/.github/workflows/cli.yml
@@ -1,16 +1,16 @@
 name: CLI Build
 on:
+  workflow_dispatch:
  push:
    branches: [main]
    paths:
-      - 'cli/**'
-      - '.github/workflows/cli.yml'
+      - "cli/**"
+      - ".github/workflows/cli.yml"
  pull_request:
+    branches: [main]
    paths:
-      - 'cli/**'
-      - '.github/workflows/cli.yml'
-  release:
-    types: [published]
+      - "cli/**"
+      - ".github/workflows/cli.yml"

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
@@ -21,19 +21,19 @@ permissions:

 jobs:
  publish:
-    name: CLI Publish
+    name: Publish
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ./cli

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: actions/checkout@v4
      # Setup .npmrc file to publish to npm
-      - uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
+      - uses: actions/setup-node@v4
        with:
-          node-version-file: './cli/.nvmrc'
-          registry-url: 'https://registry.npmjs.org'
+          node-version: "20.x"
+          registry-url: "https://registry.npmjs.org"
      - name: Prepare SDK
        run: npm ci --prefix ../open-api/typescript-sdk/
      - name: Build SDK
@@ -41,7 +41,7 @@ jobs:
      - run: npm ci
      - run: npm run build
      - run: npm publish
-        if: ${{ github.event_name == 'release' }}
+        if: ${{ github.event_name == 'workflow_dispatch' }}
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

@@ -52,16 +52,16 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4

      - name: Set up QEMU
-        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
+        uses: docker/setup-qemu-action@v3.0.0

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@v3.3.0

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
+        uses: docker/login-action@v3
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          registry: ghcr.io
@@ -76,22 +76,22 @@ jobs:

      - name: Generate docker image tags
        id: metadata
-        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5
+        uses: docker/metadata-action@v5
        with:
          flavor: |
            latest=false
          images: |
            name=ghcr.io/${{ github.repository_owner }}/immich-cli
          tags: |
-            type=raw,value=${{ steps.package-version.outputs.version }},enable=${{ github.event_name == 'release' }}
-            type=raw,value=latest,enable=${{ github.event_name == 'release' }}
+            type=raw,value=${{ steps.package-version.outputs.version }},enable=${{ github.event_name == 'workflow_dispatch' }}
+            type=raw,value=latest,enable=${{ github.event_name == 'workflow_dispatch' }}

      - name: Build and push image
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v5.3.0
        with:
          file: cli/Dockerfile
          platforms: linux/amd64,linux/arm64
-          push: ${{ github.event_name == 'release' }}
+          push: ${{ github.event_name == 'workflow_dispatch' }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
          tags: ${{ steps.metadata.outputs.tags }}
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -9,14 +9,14 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: 'CodeQL'
+name: "CodeQL"

 on:
  push:
-    branches: ['main']
+    branches: [ "main" ]
  pull_request:
    # The branches below must be a subset of the branches above
-    branches: ['main']
+    branches: [ "main" ]
  schedule:
    - cron: '20 13 * * 1'

@@ -36,42 +36,43 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        language: ['javascript', 'python']
+        language: [ 'javascript', 'python' ]
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

    steps:
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+    - name: Checkout repository
+      uses: actions/checkout@v4

-      # Initializes the CodeQL tools for scanning.
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3
-        with:
-          languages: ${{ matrix.language }}
-          # If you wish to specify custom queries, you can do so here or in a config file.
-          # By default, queries listed here will override any specified in a config file.
-          # Prefix the list here with "+" to use these queries and those in the config file.
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.

-          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-          # queries: security-extended,security-and-quality
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality

-      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-      # If this step fails, then you should remove it and run the build manually (see below)
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3

-      # ℹ️ Command-line programs to run using the OS shell.
-      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3

-      #   If the Autobuild fails above, remove it and uncomment the following three lines.
-      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun

-      # - run: |
-      #   echo "Run, Build Application using script"
-      #   ./location_of_script_within_repo/buildscript.sh
+    #   If the Autobuild fails above, remove it and uncomment the following three lines.
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.

-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3
-        with:
-          category: '/language:${{matrix.language}}'
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"
--- a/.github/workflows/docker-cleanup.yml
+++ b/.github/workflows/docker-cleanup.yml
@@ -0,0 +1,73 @@
+# This workflow runs on certain conditions to check for and potentially
+# delete container images from the GHCR which no longer have an associated
+# code branch.
+# Requires a PAT with the correct scope set in the secrets.
+#
+# This workflow will not trigger runs on forked repos.
+
+name: Docker Cleanup
+
+on:
+  pull_request:
+    types:
+      - "closed"
+  push:
+    paths:
+      - ".github/workflows/docker-cleanup.yml"
+
+concurrency:
+  group: registry-tags-cleanup
+  cancel-in-progress: false
+
+jobs:
+  cleanup-images:
+    name: Cleanup Stale Images Tags for ${{ matrix.primary-name }}
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - primary-name: "immich-server"
+          - primary-name: "immich-machine-learning"
+    env:
+      # Requires a personal access token with the OAuth scope delete:packages
+      TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
+    steps:
+      - name: Clean temporary images
+        if: "${{ env.TOKEN != '' }}"
+        uses: stumpylog/image-cleaner-action/ephemeral@v0.6.0
+        with:
+          token: "${{ env.TOKEN }}"
+          owner: "immich-app"
+          is_org: "true"
+          do_delete: "true"
+          package_name: "${{ matrix.primary-name }}"
+          scheme: "pull_request"
+          repo_name: "immich"
+          match_regex: '^pr-(\d+)$|^(\d+)$'
+
+  cleanup-untagged-images:
+    name: Cleanup Untagged Images Tags for ${{ matrix.primary-name }}
+    runs-on: ubuntu-22.04
+    needs:
+      - cleanup-images
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - primary-name: "immich-server"
+          - primary-name: "immich-machine-learning"
+          - primary-name: "immich-build-cache"
+    env:
+      # Requires a personal access token with the OAuth scope delete:packages
+      TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
+    steps:
+      - name: Clean untagged images
+        if: "${{ env.TOKEN != '' }}"
+        uses: stumpylog/image-cleaner-action/untagged@v0.6.0
+        with:
+          token: "${{ env.TOKEN }}"
+          owner: "immich-app"
+          do_delete: "true"
+          is_org: "true"
+          package_name: "${{ matrix.primary-name }}"
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -5,6 +5,7 @@ on:
  push:
    branches: [main]
  pull_request:
+    branches: [main]
  release:
    types: [published]

@@ -16,456 +17,114 @@ permissions:
  packages: write

 jobs:
-  pre-job:
+  build_and_push:
+    name: Build and Push
    runs-on: ubuntu-latest
-    outputs:
-      should_run_server: ${{ steps.found_paths.outputs.server == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_ml: ${{ steps.found_paths.outputs.machine-learning == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
-        with:
-          filters: |
-            server:
-              - 'server/**'
-              - 'openapi/**'
-              - 'web/**'
-              - 'i18n/**'
-            machine-learning:
-              - 'machine-learning/**'
-            workflow:
-              - '.github/workflows/docker.yml'
-
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
-
-  retag_ml:
-    name: Re-Tag ML
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'false' && !github.event.pull_request.head.repo.fork }}
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        suffix: ['', '-cuda', '-rocm', '-openvino', '-armnn', '-rknn']
-    steps:
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Re-tag image
-        run: |
-          REGISTRY_NAME="ghcr.io"
-          REPOSITORY=${{ github.repository_owner }}/immich-machine-learning
-          TAG_OLD=main${{ matrix.suffix }}
-          TAG_PR=${{ github.event.number == 0 && github.ref_name ||  format('pr-{0}', github.event.number)  }}${{ matrix.suffix }}
-          TAG_COMMIT=commit-${{ github.event_name != 'pull_request' && github.sha || github.event.pull_request.head.sha }}${{ matrix.suffix }}
-          docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_PR $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
-          docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_COMMIT $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
-
-  retag_server:
-    name: Re-Tag Server
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'false' && !github.event.pull_request.head.repo.fork }}
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        suffix: ['']
-    steps:
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Re-tag image
-        run: |
-          REGISTRY_NAME="ghcr.io"
-          REPOSITORY=${{ github.repository_owner }}/immich-server
-          TAG_OLD=main${{ matrix.suffix }}
-          TAG_PR=${{ github.event.number == 0 && github.ref_name ||  format('pr-{0}', github.event.number)  }}${{ matrix.suffix }}
-          TAG_COMMIT=commit-${{ github.event_name != 'pull_request' && github.sha || github.event.pull_request.head.sha }}${{ matrix.suffix }}
-          docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_PR $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
-          docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_COMMIT $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
-
-  build_and_push_ml:
-    name: Build and Push ML
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'true' }}
-    runs-on: ${{ matrix.runner }}
-    env:
-      image: immich-machine-learning
-      context: machine-learning
-      file: machine-learning/Dockerfile
-      GHCR_REPO: ghcr.io/${{ github.repository_owner }}/immich-machine-learning
    strategy:
      # Prevent a failure in one image from stopping the other builds
      fail-fast: false
      matrix:
        include:
-          - platform: linux/amd64
-            runner: ubuntu-latest
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64,linux/arm64
            device: cpu

-          - platform: linux/arm64
-            runner: ubuntu-24.04-arm
-            device: cpu
-
-          - platform: linux/amd64
-            runner: ubuntu-latest
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64
            device: cuda
            suffix: -cuda

-          - platform: linux/amd64
-            runner: mich
-            device: rocm
-            suffix: -rocm
-
-          - platform: linux/amd64
-            runner: ubuntu-latest
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/amd64
            device: openvino
            suffix: -openvino

-          - platform: linux/arm64
-            runner: ubuntu-24.04-arm
+          - image: immich-machine-learning
+            context: machine-learning
+            file: machine-learning/Dockerfile
+            platforms: linux/arm64
            device: armnn
            suffix: -armnn

-          - platform: linux/arm64
-            runner: ubuntu-24.04-arm
-            device: rknn
-            suffix: -rknn
+          - image: immich-server
+            context: .
+            file: server/Dockerfile
+            platforms: linux/amd64,linux/arm64
+            device: cpu

    steps:
-      - name: Prepare
-        run: |
-          platform=${{ matrix.platform }}
-          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3.0.0

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@v3.3.0
+
+      - name: Login to Docker Hub
+        # Only push to Docker Hub when making a release
+        if: ${{ github.event_name == 'release' }}
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
+        uses: docker/login-action@v3
+        # Skip when PR from a fork
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

-      - name: Generate cache key suffix
-        run: |
-          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-            echo "CACHE_KEY_SUFFIX=pr-${{ github.event.number }}" >> $GITHUB_ENV
-          else
-            echo "CACHE_KEY_SUFFIX=$(echo ${{ github.ref_name }} | sed 's/[^a-zA-Z0-9]/-/g')" >> $GITHUB_ENV
-          fi
+      - name: Generate docker image tags
+        id: metadata
+        uses: docker/metadata-action@v5
+        with:
+          flavor: |
+            # Disable latest tag
+            latest=false
+          images: |
+            name=ghcr.io/${{ github.repository_owner }}/${{matrix.image}}
+            name=altran1502/${{matrix.image}},enable=${{ github.event_name == 'release' }}
+          tags: |
+            # Tag with branch name
+            type=ref,event=branch,suffix=${{ matrix.suffix }}
+            # Tag with pr-number
+            type=ref,event=pr,suffix=${{ matrix.suffix }}
+            # Tag with git tag on release
+            type=ref,event=tag,suffix=${{ matrix.suffix }}
+            type=raw,value=release,enable=${{ github.event_name == 'release' }},suffix=${{ matrix.suffix }}

-      - name: Generate cache target
+      - name: Determine build cache output
        id: cache-target
        run: |
-          if [[ "${{ github.event.pull_request.head.repo.fork }}" == "true" ]]; then
-            # Essentially just ignore the cache output (forks can't write to registry cache)
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+            # Essentially just ignore the cache output (PR can't write to registry cache)
            echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
          else
-            echo "cache-to=type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ matrix.device }}-${{ env.CACHE_KEY_SUFFIX }},mode=max,compression=zstd" >> $GITHUB_OUTPUT
+            echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ matrix.image }}" >> $GITHUB_OUTPUT
          fi

      - name: Build and push image
-        id: build
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v5.3.0
        with:
-          context: ${{ env.context }}
-          file: ${{ env.file }}
+          context: ${{ matrix.context }}
+          file: ${{ matrix.file }}
          platforms: ${{ matrix.platforms }}
-          labels: ${{ steps.metadata.outputs.labels }}
+          # Skip pushing when PR from a fork
+          push: ${{ !github.event.pull_request.head.repo.fork }}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{matrix.image}}
          cache-to: ${{ steps.cache-target.outputs.cache-to }}
-          cache-from: |
-            type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ matrix.device }}-${{ env.CACHE_KEY_SUFFIX }}
-            type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ matrix.device }}-main
-          outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=${{ !github.event.pull_request.head.repo.fork }}
          build-args: |
            DEVICE=${{ matrix.device }}
-            BUILD_ID=${{ github.run_id }}
-            BUILD_IMAGE=${{ github.event_name == 'release' && github.ref_name || steps.metadata.outputs.tags }}
-            BUILD_SOURCE_REF=${{ github.ref_name }}
-            BUILD_SOURCE_COMMIT=${{ github.sha }}
-
-      - name: Export digest
-        run: |
-          mkdir -p ${{ runner.temp }}/digests
-          digest="${{ steps.build.outputs.digest }}"
-          touch "${{ runner.temp }}/digests/${digest#sha256:}"
-
-      - name: Upload digest
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
-        with:
-          name: ml-digests-${{ matrix.device }}-${{ env.PLATFORM_PAIR }}
-          path: ${{ runner.temp }}/digests/*
-          if-no-files-found: error
-          retention-days: 1
-
-  merge_ml:
-    name: Merge & Push ML
-    runs-on: ubuntu-latest
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'true' && !github.event.pull_request.head.repo.fork }}
-    env:
-      GHCR_REPO: ghcr.io/${{ github.repository_owner }}/immich-machine-learning
-      DOCKER_REPO: altran1502/immich-machine-learning
-    strategy:
-      matrix:
-        include:
-          - device: cpu
-          - device: cuda
-            suffix: -cuda
-          - device: rocm
-            suffix: -rocm
-          - device: openvino
-            suffix: -openvino
-          - device: armnn
-            suffix: -armnn
-          - device: rknn
-            suffix: -rknn
-    needs:
-      - build_and_push_ml
-    steps:
-      - name: Download digests
-        uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4
-        with:
-          path: ${{ runner.temp }}/digests
-          pattern: ml-digests-${{ matrix.device }}-*
-          merge-multiple: true
-
-      - name: Login to Docker Hub
-        if: ${{ github.event_name == 'release' }}
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Login to GHCR
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
-
-      - name: Generate docker image tags
-        id: meta
-        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5
-        env:
-          DOCKER_METADATA_PR_HEAD_SHA: 'true'
-        with:
-          flavor: |
-            # Disable latest tag
-            latest=false
-            suffix=${{ matrix.suffix }}
-          images: |
-            name=${{ env.GHCR_REPO }}
-            name=${{ env.DOCKER_REPO }},enable=${{ github.event_name == 'release' }}
-          tags: |
-            # Tag with branch name
-            type=ref,event=branch
-            # Tag with pr-number
-            type=ref,event=pr
-            # Tag with long commit sha hash
-            type=sha,format=long,prefix=commit-
-            # Tag with git tag on release
-            type=ref,event=tag
-            type=raw,value=release,enable=${{ github.event_name == 'release' }}
-
-      - name: Create manifest list and push
-        working-directory: ${{ runner.temp }}/digests
-        run: |
-          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-            $(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
-
-  build_and_push_server:
-    name: Build and Push Server
-    runs-on: ${{ matrix.runner }}
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
-    env:
-      image: immich-server
-      context: .
-      file: server/Dockerfile
-      GHCR_REPO: ghcr.io/${{ github.repository_owner }}/immich-server
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - platform: linux/amd64
-            runner: ubuntu-latest
-          - platform: linux/arm64
-            runner: ubuntu-24.04-arm
-    steps:
-      - name: Prepare
-        run: |
-          platform=${{ matrix.platform }}
-          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
-        if: ${{ !github.event.pull_request.head.repo.fork }}
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Generate cache key suffix
-        run: |
-          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-            echo "CACHE_KEY_SUFFIX=pr-${{ github.event.number }}" >> $GITHUB_ENV
-          else
-            echo "CACHE_KEY_SUFFIX=$(echo ${{ github.ref_name }} | sed 's/[^a-zA-Z0-9]/-/g')" >> $GITHUB_ENV
-          fi
-
-      - name: Generate cache target
-        id: cache-target
-        run: |
-          if [[ "${{ github.event.pull_request.head.repo.fork }}" == "true" ]]; then
-            # Essentially just ignore the cache output (forks can't write to registry cache)
-            echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
-          else
-            echo "cache-to=type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ matrix.device }}-${{ env.CACHE_KEY_SUFFIX }},mode=max,compression=zstd" >> $GITHUB_OUTPUT
-          fi
-
-      - name: Build and push image
-        id: build
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
-        with:
-          context: ${{ env.context }}
-          file: ${{ env.file }}
-          platforms: ${{ matrix.platform }}
+          tags: ${{ steps.metadata.outputs.tags }}
          labels: ${{ steps.metadata.outputs.labels }}
-          cache-to: ${{ steps.cache-target.outputs.cache-to }}
-          cache-from: |
-            type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ env.CACHE_KEY_SUFFIX }}
-            type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-main
-          outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=${{ !github.event.pull_request.head.repo.fork }}
-          build-args: |
-            DEVICE=cpu
-            BUILD_ID=${{ github.run_id }}
-            BUILD_IMAGE=${{ github.event_name == 'release' && github.ref_name || steps.metadata.outputs.tags }}
-            BUILD_SOURCE_REF=${{ github.ref_name }}
-            BUILD_SOURCE_COMMIT=${{ github.sha }}
-
-      - name: Export digest
-        run: |
-          mkdir -p ${{ runner.temp }}/digests
-          digest="${{ steps.build.outputs.digest }}"
-          touch "${{ runner.temp }}/digests/${digest#sha256:}"
-
-      - name: Upload digest
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
-        with:
-          name: server-digests-${{ env.PLATFORM_PAIR }}
-          path: ${{ runner.temp }}/digests/*
-          if-no-files-found: error
-          retention-days: 1
-
-  merge_server:
-    name: Merge & Push Server
-    runs-on: ubuntu-latest
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' && !github.event.pull_request.head.repo.fork }}
-    env:
-      GHCR_REPO: ghcr.io/${{ github.repository_owner }}/immich-server
-      DOCKER_REPO: altran1502/immich-server
-    needs:
-      - build_and_push_server
-    steps:
-      - name: Download digests
-        uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4
-        with:
-          path: ${{ runner.temp }}/digests
-          pattern: server-digests-*
-          merge-multiple: true
-
-      - name: Login to Docker Hub
-        if: ${{ github.event_name == 'release' }}
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Login to GHCR
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
-
-      - name: Generate docker image tags
-        id: meta
-        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5
-        env:
-          DOCKER_METADATA_PR_HEAD_SHA: 'true'
-        with:
-          flavor: |
-            # Disable latest tag
-            latest=false
-            suffix=${{ matrix.suffix }}
-          images: |
-            name=${{ env.GHCR_REPO }}
-            name=${{ env.DOCKER_REPO }},enable=${{ github.event_name == 'release' }}
-          tags: |
-            # Tag with branch name
-            type=ref,event=branch
-            # Tag with pr-number
-            type=ref,event=pr
-            # Tag with long commit sha hash
-            type=sha,format=long,prefix=commit-
-            # Tag with git tag on release
-            type=ref,event=tag
-            type=raw,value=release,enable=${{ github.event_name == 'release' }}
-
-      - name: Create manifest list and push
-        working-directory: ${{ runner.temp }}/digests
-        run: |
-          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-            $(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
-
-  success-check-server:
-    name: Docker Build & Push Server Success
-    needs: [merge_server, retag_server]
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - name: Any jobs failed?
-        if: ${{ contains(needs.*.result, 'failure') }}
-        run: exit 1
-      - name: All jobs passed or skipped
-        if: ${{ !(contains(needs.*.result, 'failure')) }}
-        run: echo "All jobs passed or skipped" && echo "${{ toJSON(needs.*.result) }}"
-
-  success-check-ml:
-    name: Docker Build & Push ML Success
-    needs: [merge_ml, retag_ml]
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - name: Any jobs failed?
-        if: ${{ contains(needs.*.result, 'failure') }}
-        run: exit 1
-      - name: All jobs passed or skipped
-        if: ${{ !(contains(needs.*.result, 'failure')) }}
-        run: echo "All jobs passed or skipped" && echo "${{ toJSON(needs.*.result) }}"
--- a/.github/workflows/docs-build.yml
+++ b/.github/workflows/docs-build.yml
@@ -1,65 +0,0 @@
-name: Docs build
-on:
-  push:
-    branches: [main]
-  pull_request:
-  release:
-    types: [published]
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.docs == 'true' ||  steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
-        with:
-          filters: |
-            docs:
-              - 'docs/**'
-            workflow:
-              - '.github/workflows/docs-build.yml'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'release' || github.ref_name == 'main' }}" >> "$GITHUB_OUTPUT"
-
-  build:
-    name: Docs Build
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}
-    runs-on: ubuntu-latest
-    defaults:
-      run:
-        working-directory: ./docs
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './docs/.nvmrc'
-
-      - name: Run npm install
-        run: npm ci
-
-      - name: Check formatting
-        run: npm run format
-
-      - name: Run build
-        run: npm run build
-
-      - name: Upload build output
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
-        with:
-          name: docs-build-output
-          path: docs/build/
-          retention-days: 1
--- a/.github/workflows/docs-deploy.yml
+++ b/.github/workflows/docs-deploy.yml
@@ -1,202 +0,0 @@
-name: Docs deploy
-on:
-  workflow_run:
-    workflows: ['Docs build']
-    types:
-      - completed
-
-jobs:
-  checks:
-    name: Docs Deploy Checks
-    runs-on: ubuntu-latest
-    outputs:
-      parameters: ${{ steps.parameters.outputs.result }}
-      artifact: ${{ steps.get-artifact.outputs.result }}
-    steps:
-      - if: ${{ github.event.workflow_run.conclusion != 'success' }}
-        run: echo 'The triggering workflow did not succeed' && exit 1
-      - name: Get artifact
-        id: get-artifact
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
-        with:
-          script: |
-            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               run_id: context.payload.workflow_run.id,
-            });
-            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
-              return artifact.name == "docs-build-output"
-            })[0];
-            if (!matchArtifact) {
-              console.log("No artifact found with the name docs-build-output, build job was skipped")
-              return { found: false };
-            }
-            return { found: true, id: matchArtifact.id };
-      - name: Determine deploy parameters
-        id: parameters
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
-        with:
-          script: |
-            const eventType = context.payload.workflow_run.event;
-            const isFork = context.payload.workflow_run.repository.fork;
-
-            let parameters;
-
-            console.log({eventType, isFork});
-
-            if (eventType == "push") {
-              const branch = context.payload.workflow_run.head_branch;
-              console.log({branch});
-              const shouldDeploy = !isFork && branch == "main";
-              parameters = {
-                event: "branch",
-                name: "main",
-                shouldDeploy
-              };
-            } else if (eventType == "pull_request") {
-              let pull_number = context.payload.workflow_run.pull_requests[0]?.number;
-              if(!pull_number) {
-                const response = await github.rest.search.issuesAndPullRequests({q: 'repo:${{ github.repository }} is:pr sha:${{ github.event.workflow_run.head_sha }}',per_page: 1,})
-                const items = response.data.items
-                if (items.length < 1) {
-                  throw new Error("No pull request found for the commit")
-                }
-                const pullRequestNumber = items[0].number
-                console.info("Pull request number is", pullRequestNumber)
-                pull_number = pullRequestNumber
-              }
-              const {data: pr} = await github.rest.pulls.get({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                pull_number
-              });
-
-              console.log({pull_number});
-
-              parameters = {
-                event: "pr",
-                name: `pr-${pull_number}`,
-                pr_number: pull_number,
-                shouldDeploy: true
-              };
-            } else if (eventType == "release") {
-              parameters = {
-                event: "release",
-                name: context.payload.workflow_run.head_branch,
-                shouldDeploy: !isFork
-              };
-            }
-
-            console.log(parameters);
-            return parameters;
-
-  deploy:
-    name: Docs Deploy
-    runs-on: ubuntu-latest
-    needs: checks
-    if: ${{ fromJson(needs.checks.outputs.artifact).found && fromJson(needs.checks.outputs.parameters).shouldDeploy }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Load parameters
-        id: parameters
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
-        with:
-          script: |
-            const json = `${{ needs.checks.outputs.parameters }}`;
-            const parameters = JSON.parse(json);
-            core.setOutput("event", parameters.event);
-            core.setOutput("name", parameters.name);
-            core.setOutput("shouldDeploy", parameters.shouldDeploy);
-
-      - run: |
-          echo "Starting docs deployment for ${{ steps.parameters.outputs.event }} ${{ steps.parameters.outputs.name }}"
-
-      - name: Download artifact
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
-        with:
-          script: |
-            let artifact = ${{ needs.checks.outputs.artifact }};
-            let download = await github.rest.actions.downloadArtifact({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               artifact_id: artifact.id,
-               archive_format: 'zip',
-            });
-            let fs = require('fs');
-            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/docs-build-output.zip`, Buffer.from(download.data));
-
-      - name: Unzip artifact
-        run: unzip "${{ github.workspace }}/docs-build-output.zip" -d "${{ github.workspace }}/docs/build"
-
-      - name: Deploy Docs Subdomain
-        env:
-          TF_VAR_prefix_name: ${{ steps.parameters.outputs.name}}
-          TF_VAR_prefix_event_type: ${{ steps.parameters.outputs.event }}
-          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
-        uses: gruntwork-io/terragrunt-action@9559e51d05873b0ea467c42bbabcb5c067642ccc # v2
-        with:
-          tg_version: '0.58.12'
-          tofu_version: '1.7.1'
-          tg_dir: 'deployment/modules/cloudflare/docs'
-          tg_command: 'apply'
-
-      - name: Deploy Docs Subdomain Output
-        id: docs-output
-        env:
-          TF_VAR_prefix_name: ${{ steps.parameters.outputs.name}}
-          TF_VAR_prefix_event_type: ${{ steps.parameters.outputs.event }}
-          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
-        uses: gruntwork-io/terragrunt-action@9559e51d05873b0ea467c42bbabcb5c067642ccc # v2
-        with:
-          tg_version: '0.58.12'
-          tofu_version: '1.7.1'
-          tg_dir: 'deployment/modules/cloudflare/docs'
-          tg_command: 'output -json'
-
-      - name: Output Cleaning
-        id: clean
-        run: |
-          TG_OUT=$(echo '${{ steps.docs-output.outputs.tg_action_output }}' | sed 's|%0A|\n|g ; s|%3C|<|g' | jq -c .)
-          echo "output=$TG_OUT" >> $GITHUB_OUTPUT
-
-      - name: Publish to Cloudflare Pages
-        uses: cloudflare/pages-action@f0a1cd58cd66095dee69bfa18fa5efd1dde93bca # v1
-        with:
-          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN_PAGES_UPLOAD }}
-          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          projectName: ${{ fromJson(steps.clean.outputs.output).pages_project_name.value }}
-          workingDirectory: 'docs'
-          directory: 'build'
-          branch: ${{ steps.parameters.outputs.name }}
-          wranglerVersion: '3'
-
-      - name: Deploy Docs Release Domain
-        if: ${{ steps.parameters.outputs.event == 'release' }}
-        env:
-          TF_VAR_prefix_name: ${{ steps.parameters.outputs.name}}
-          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
-        uses: gruntwork-io/terragrunt-action@9559e51d05873b0ea467c42bbabcb5c067642ccc # v2
-        with:
-          tg_version: '0.58.12'
-          tofu_version: '1.7.1'
-          tg_dir: 'deployment/modules/cloudflare/docs-release'
-          tg_command: 'apply'
-
-      - name: Comment
-        uses: actions-cool/maintain-one-comment@4b2dbf086015f892dcb5e8c1106f5fccd6c1476b # v3
-        if: ${{ steps.parameters.outputs.event == 'pr' }}
-        with:
-          number: ${{ fromJson(needs.checks.outputs.parameters).pr_number }}
-          body: |
-            📖 Documentation deployed to [${{ fromJson(steps.clean.outputs.output).immich_app_branch_subdomain.value }}](https://${{ fromJson(steps.clean.outputs.output).immich_app_branch_subdomain.value }})
-          emojis: 'rocket'
-          body-include: '<!-- Docs PR URL -->'
--- a/.github/workflows/docs-destroy.yml
+++ b/.github/workflows/docs-destroy.yml
@@ -1,33 +0,0 @@
-name: Docs destroy
-on:
-  pull_request_target:
-    types: [closed]
-
-jobs:
-  deploy:
-    name: Docs Destroy
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Destroy Docs Subdomain
-        env:
-          TF_VAR_prefix_name: 'pr-${{ github.event.number }}'
-          TF_VAR_prefix_event_type: 'pr'
-          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
-          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
-          TF_STATE_POSTGRES_CONN_STR: ${{ secrets.TF_STATE_POSTGRES_CONN_STR }}
-        uses: gruntwork-io/terragrunt-action@9559e51d05873b0ea467c42bbabcb5c067642ccc # v2
-        with:
-          tg_version: '0.58.12'
-          tofu_version: '1.7.1'
-          tg_dir: 'deployment/modules/cloudflare/docs'
-          tg_command: 'destroy -refresh=false'
-
-      - name: Comment
-        uses: actions-cool/maintain-one-comment@4b2dbf086015f892dcb5e8c1106f5fccd6c1476b # v3
-        with:
-          number: ${{ github.event.number }}
-          delete: true
-          body-include: '<!-- Docs PR URL -->'
--- a/.github/workflows/fix-format.yml
+++ b/.github/workflows/fix-format.yml
@@ -1,51 +0,0 @@
-name: Fix formatting
-
-on:
-  pull_request:
-    types: [labeled]
-
-jobs:
-  fix-formatting:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.label.name == 'fix:formatting' }}
-    permissions:
-      pull-requests: write
-    steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@d72941d797fd3113feb6b93fd0dec494b13a2547 # v1
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
-      - name: 'Checkout'
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-        with:
-          ref: ${{ github.event.pull_request.head.ref }}
-          token: ${{ steps.generate-token.outputs.token }}
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './server/.nvmrc'
-
-      - name: Fix formatting
-        run: make install-all && make format-all
-
-      - name: Commit and push
-        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9
-        with:
-          default_author: github_actions
-          message: 'chore: fix formatting'
-
-      - name: Remove label
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
-        if: always()
-        with:
-          script: |
-            github.rest.issues.removeLabel({
-              issue_number: context.payload.pull_request.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              name: 'fix:formatting'
-            })
--- a/.github/workflows/pr-label-validation.yml
+++ b/.github/workflows/pr-label-validation.yml
@@ -1,22 +0,0 @@
-name: PR Label Validation
-
-on:
-  pull_request_target:
-    types: [opened, labeled, unlabeled, synchronize]
-
-jobs:
-  validate-release-label:
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-      pull-requests: write
-    steps:
-      - name: Require PR to have a changelog label
-        uses: mheap/github-action-required-labels@388fd6af37b34cdfe5a23b37060e763217e58b03 # v5
-        with:
-          mode: exactly
-          count: 1
-          use_regex: true
-          labels: 'changelog:.*'
-          add_comment: true
-          message: 'Label error. Requires {{errorString}} {{count}} of: {{ provided }}. Found: {{ applied }}. A maintainer will add the required label.'
--- a/.github/workflows/pr-labeler.yml
+++ b/.github/workflows/pr-labeler.yml
@@ -1,12 +0,0 @@
-name: 'Pull Request Labeler'
-on:
-  - pull_request_target
-
-jobs:
-  labeler:
-    permissions:
-      contents: read
-      pull-requests: write
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5
--- a/.github/workflows/pr-require-conventional-commit.yml
+++ b/.github/workflows/pr-require-conventional-commit.yml
@@ -9,7 +9,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: PR Conventional Commit Validation
-        uses: ytanikin/PRConventionalCommits@b628c5a234cc32513014b7bfdd1e47b532124d98 # 1.3.0
+        uses:  ytanikin/PRConventionalCommits@1.2.0
        with:
          task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]'
          add_label: 'false'
--- a/.github/workflows/pr-require-label.yml
+++ b/.github/workflows/pr-require-label.yml
@@ -0,0 +1,13 @@
+name: Enforce PR labels
+
+on:
+  pull_request:
+    types: [labeled, unlabeled, opened, edited, synchronize]
+jobs:
+  enforce-label:
+    name: Enforce label
+    runs-on: ubuntu-latest
+    steps:
+    - if: toJson(github.event.pull_request.labels) == '[]'
+      run: exit 1
+
--- a/.github/workflows/prepare-release.yml
+++ b/.github/workflows/prepare-release.yml
@@ -29,30 +29,25 @@ jobs:
      ref: ${{ steps.push-tag.outputs.commit_long_sha }}

    steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@d72941d797fd3113feb6b93fd0dec494b13a2547 # v1
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4
        with:
-          token: ${{ steps.generate-token.outputs.token }}
+          token: ${{ secrets.ORG_RELEASE_TOKEN }}

-      - name: Install uv
-        uses: astral-sh/setup-uv@0c5e2b8115b80b4c7c5ddf6ffdd634974642d182 # v5
+      - name: Install Poetry
+        run: pipx install poetry

      - name: Bump version
        run: misc/release/pump-version.sh -s "${{ inputs.serverBump }}" -m "${{ inputs.mobileBump }}"

      - name: Commit and tag
        id: push-tag
-        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9
+        uses: EndBug/add-and-commit@v9
        with:
-          default_author: github_actions
-          message: 'chore: version ${{ env.IMMICH_VERSION }}'
+          author_name: Alex The Bot
+          author_email: alex.tran1502@gmail.com
+          default_author: user_info
+          message: 'Version ${{ env.IMMICH_VERSION }}'
          tag: ${{ env.IMMICH_VERSION }}
          push: true

@@ -68,25 +63,18 @@ jobs:
    needs: build_mobile

    steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@d72941d797fd3113feb6b93fd0dec494b13a2547 # v1
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4
        with:
-          token: ${{ steps.generate-token.outputs.token }}
+          token: ${{ secrets.ORG_RELEASE_TOKEN }}

      - name: Download APK
-        uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4
+        uses: actions/download-artifact@v4
        with:
          name: release-apk-signed

      - name: Create draft release
-        uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2
+        uses: softprops/action-gh-release@v2
        with:
          draft: true
          tag_name: ${{ env.IMMICH_VERSION }}
--- a/.github/workflows/preview-label.yaml
+++ b/.github/workflows/preview-label.yaml
@@ -1,33 +0,0 @@
-name: Preview label
-
-on:
-  pull_request:
-    types: [labeled, closed]
-
-jobs:
-  comment-status:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.action == 'labeled' && github.event.label.name == 'preview' }}
-    permissions:
-      pull-requests: write
-    steps:
-      - uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2
-        with:
-          message-id: 'preview-status'
-          message: 'Deploying preview environment to https://pr-${{ github.event.pull_request.number }}.preview.internal.immich.cloud/'
-
-  remove-label:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.action == 'closed' && contains(github.event.pull_request.labels.*.name, 'preview') }}
-    permissions:
-      pull-requests: write
-    steps:
-      - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
-        with:
-          script: |
-            github.rest.issues.removeLabel({
-              issue_number: context.payload.pull_request.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              name: 'preview'
-            })
--- a/.github/workflows/sdk.yml
+++ b/.github/workflows/sdk.yml
@@ -15,11 +15,11 @@ jobs:
      run:
        working-directory: ./open-api/typescript-sdk
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: actions/checkout@v4
      # Setup .npmrc file to publish to npm
-      - uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
+      - uses: actions/setup-node@v4
        with:
-          node-version-file: './open-api/typescript-sdk/.nvmrc'
+          node-version: '20.x'
          registry-url: 'https://registry.npmjs.org'
      - name: Install deps
        run: npm ci
--- a/.github/workflows/static_analysis.yml
+++ b/.github/workflows/static_analysis.yml
@@ -10,66 +10,25 @@ concurrency:
  cancel-in-progress: true

 jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
-        with:
-          filters: |
-            mobile:
-              - 'mobile/**'
-            workflow:
-              - '.github/workflows/static_analysis.yml'
-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
-
  mobile-dart-analyze:
    name: Run Dart Code Analysis
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}

    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@e938fdf56512cc96ef2f93601a5a40bde3801046 # v2
+        uses: subosito/flutter-action@v2
        with:
          channel: 'stable'
-          flutter-version-file: ./mobile/pubspec.yaml
+          flutter-version: '3.22.0'

      - name: Install dependencies
        run: dart pub get
        working-directory: ./mobile

-      - name: Run Build Runner
-        run: make build
-        working-directory: ./mobile
-
-      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20
-        id: verify-changed-files
-        with:
-          files: |
-            mobile/**/*.g.dart
-            mobile/**/*.gr.dart
-            mobile/**/*.drift.dart
-
-      - name: Verify files have not changed
-        if: steps.verify-changed-files.outputs.files_changed == 'true'
-        run: |
-          echo "ERROR: Generated files not up to date! Run make_build inside the mobile directory"
-          echo "Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}"
-          exit 1
-
      - name: Run dart analyze
        run: dart analyze --fatal-infos
        working-directory: ./mobile
@@ -78,6 +37,7 @@ jobs:
        run: dart format lib/ --set-exit-if-changed
        working-directory: ./mobile

-      - name: Run dart custom_lint
-        run: dart run custom_lint
-        working-directory: ./mobile
+      # Enable after riverpod generator migration is completed
+      # - name: Run dart custom lint
+      #   run: dart run custom_lint
+      #   working-directory: ./mobile
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,53 +10,30 @@ concurrency:
  cancel-in-progress: true

 jobs:
-  pre-job:
+  doc-tests:
+    name: Docs
    runs-on: ubuntu-latest
-    outputs:
-      should_run_web: ${{ steps.found_paths.outputs.web == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_server: ${{ steps.found_paths.outputs.server == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_cli: ${{ steps.found_paths.outputs.cli == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e: ${{ steps.found_paths.outputs.e2e == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_mobile: ${{ steps.found_paths.outputs.mobile == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_ml: ${{ steps.found_paths.outputs.machine-learning == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e_web: ${{ steps.found_paths.outputs.e2e == 'true' || steps.found_paths.outputs.web == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_e2e_server_cli: ${{ steps.found_paths.outputs.e2e == 'true' || steps.found_paths.outputs.server == 'true' || steps.found_paths.outputs.cli == 'true' || steps.should_force.outputs.should_force == 'true' }}
-      should_run_.github: ${{ steps.found_paths.outputs['.github'] == 'true' || steps.should_force.outputs.should_force == 'true' }} # redundant to have should_force but if someone changes the trigger then this won't have to be changed
+    defaults:
+      run:
+        working-directory: ./docs
+
    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
-        with:
-          filters: |
-            web:
-              - 'web/**'
-              - 'i18n/**'
-              - 'open-api/typescript-sdk/**'
-            server:
-              - 'server/**'
-            cli:
-              - 'cli/**'
-              - 'open-api/typescript-sdk/**'
-            e2e:
-              - 'e2e/**'
-            mobile:
-              - 'mobile/**'
-            machine-learning:
-              - 'machine-learning/**'
-            workflow:
-              - '.github/workflows/test.yml'
-            .github:
-              - '.github/**'
+        uses: actions/checkout@v4

-      - name: Check if we should force jobs to run
-        id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
+      - name: Run npm install
+        run: npm ci
+
+      - name: Run formatter
+        run: npm run format
+        if: ${{ !cancelled() }}
+
+      - name: Run build
+        run: npm run build
+        if: ${{ !cancelled() }}

  server-unit-tests:
-    name: Test & Lint Server
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
+    name: Server
    runs-on: ubuntu-latest
    defaults:
      run:
@@ -64,12 +41,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './server/.nvmrc'
+        uses: actions/checkout@v4

      - name: Run npm install
        run: npm ci
@@ -86,14 +58,12 @@ jobs:
        run: npm run check
        if: ${{ !cancelled() }}

-      - name: Run small tests & coverage
+      - name: Run unit tests & coverage
        run: npm run test:cov
        if: ${{ !cancelled() }}

  cli-unit-tests:
-    name: Unit Test CLI
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_cli == 'true' }}
+    name: CLI
    runs-on: ubuntu-latest
    defaults:
      run:
@@ -101,12 +71,12 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4

      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
+        uses: actions/setup-node@v4
        with:
-          node-version-file: './cli/.nvmrc'
+          node-version: 20

      - name: Setup typescript-sdk
        run: npm ci && npm run build
@@ -131,44 +101,8 @@ jobs:
        run: npm run test:cov
        if: ${{ !cancelled() }}

-  cli-unit-tests-win:
-    name: Unit Test CLI (Windows)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_cli == 'true' }}
-    runs-on: windows-latest
-    defaults:
-      run:
-        working-directory: ./cli
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './cli/.nvmrc'
-
-      - name: Setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-
-      - name: Install deps
-        run: npm ci
-
-      # Skip linter & formatter in Windows test.
-      - name: Run tsc
-        run: npm run check
-        if: ${{ !cancelled() }}
-
-      - name: Run unit tests & coverage
-        run: npm run test:cov
-        if: ${{ !cancelled() }}
-
  web-unit-tests:
-    name: Test & Lint Web
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_web == 'true' }}
+    name: Web
    runs-on: ubuntu-latest
    defaults:
      run:
@@ -176,12 +110,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './web/.nvmrc'
+        uses: actions/checkout@v4

      - name: Run setup typescript-sdk
        run: npm ci && npm run build
@@ -210,10 +139,8 @@ jobs:
        run: npm run test:cov
        if: ${{ !cancelled() }}

-  e2e-tests-lint:
-    name: End-to-End Lint
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e == 'true' }}
+  e2e-tests:
+    name: End-to-End Tests
    runs-on: ubuntu-latest
    defaults:
      run:
@@ -221,18 +148,25 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4
+        with:
+          submodules: 'recursive'

      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
+        uses: actions/setup-node@v4
        with:
-          node-version-file: './e2e/.nvmrc'
+          node-version: 20

      - name: Run setup typescript-sdk
        run: npm ci && npm run build
        working-directory: ./open-api/typescript-sdk
        if: ${{ !cancelled() }}

+      - name: Run setup cli
+        run: npm ci && npm run build
+        working-directory: ./cli
+        if: ${{ !cancelled() }}
+
      - name: Install dependencies
        run: npm ci
        if: ${{ !cancelled() }}
@@ -249,63 +183,8 @@ jobs:
        run: npm run check
        if: ${{ !cancelled() }}

-  server-medium-tests:
-    name: Medium Tests (Server)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
-    runs-on: ubuntu-latest
-    defaults:
-      run:
-        working-directory: ./server
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './server/.nvmrc'
-
-      - name: Run npm install
-        run: npm ci
-
-      - name: Run medium tests
-        run: npm run test:medium
-        if: ${{ !cancelled() }}
-
-  e2e-tests-server-cli:
-    name: End-to-End Tests (Server & CLI)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e_server_cli == 'true' }}
-    runs-on: mich
-    defaults:
-      run:
-        working-directory: ./e2e
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-        with:
-          submodules: 'recursive'
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './e2e/.nvmrc'
-
-      - name: Run setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-        if: ${{ !cancelled() }}
-
-      - name: Run setup cli
-        run: npm ci && npm run build
-        working-directory: ./cli
-        if: ${{ !cancelled() }}
-
-      - name: Install dependencies
-        run: npm ci
+      - name: Install Playwright Browsers
+        run: npx playwright install --with-deps chromium
        if: ${{ !cancelled() }}

      - name: Docker build
@@ -316,126 +195,59 @@ jobs:
        run: npm run test
        if: ${{ !cancelled() }}

-  e2e-tests-web:
-    name: End-to-End Tests (Web)
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_e2e_web == 'true' }}
-    runs-on: mich
-    defaults:
-      run:
-        working-directory: ./e2e
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-        with:
-          submodules: 'recursive'
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './e2e/.nvmrc'
-
-      - name: Run setup typescript-sdk
-        run: npm ci && npm run build
-        working-directory: ./open-api/typescript-sdk
-        if: ${{ !cancelled() }}
-
-      - name: Install dependencies
-        run: npm ci
-        if: ${{ !cancelled() }}
-
-      - name: Install Playwright Browsers
-        run: npx playwright install --with-deps chromium
-        if: ${{ !cancelled() }}
-
-      - name: Docker build
-        run: docker compose build
-        if: ${{ !cancelled() }}
-
      - name: Run e2e tests (web)
        run: npx playwright test
        if: ${{ !cancelled() }}

  mobile-unit-tests:
-    name: Unit Test Mobile
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_mobile == 'true' }}
+    name: Mobile
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: actions/checkout@v4
      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@e938fdf56512cc96ef2f93601a5a40bde3801046 # v2
+        uses: subosito/flutter-action@v2
        with:
          channel: 'stable'
-          flutter-version-file: ./mobile/pubspec.yaml
+          flutter-version: '3.22.0'
      - name: Run tests
        working-directory: ./mobile
        run: flutter test -j 1

  ml-unit-tests:
-    name: Unit Test ML
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'true' }}
+    name: Machine Learning
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ./machine-learning
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - name: Install uv
-        uses: astral-sh/setup-uv@0c5e2b8115b80b4c7c5ddf6ffdd634974642d182 # v5
-      - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5
-        # TODO: add caching when supported (https://github.com/actions/setup-python/pull/818)
-        # with:
-        #   python-version: 3.11
-        #   cache: 'uv'
+      - uses: actions/checkout@v4
+      - name: Install poetry
+        run: pipx install poetry
+      - uses: actions/setup-python@v5
+        with:
+          python-version: 3.11
+          cache: 'poetry'
      - name: Install dependencies
        run: |
-          uv sync --extra cpu
+          poetry install --with dev --with cpu
      - name: Lint with ruff
        run: |
-          uv run ruff check --output-format=github immich_ml
+          poetry run ruff check --output-format=github app export
      - name: Check black formatting
        run: |
-          uv run black --check immich_ml
+          poetry run black --check app export
      - name: Run mypy type checking
        run: |
-          uv run mypy --strict immich_ml/
+          poetry run mypy --install-types --non-interactive --strict app/
      - name: Run tests and coverage
        run: |
-          uv run pytest --cov=immich_ml --cov-report term-missing
-
-  github-files-formatting:
-    name: .github Files Formatting
-    needs: pre-job
-    if: ${{ needs.pre-job.outputs['should_run_.github'] == 'true' }}
-    runs-on: ubuntu-latest
-    defaults:
-      run:
-        working-directory: ./.github
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './.github/.nvmrc'
-
-      - name: Run npm install
-        run: npm ci
-
-      - name: Run formatter
-        run: npm run format
-        if: ${{ !cancelled() }}
+          poetry run pytest app --cov=app --cov-report term-missing

  shellcheck:
    name: ShellCheck
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: actions/checkout@v4
      - name: Run ShellCheck
        uses: ludeeus/action-shellcheck@master
        with:
@@ -449,12 +261,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './server/.nvmrc'
+        uses: actions/checkout@v4

      - name: Install server dependencies
        run: npm --prefix=server ci
@@ -466,7 +273,7 @@ jobs:
        run: make open-api

      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20
+        uses: tj-actions/verify-changed-files@v20
        id: verify-changed-files
        with:
          files: |
@@ -486,7 +293,7 @@ jobs:
    runs-on: ubuntu-latest
    services:
      postgres:
-        image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52
+        image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
@@ -504,12 +311,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-
-      - name: Setup Node
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
-        with:
-          node-version-file: './server/.nvmrc'
+        uses: actions/checkout@v4

      - name: Install server dependencies
        run: npm ci
@@ -525,10 +327,10 @@ jobs:

      - name: Generate new migrations
        continue-on-error: true
-        run: npm run migrations:generate TestMigration
+        run: npm run typeorm:migrations:generate ./src/migrations/TestMigration

      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20
+        uses: tj-actions/verify-changed-files@v20
        id: verify-changed-files
        with:
          files: |
@@ -538,7 +340,6 @@ jobs:
        run: |
          echo "ERROR: Generated migration files not up to date!"
          echo "Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}"
-          cat ./src/*-TestMigration.ts
          exit 1

      - name: Run SQL generation
@@ -547,7 +348,7 @@ jobs:
          DB_URL: postgres://postgres:postgres@localhost:5432/immich

      - name: Find file changes
-        uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20
+        uses: tj-actions/verify-changed-files@v20
        id: verify-changed-sql-files
        with:
          files: |
--- a/.github/workflows/weblate-lock.yml
+++ b/.github/workflows/weblate-lock.yml
@@ -1,57 +0,0 @@
-name: Weblate checks
-
-on:
-  pull_request:
-    branches: [main]
-
-jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.i18n == 'true' && github.head_ref != 'chore/translations'}}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - id: found_paths
-        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
-        with:
-          filters: |
-            i18n:
-              - 'i18n/!(en)**\.json'
-      - name: Debug
-        run: |
-          echo "Should run: ${{ steps.found_paths.outputs.i18n == 'true' && github.head_ref != 'chore/translations'}}"
-          echo "Found i18n paths: ${{ steps.found_paths.outputs.i18n }}"
-          echo "Head ref: ${{ github.head_ref }}"
-
-  enforce-lock:
-    name: Check Weblate Lock
-    needs: [pre-job]
-    runs-on: ubuntu-latest
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}
-    steps:
-      - name: Check weblate lock
-        run: |
-          if [[ "false" = $(curl https://hosted.weblate.org/api/components/immich/immich/lock/ | jq .locked) ]]; then
-            exit 1
-          fi
-      - name: Find Pull Request
-        uses: juliangruber/find-pull-request-action@48b6133aa6c826f267ebd33aa2d29470f9d9e7d0 # v1
-        id: find-pr
-        with:
-          branch: chore/translations
-      - name: Fail if existing weblate PR
-        if: ${{ steps.find-pr.outputs.number }}
-        run: exit 1
-  success-check-lock:
-    name: Weblate Lock Check Success
-    needs: [enforce-lock]
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - name: Any jobs failed?
-        if: ${{ contains(needs.*.result, 'failure') }}
-        run: exit 1
-      - name: All jobs passed or skipped
-        if: ${{ !(contains(needs.*.result, 'failure')) }}
-        run: echo "All jobs passed or skipped" && echo "${{ toJSON(needs.*.result) }}"
--- a/.gitignore
+++ b/.gitignore
@@ -21,5 +21,3 @@ mobile/openapi/.openapi-generator/FILES
 open-api/typescript-sdk/build
 mobile/android/fastlane/report.xml
 mobile/ios/fastlane/report.xml
-
-vite.config.js.timestamp-*
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,6 +1,6 @@
 [submodule "mobile/.isar"]
 	path = mobile/.isar
 	url = https://github.com/isar/isar
-[submodule "e2e/test-assets"]
+[submodule "server/test/assets"]
 	path = e2e/test-assets
 	url = https://github.com/immich-app/test-assets
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -5,8 +5,8 @@
      "type": "node",
      "request": "attach",
      "restart": true,
-      "port": 9231,
-      "name": "Immich API Server",
+      "port": 9230,
+      "name": "Immich Server",
      "remoteRoot": "/usr/src/app",
      "localRoot": "${workspaceFolder}/server"
    },
@@ -14,8 +14,8 @@
      "type": "node",
      "request": "attach",
      "restart": true,
-      "port": 9230,
-      "name": "Immich Workers",
+      "port": 9231,
+      "name": "Immich Microservices",
      "remoteRoot": "/usr/src/app",
      "localRoot": "${workspaceFolder}/server"
    }
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -39,7 +39,6 @@
  ],
  "explorer.fileNesting.enabled": true,
  "explorer.fileNesting.patterns": {
-    "*.ts": "${capture}.spec.ts,${capture}.mock.ts",
-    "*.dart": "${capture}.g.dart,${capture}.gr.dart,${capture}.drift.dart"
+    "*.ts": "${capture}.spec.ts,${capture}.mock.ts"
  }
-}
+}
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -131,4 +131,4 @@ conduct enforcement ladder](https://github.com/mozilla/diversity).

 For answers to common questions about this code of conduct, see the
 FAQ at https://www.contributor-covenant.org/faq. Translations are
-available at https://www.contributor-covenant.org/translations.
+available at https://www.contributor-covenant.org/translations.
--- a/64
+++ b/64
@@ -10,6 +10,12 @@ dev-update:
 dev-scale:
 	docker compose -f ./docker/docker-compose.dev.yml up --build -V  --scale immich-server=3 --remove-orphans

+stage:
+	docker compose -f ./docker/docker-compose.staging.yml up --build -V --remove-orphans
+
+pull-stage:
+	docker compose -f ./docker/docker-compose.staging.yml pull
+
 .PHONY: e2e
 e2e:
 	docker compose -f ./e2e/docker-compose.yml up --build -V --remove-orphans
@@ -35,61 +41,3 @@ sql:

 attach-server:
 	docker exec -it docker_immich-server_1 sh
-
-renovate:
-  LOG_LEVEL=debug npx renovate --platform=local --repository-cache=reset
-
-MODULES = e2e server web cli sdk docs .github
-
-audit-%:
-	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) audit fix
-install-%:
-	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) i
-build-cli: build-sdk
-build-web: build-sdk
-build-%: install-%
-	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run build
-format-%:
-	npm --prefix $* run format:fix
-lint-%:
-	npm --prefix $* run lint:fix
-check-%:
-	npm --prefix $* run check
-check-web:
-	npm --prefix web run check:typescript
-	npm --prefix web run check:svelte
-test-%:
-	npm --prefix $* run test
-test-e2e:
-	docker compose -f ./e2e/docker-compose.yml build
-	npm --prefix e2e run test
-	npm --prefix e2e run test:web
-test-medium:
-	docker run \
-    --rm \
-    -v ./server/src:/usr/src/app/src \
-    -v ./server/test:/usr/src/app/test \
-    -v ./server/vitest.config.medium.mjs:/usr/src/app/vitest.config.medium.mjs \
-    -v ./server/tsconfig.json:/usr/src/app/tsconfig.json \
-    -e NODE_ENV=development \
-    immich-server:latest \
-    -c "npm ci && npm run test:medium -- --run"
-test-medium-dev:
-	docker exec -it immich_server /bin/sh -c "npm run test:medium"
-
-build-all: $(foreach M,$(filter-out e2e .github,$(MODULES)),build-$M) ;
-install-all: $(foreach M,$(MODULES),install-$M) ;
-check-all: $(foreach M,$(filter-out sdk cli docs .github,$(MODULES)),check-$M) ;
-lint-all: $(foreach M,$(filter-out sdk docs .github,$(MODULES)),lint-$M) ;
-format-all: $(foreach M,$(filter-out sdk,$(MODULES)),format-$M) ;
-audit-all:  $(foreach M,$(MODULES),audit-$M) ;
-hygiene-all: lint-all format-all check-all sql audit-all;
-test-all: $(foreach M,$(filter-out sdk docs .github,$(MODULES)),test-$M) ;
-
-clean:
-	find . -name "node_modules" -type d -prune -exec rm -rf '{}' +
-	find . -name "dist" -type d -prune -exec rm -rf '{}' +
-	find . -name "build" -type d -prune -exec rm -rf '{}' +
-	find . -name "svelte-kit" -type d -prune -exec rm -rf '{}' +
-	docker compose -f ./docker/docker-compose.dev.yml rm -v -f || true
-	docker compose -f ./e2e/docker-compose.yml rm -v -f || true
--- a/README.md
+++ b/README.md
@@ -1,11 +1,11 @@
 <p align="center"> 
-  <br/>
+  <br/>  
  <a href="https://opensource.org/license/agpl-v3"><img src="https://img.shields.io/badge/License-AGPL_v3-blue.svg?color=3F51B5&style=for-the-badge&label=License&logoColor=000000&labelColor=ececec" alt="License: AGPLv3"></a>
-  <a href="https://discord.immich.app">
+  <a href="https://discord.gg/D8JsnBEuKb">
    <img src="https://img.shields.io/discord/979116623879368755.svg?label=Discord&logo=Discord&style=for-the-badge&logoColor=000000&labelColor=ececec" alt="Discord"/>
  </a>
-  <br/>
-  <br/>
+  <br/>  
+  <br/>   
 </p>

 <p align="center">
@@ -17,8 +17,8 @@
 <img src="design/immich-screenshots.png" title="Main Screenshot">
 </a>
 <br/>
-
 <p align="center">
+
  <a href="readme_i18n/README_ca_ES.md">Català</a>
  <a href="readme_i18n/README_es_ES.md">Español</a>
  <a href="readme_i18n/README_fr_FR.md">Français</a>
@@ -29,13 +29,9 @@
  <a href="readme_i18n/README_nl_NL.md">Nederlands</a>
  <a href="readme_i18n/README_tr_TR.md">Türkçe</a>
  <a href="readme_i18n/README_zh_CN.md">中文</a>
-  <a href="readme_i18n/README_uk_UA.md">Українська</a>
  <a href="readme_i18n/README_ru_RU.md">Русский</a>
  <a href="readme_i18n/README_pt_BR.md">Português Brasileiro</a>
-  <a href="readme_i18n/README_sv_SE.md">Svenska</a>
  <a href="readme_i18n/README_ar_JO.md">العربية</a>
-  <a href="readme_i18n/README_vi_VN.md">Tiếng Việt</a>
-  <a href="readme_i18n/README_th_TH.md">ภาษาไทย</a>
 </p>

 ## Disclaimer
@@ -45,36 +41,45 @@
 - ⚠️ **Do not use the app as the only way to store your photos and videos.**
 - ⚠️ Always follow [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) backup plan for your precious photos and videos!

-> [!NOTE]
-> You can find the main documentation, including installation guides, at https://immich.app/.
+## Content

-## Links
-
- [Documentation](https://immich.app/docs)
- [About](https://immich.app/docs/overview/introduction)
- [Installation](https://immich.app/docs/install/requirements)
- [Roadmap](https://immich.app/roadmap)
+- [Official Documentation](https://immich.app/docs)
+- [Roadmap](https://github.com/orgs/immich-app/projects/1)
 - [Demo](#demo)
 - [Features](#features)
- [Translations](https://immich.app/docs/developer/translations)
- [Contributing](https://immich.app/docs/overview/support-the-project)
+- [Introduction](https://immich.app/docs/overview/introduction)
+- [Installation](https://immich.app/docs/install/requirements)
+- [Contribution Guidelines](https://immich.app/docs/overview/support-the-project)
+
+## Documentation
+
+You can find the main documentation, including installation guides, at https://immich.app/.

 ## Demo

-Access the demo [here](https://demo.immich.app). The demo is running on a Free-tier Oracle VM in Amsterdam with a 2.4Ghz quad-core ARM64 CPU and 24GB RAM.
+You can access the web demo at https://demo.immich.app

-For the mobile app, you can use `https://demo.immich.app` for the `Server Endpoint URL`
+For the mobile app, you can use `https://demo.immich.app/api` for the `Server Endpoint URL`

-### Login credentials
+```bash title="Demo Credential"
+The credential
+email: demo@immich.app
+password: demo
+```

-| Email           | Password |
-| --------------- | -------- |
-| demo@immich.app | demo     |
+```
+Spec: Free-tier Oracle VM - Amsterdam - 2.4Ghz quad-core ARM64 CPU, 24GB RAM
+```
+
+## Activities
+
+![Activities](https://repobeats.axiom.co/api/embed/9e86d9dc3ddd137161f2f6d2e758d7863b1789cb.svg "Repobeats analytics image")

 ## Features

+
 | Features                                     | Mobile | Web |
-| :------------------------------------------- | ------ | --- |
+| :--------------------------------------------- | -------- | ----- |
 | Upload and view videos and photos            | Yes    | Yes |
 | Auto backup when the app is opened           | Yes    | N/A |
 | Prevent duplication of assets                | Yes    | Yes |
@@ -94,7 +99,7 @@ For the mobile app, you can use `https://demo.immich.app` for the `Server Endpoi
 | LivePhoto/MotionPhoto backup and playback    | Yes    | Yes |
 | Support 360 degree image display             | No     | Yes |
 | User-defined storage structure               | Yes    | Yes |
-| Public Sharing                               | Yes    | Yes |
+| Public Sharing                               | No     | Yes |
 | Archive and Favorites                        | Yes    | Yes |
 | Global Map                                   | Yes    | Yes |
 | Partner Sharing                              | Yes    | Yes |
@@ -103,22 +108,14 @@ For the mobile app, you can use `https://demo.immich.app` for the `Server Endpoi
 | Offline support                              | Yes    | No  |
 | Read-only gallery                            | Yes    | Yes |
 | Stacked Photos                               | Yes    | Yes |
-| Tags                                         | No     | Yes |
-| Folder View                                  | Yes    | Yes |

-## Translations
+## Contributors

-Read more about translations [here](https://immich.app/docs/developer/translations).
-
-<a href="https://hosted.weblate.org/engage/immich/">
-<img src="https://hosted.weblate.org/widget/immich/immich/multi-auto.svg" alt="Translation status" />
+<a href="https://github.com/alextran1502/immich/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=immich-app/immich" width="100%"/>
 </a>

-## Repository activity
-
-![Activities](https://repobeats.axiom.co/api/embed/9e86d9dc3ddd137161f2f6d2e758d7863b1789cb.svg "Repobeats analytics image")
-
-## Star history
+## Star History

 <a href="https://star-history.com/#immich-app/immich&Date">
 <picture>
@@ -127,9 +124,3 @@ Read more about translations [here](https://immich.app/docs/developer/translatio
   <img alt="Star History Chart" src="https://api.star-history.com/svg?repos=immich-app/immich&type=Date" width="100%" />
 </picture>
 </a>
-
-## Contributors
-
-<a href="https://github.com/alextran1502/immich/graphs/contributors">
-  <img src="https://contrib.rocks/image?repo=immich-app/immich" width="100%"/>
-</a>
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,4 +2,4 @@

 ## Reporting a Vulnerability

-Please report security issues to `security@immich.app`
+Please report security issues to `alex.tran1502@gmail.com`
--- a/cli/.eslintignore
+++ b/cli/.eslintignore
@@ -0,0 +1 @@
+/dist
--- a/cli/.eslintrc.cjs
+++ b/cli/.eslintrc.cjs
@@ -0,0 +1,28 @@
+module.exports = {
+  parser: '@typescript-eslint/parser',
+  parserOptions: {
+    project: 'tsconfig.json',
+    sourceType: 'module',
+    tsconfigRootDir: __dirname,
+  },
+  plugins: ['@typescript-eslint/eslint-plugin'],
+  extends: ['plugin:@typescript-eslint/recommended', 'plugin:prettier/recommended', 'plugin:unicorn/recommended'],
+  root: true,
+  env: {
+    node: true,
+  },
+  ignorePatterns: ['.eslintrc.js'],
+  rules: {
+    '@typescript-eslint/interface-name-prefix': 'off',
+    '@typescript-eslint/explicit-function-return-type': 'off',
+    '@typescript-eslint/explicit-module-boundary-types': 'off',
+    '@typescript-eslint/no-explicit-any': 'off',
+    '@typescript-eslint/no-floating-promises': 'error',
+    'unicorn/prefer-module': 'off',
+    'unicorn/prevent-abbreviations': 'off',
+    'unicorn/no-process-exit': 'off',
+    'unicorn/import-style': 'off',
+    curly: 2,
+    'prettier/prettier': 0,
+  },
+};
--- a/cli/.nvmrc
+++ b/cli/.nvmrc
@@ -1 +1 @@
-22.14.0
+20.13
--- a/cli/Dockerfile
+++ b/cli/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:22.14.0-alpine3.20@sha256:40be979442621049f40b1d51a26b55e281246b5de4e5f51a18da7beb6e17e3f9 AS core
+FROM node:20-alpine3.19@sha256:291e84d956f1aff38454bbd3da38941461ad569a185c20aa289f71f37ea08e23 as core

 WORKDIR /usr/src/open-api/typescript-sdk
 COPY open-api/typescript-sdk/package*.json open-api/typescript-sdk/tsconfig*.json ./
@@ -16,4 +16,4 @@ RUN npm run build

 WORKDIR /import

-ENTRYPOINT ["node", "/usr/src/app/dist"]
+ENTRYPOINT ["node", "/usr/src/app/dist"]
--- a/cli/README.md
+++ b/cli/README.md
@@ -4,18 +4,8 @@ Please see the [Immich CLI documentation](https://immich.app/docs/features/comma

 # For developers

-Before building the CLI, you must build the immich server and the open-api client. To build the server run the following in the server folder:
-
-    $ npm install
-    $ npm run build
-
-Then, to build the open-api client run the following in the open-api folder:
-
-    $ ./bin/generate-open-api.sh
-
 To run the Immich CLI from source, run the following in the cli folder:

-    $ npm install
    $ npm run build
    $ ts-node .

@@ -27,4 +17,3 @@ You can also build and install the CLI using

    $ npm run build
    $ npm install -g .
-****
--- a/cli/eslint.config.mjs
+++ b/cli/eslint.config.mjs
@@ -1,51 +0,0 @@
-import js from '@eslint/js';
-import eslintPluginPrettierRecommended from 'eslint-plugin-prettier/recommended';
-import eslintPluginUnicorn from 'eslint-plugin-unicorn';
-import globals from 'globals';
-import path from 'node:path';
-import { fileURLToPath } from 'node:url';
-import typescriptEslint from 'typescript-eslint';
-
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
-
-export default typescriptEslint.config([
-  eslintPluginUnicorn.configs.recommended,
-  eslintPluginPrettierRecommended,
-  js.configs.recommended,
-  typescriptEslint.configs.recommended,
-  {
-    ignores: ['eslint.config.mjs', 'dist'],
-  },
-  {
-    languageOptions: {
-      globals: {
-        ...globals.node,
-      },
-
-      parser: typescriptEslint.parser,
-      ecmaVersion: 5,
-      sourceType: 'module',
-
-      parserOptions: {
-        project: 'tsconfig.json',
-        tsconfigRootDir: __dirname,
-      },
-    },
-
-    rules: {
-      '@typescript-eslint/interface-name-prefix': 'off',
-      '@typescript-eslint/explicit-function-return-type': 'off',
-      '@typescript-eslint/explicit-module-boundary-types': 'off',
-      '@typescript-eslint/no-explicit-any': 'off',
-      '@typescript-eslint/no-floating-promises': 'error',
-      'unicorn/prefer-module': 'off',
-      'unicorn/prevent-abbreviations': 'off',
-      'unicorn/no-process-exit': 'off',
-      'unicorn/import-style': 'off',
-      curly: 2,
-      'prettier/prettier': 0,
-      'object-shorthand': ['error', 'always'],
-    },
-  },
-]);
--- a/cli/package-lock.json
+++ b/cli/package-lock.json
--- a/cli/package.json
+++ b/cli/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@immich/cli",
-  "version": "2.2.61",
+  "version": "2.2.0",
  "description": "Command Line Interface (CLI) for Immich",
  "type": "module",
  "exports": "./dist/index.js",
@@ -13,33 +13,29 @@
    "cli"
  ],
  "devDependencies": {
-    "@eslint/eslintrc": "^3.1.0",
-    "@eslint/js": "^9.8.0",
    "@immich/sdk": "file:../open-api/typescript-sdk",
    "@types/byte-size": "^8.1.0",
    "@types/cli-progress": "^3.11.0",
    "@types/lodash-es": "^4.17.12",
-    "@types/micromatch": "^4.0.9",
    "@types/mock-fs": "^4.13.1",
-    "@types/node": "^22.13.14",
-    "@vitest/coverage-v8": "^3.0.0",
-    "byte-size": "^9.0.0",
+    "@types/node": "^20.3.1",
+    "@typescript-eslint/eslint-plugin": "^7.0.0",
+    "@typescript-eslint/parser": "^7.0.0",
+    "@vitest/coverage-v8": "^1.2.2",
+    "byte-size": "^8.1.1",
    "cli-progress": "^3.12.0",
    "commander": "^12.0.0",
-    "eslint": "^9.14.0",
-    "eslint-config-prettier": "^10.0.0",
+    "eslint": "^8.56.0",
+    "eslint-config-prettier": "^9.1.0",
    "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-unicorn": "^57.0.0",
-    "globals": "^16.0.0",
+    "eslint-plugin-unicorn": "^53.0.0",
    "mock-fs": "^5.2.0",
    "prettier": "^3.2.5",
-    "prettier-plugin-organize-imports": "^4.0.0",
+    "prettier-plugin-organize-imports": "^3.2.4",
    "typescript": "^5.3.3",
-    "typescript-eslint": "^8.28.0",
-    "vite": "^6.0.0",
-    "vite-tsconfig-paths": "^5.0.0",
-    "vitest": "^3.0.0",
-    "vitest-fetch-mock": "^0.4.0",
+    "vite": "^5.0.12",
+    "vite-tsconfig-paths": "^4.3.2",
+    "vitest": "^1.2.2",
    "yaml": "^2.3.1"
  },
  "scripts": {
@@ -62,13 +58,10 @@
    "node": ">=20.0.0"
  },
  "dependencies": {
-    "chokidar": "^4.0.3",
    "fast-glob": "^3.3.2",
-    "fastq": "^1.17.1",
-    "lodash-es": "^4.17.21",
-    "micromatch": "^4.0.8"
+    "lodash-es": "^4.17.21"
  },
  "volta": {
-    "node": "22.14.0"
+    "node": "20.13.1"
  }
 }
--- a/cli/src/commands/asset.spec.ts
+++ b/cli/src/commands/asset.spec.ts
@@ -1,311 +0,0 @@
-import * as fs from 'node:fs';
-import * as os from 'node:os';
-import * as path from 'node:path';
-import { setTimeout as sleep } from 'node:timers/promises';
-import { describe, expect, it, MockedFunction, vi } from 'vitest';
-
-import { Action, checkBulkUpload, defaults, getSupportedMediaTypes, Reason } from '@immich/sdk';
-import createFetchMock from 'vitest-fetch-mock';
-
-import { checkForDuplicates, getAlbumName, startWatch, uploadFiles, UploadOptionsDto } from 'src/commands/asset';
-
-vi.mock('@immich/sdk');
-
-describe('getAlbumName', () => {
-  it('should return a non-undefined value', () => {
-    if (os.platform() === 'win32') {
-      // This is meaningless for Unix systems.
-      expect(getAlbumName(String.raw`D:\test\Filename.txt`, {} as UploadOptionsDto)).toBe('test');
-    }
-    expect(getAlbumName('D:/parentfolder/test/Filename.txt', {} as UploadOptionsDto)).toBe('test');
-  });
-
-  it('has higher priority to return `albumName` in `options`', () => {
-    expect(getAlbumName('/parentfolder/test/Filename.txt', { albumName: 'example' } as UploadOptionsDto)).toBe(
-      'example',
-    );
-  });
-});
-
-describe('uploadFiles', () => {
-  const testDir = fs.mkdtempSync(path.join(os.tmpdir(), 'test-'));
-  const testFilePath = path.join(testDir, 'test.png');
-  const testFileData = 'test';
-  const baseUrl = 'http://example.com';
-  const apiKey = 'key';
-  const retry = 3;
-
-  const fetchMocker = createFetchMock(vi);
-
-  beforeEach(() => {
-    // Create a test file
-    fs.writeFileSync(testFilePath, testFileData);
-
-    // Defaults
-    vi.mocked(defaults).baseUrl = baseUrl;
-    vi.mocked(defaults).headers = { 'x-api-key': apiKey };
-
-    fetchMocker.enableMocks();
-    fetchMocker.resetMocks();
-  });
-
-  it('returns new assets when upload file is successful', async () => {
-    fetchMocker.doMockIf(new RegExp(`${baseUrl}/assets$`), () => {
-      return {
-        status: 200,
-        body: JSON.stringify({ id: 'fc5621b1-86f6-44a1-9905-403e607df9f5', status: 'created' }),
-      };
-    });
-
-    await expect(uploadFiles([testFilePath], { concurrency: 1 })).resolves.toEqual([
-      {
-        filepath: testFilePath,
-        id: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-      },
-    ]);
-  });
-
-  it('returns new assets when upload file retry is successful', async () => {
-    let counter = 0;
-    fetchMocker.doMockIf(new RegExp(`${baseUrl}/assets$`), () => {
-      counter++;
-      if (counter < retry) {
-        throw new Error('Network error');
-      }
-
-      return {
-        status: 200,
-        body: JSON.stringify({ id: 'fc5621b1-86f6-44a1-9905-403e607df9f5', status: 'created' }),
-      };
-    });
-
-    await expect(uploadFiles([testFilePath], { concurrency: 1 })).resolves.toEqual([
-      {
-        filepath: testFilePath,
-        id: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-      },
-    ]);
-  });
-
-  it('returns new assets when upload file retry is failed', async () => {
-    fetchMocker.doMockIf(new RegExp(`${baseUrl}/assets$`), () => {
-      throw new Error('Network error');
-    });
-
-    await expect(uploadFiles([testFilePath], { concurrency: 1 })).resolves.toEqual([]);
-  });
-});
-
-describe('checkForDuplicates', () => {
-  const testDir = fs.mkdtempSync(path.join(os.tmpdir(), 'test-'));
-  const testFilePath = path.join(testDir, 'test.png');
-  const testFileData = 'test';
-  const testFileChecksum = 'a94a8fe5ccb19ba61c4c0873d391e987982fbbd3'; // SHA1
-  const retry = 3;
-
-  beforeEach(() => {
-    // Create a test file
-    fs.writeFileSync(testFilePath, testFileData);
-  });
-
-  it('checks duplicates', async () => {
-    vi.mocked(checkBulkUpload).mockResolvedValue({
-      results: [
-        {
-          action: Action.Accept,
-          id: testFilePath,
-        },
-      ],
-    });
-
-    await checkForDuplicates([testFilePath], { concurrency: 1 });
-
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: [
-          {
-            checksum: testFileChecksum,
-            id: testFilePath,
-          },
-        ],
-      },
-    });
-  });
-
-  it('returns duplicates when check duplicates is rejected', async () => {
-    vi.mocked(checkBulkUpload).mockResolvedValue({
-      results: [
-        {
-          action: Action.Reject,
-          id: testFilePath,
-          assetId: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-          reason: Reason.Duplicate,
-        },
-      ],
-    });
-
-    await expect(checkForDuplicates([testFilePath], { concurrency: 1 })).resolves.toEqual({
-      duplicates: [
-        {
-          filepath: testFilePath,
-          id: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-        },
-      ],
-      newFiles: [],
-    });
-  });
-
-  it('returns new assets when check duplicates is accepted', async () => {
-    vi.mocked(checkBulkUpload).mockResolvedValue({
-      results: [
-        {
-          action: Action.Accept,
-          id: testFilePath,
-        },
-      ],
-    });
-
-    await expect(checkForDuplicates([testFilePath], { concurrency: 1 })).resolves.toEqual({
-      duplicates: [],
-      newFiles: [testFilePath],
-    });
-  });
-
-  it('returns results when check duplicates retry is successful', async () => {
-    let mocked = vi.mocked(checkBulkUpload);
-    for (let i = 1; i < retry; i++) {
-      mocked = mocked.mockRejectedValueOnce(new Error('Network error'));
-    }
-    mocked.mockResolvedValue({
-      results: [
-        {
-          action: Action.Accept,
-          id: testFilePath,
-        },
-      ],
-    });
-
-    await expect(checkForDuplicates([testFilePath], { concurrency: 1 })).resolves.toEqual({
-      duplicates: [],
-      newFiles: [testFilePath],
-    });
-  });
-
-  it('returns results when check duplicates retry is failed', async () => {
-    vi.mocked(checkBulkUpload).mockRejectedValue(new Error('Network error'));
-
-    await expect(checkForDuplicates([testFilePath], { concurrency: 1 })).resolves.toEqual({
-      duplicates: [],
-      newFiles: [],
-    });
-  });
-});
-
-describe('startWatch', () => {
-  let testFolder: string;
-  let checkBulkUploadMocked: MockedFunction<typeof checkBulkUpload>;
-
-  beforeEach(async () => {
-    vi.restoreAllMocks();
-
-    vi.mocked(getSupportedMediaTypes).mockResolvedValue({
-      image: ['.jpg'],
-      sidecar: ['.xmp'],
-      video: ['.mp4'],
-    });
-
-    testFolder = await fs.promises.mkdtemp(path.join(os.tmpdir(), 'test-startWatch-'));
-    checkBulkUploadMocked = vi.mocked(checkBulkUpload);
-    checkBulkUploadMocked.mockResolvedValue({
-      results: [],
-    });
-  });
-
-  it('should start watching a directory and upload new files', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-
-    await startWatch([testFolder], { concurrency: 1 }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: [
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ],
-      },
-    });
-  });
-
-  it('should filter out unsupported files', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-    const unsupportedFilePath = path.join(testFolder, 'test.txt');
-
-    await startWatch([testFolder], { concurrency: 1 }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-    await fs.promises.writeFile(unsupportedFilePath, 'testtxt');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ]),
-      },
-    });
-
-    expect(checkBulkUpload).not.toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: unsupportedFilePath,
-          }),
-        ]),
-      },
-    });
-  });
-
-  it('should filger out ignored patterns', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-    const ignoredPattern = 'ignored';
-    const ignoredFolder = path.join(testFolder, ignoredPattern);
-    await fs.promises.mkdir(ignoredFolder, { recursive: true });
-    const ignoredFilePath = path.join(ignoredFolder, 'ignored.jpg');
-
-    await startWatch([testFolder], { concurrency: 1, ignore: ignoredPattern }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-    await fs.promises.writeFile(ignoredFilePath, 'ignoredjpg');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ]),
-      },
-    });
-
-    expect(checkBulkUpload).not.toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: ignoredFilePath,
-          }),
-        ]),
-      },
-    });
-  });
-
-  afterEach(async () => {
-    await fs.promises.rm(testFolder, { recursive: true, force: true });
-  });
-});
--- a/cli/src/commands/asset.ts
+++ b/cli/src/commands/asset.ts
@@ -1,9 +1,7 @@
 import {
  Action,
-  AssetBulkUploadCheckItem,
  AssetBulkUploadCheckResult,
-  AssetMediaResponseDto,
-  AssetMediaStatus,
+  AssetFileUploadResponseDto,
  addAssetsToAlbum,
  checkBulkUpload,
  createAlbum,
@@ -12,18 +10,13 @@ import {
  getSupportedMediaTypes,
 } from '@immich/sdk';
 import byteSize from 'byte-size';
-import { Matcher, watch as watchFs } from 'chokidar';
-import { MultiBar, Presets, SingleBar } from 'cli-progress';
+import { Presets, SingleBar } from 'cli-progress';
 import { chunk } from 'lodash-es';
-import micromatch from 'micromatch';
 import { Stats, createReadStream } from 'node:fs';
 import { stat, unlink } from 'node:fs/promises';
+import os from 'node:os';
 import path, { basename } from 'node:path';
-import { Queue } from 'src/queue';
-import { BaseOptions, Batcher, authenticate, crawl, sha1 } from 'src/utils';
-
-const UPLOAD_WATCH_BATCH_SIZE = 100;
-const UPLOAD_WATCH_DEBOUNCE_TIME_MS = 10_000;
+import { BaseOptions, authenticate, crawl, sha1 } from 'src/utils';

 const s = (count: number) => (count === 1 ? '' : 's');

@@ -31,7 +24,7 @@ const s = (count: number) => (count === 1 ? '' : 's');
 type AssetBulkUploadCheckResults = Array<AssetBulkUploadCheckResult & { id: string }>;
 type Asset = { id: string; filepath: string };

-export interface UploadOptionsDto {
+interface UploadOptionsDto {
  recursive?: boolean;
  ignore?: string;
  dryRun?: boolean;
@@ -41,8 +34,6 @@ export interface UploadOptionsDto {
  albumName?: string;
  includeHidden?: boolean;
  concurrency: number;
-  progress?: boolean;
-  watch?: boolean;
 }

 class UploadFile extends File {
@@ -62,94 +53,19 @@ class UploadFile extends File {
  }
 }

-const uploadBatch = async (files: string[], options: UploadOptionsDto) => {
-  const { newFiles, duplicates } = await checkForDuplicates(files, options);
-  const newAssets = await uploadFiles(newFiles, options);
-  await updateAlbums([...newAssets, ...duplicates], options);
-  await deleteFiles(newFiles, options);
-};
-
-export const startWatch = async (
-  paths: string[],
-  options: UploadOptionsDto,
-  {
-    batchSize = UPLOAD_WATCH_BATCH_SIZE,
-    debounceTimeMs = UPLOAD_WATCH_DEBOUNCE_TIME_MS,
-  }: { batchSize?: number; debounceTimeMs?: number } = {},
-) => {
-  const watcherIgnored: Matcher[] = [];
-  const { image, video } = await getSupportedMediaTypes();
-  const extensions = new Set([...image, ...video]);
-
-  if (options.ignore) {
-    watcherIgnored.push((path) => micromatch.contains(path, `**/${options.ignore}`));
-  }
-
-  const pathsBatcher = new Batcher<string>({
-    batchSize,
-    debounceTimeMs,
-    onBatch: async (paths: string[]) => {
-      const uniquePaths = [...new Set(paths)];
-      await uploadBatch(uniquePaths, options);
-    },
-  });
-
-  const onFile = async (path: string, stats?: Stats) => {
-    if (stats?.isDirectory()) {
-      return;
-    }
-    const ext = '.' + path.split('.').pop()?.toLowerCase();
-    if (!ext || !extensions.has(ext)) {
-      return;
-    }
-
-    if (!options.progress) {
-      // logging when progress is disabled as it can cause issues with the progress bar rendering
-      console.log(`Change detected: ${path}`);
-    }
-    pathsBatcher.add(path);
-  };
-  const fsWatcher = watchFs(paths, {
-    ignoreInitial: true,
-    ignored: watcherIgnored,
-    alwaysStat: true,
-    awaitWriteFinish: true,
-    depth: options.recursive ? undefined : 1,
-    persistent: true,
-  })
-    .on('add', onFile)
-    .on('change', onFile)
-    .on('error', (error) => console.error(`Watcher error: ${error}`));
-
-  process.on('SIGINT', async () => {
-    console.log('Exiting...');
-    await fsWatcher.close();
-    process.exit();
-  });
-};
-
 export const upload = async (paths: string[], baseOptions: BaseOptions, options: UploadOptionsDto) => {
  await authenticate(baseOptions);

  const scanFiles = await scan(paths, options);
-
  if (scanFiles.length === 0) {
-    if (options.watch) {
-      console.log('No files found initially.');
-    } else {
-      console.log('No files found, exiting');
-      return;
-    }
+    console.log('No files found, exiting');
+    return;
  }

-  if (options.watch) {
-    console.log('Watching for changes...');
-    await startWatch(paths, options);
-    // watcher does not handle the initial scan
-    // as the scan() is a more efficient quick start with batched results
-  }
-
-  await uploadBatch(scanFiles, options);
+  const { newFiles, duplicates } = await checkForDuplicates(scanFiles, options);
+  const newAssets = await uploadFiles(newFiles, options);
+  await updateAlbums([...newAssets, ...duplicates], options);
+  await deleteFiles(newFiles, options);
 };

 const scan = async (pathsToCrawl: string[], options: UploadOptionsDto) => {
@@ -167,102 +83,48 @@ const scan = async (pathsToCrawl: string[], options: UploadOptionsDto) => {
  return files;
 };

-export const checkForDuplicates = async (files: string[], { concurrency, skipHash, progress }: UploadOptionsDto) => {
+const checkForDuplicates = async (files: string[], { concurrency, skipHash }: UploadOptionsDto) => {
  if (skipHash) {
    console.log('Skipping hash check, assuming all files are new');
    return { newFiles: files, duplicates: [] };
  }

-  let multiBar: MultiBar | undefined;
+  const progressBar = new SingleBar(
+    { format: 'Checking files | {bar} | {percentage}% | ETA: {eta}s | {value}/{total} assets' },
+    Presets.shades_classic,
+  );

-  if (progress) {
-    multiBar = new MultiBar(
-      { format: '{message} | {bar} | {percentage}% | ETA: {eta}s | {value}/{total} assets' },
-      Presets.shades_classic,
-    );
-  } else {
-    console.log(`Received ${files.length} files, hashing...`);
-  }
-
-  const hashProgressBar = multiBar?.create(files.length, 0, { message: 'Hashing files          ' });
-  const checkProgressBar = multiBar?.create(files.length, 0, { message: 'Checking for duplicates' });
+  progressBar.start(files.length, 0);

  const newFiles: string[] = [];
  const duplicates: Asset[] = [];

-  const checkBulkUploadQueue = new Queue<AssetBulkUploadCheckItem[], void>(
-    async (assets: AssetBulkUploadCheckItem[]) => {
-      const response = await checkBulkUpload({ assetBulkUploadCheckDto: { assets } });
+  try {
+    // TODO refactor into a queue
+    for (const items of chunk(files, concurrency)) {
+      const dto = await Promise.all(items.map(async (filepath) => ({ id: filepath, checksum: await sha1(filepath) })));
+      const { results } = await checkBulkUpload({ assetBulkUploadCheckDto: { assets: dto } });

-      const results = response.results as AssetBulkUploadCheckResults;
-
-      for (const { id: filepath, assetId, action } of results) {
+      for (const { id: filepath, assetId, action } of results as AssetBulkUploadCheckResults) {
        if (action === Action.Accept) {
          newFiles.push(filepath);
        } else {
          // rejects are always duplicates
          duplicates.push({ id: assetId as string, filepath });
        }
+        progressBar.increment();
      }
-
-      checkProgressBar?.increment(assets.length);
-    },
-    { concurrency, retry: 3 },
-  );
-
-  const results: { id: string; checksum: string }[] = [];
-  let checkBulkUploadRequests: AssetBulkUploadCheckItem[] = [];
-
-  const queue = new Queue<string, AssetBulkUploadCheckItem[]>(
-    async (filepath: string): Promise<AssetBulkUploadCheckItem[]> => {
-      const dto = { id: filepath, checksum: await sha1(filepath) };
-
-      results.push(dto);
-      checkBulkUploadRequests.push(dto);
-      if (checkBulkUploadRequests.length === 5000) {
-        const batch = checkBulkUploadRequests;
-        checkBulkUploadRequests = [];
-        void checkBulkUploadQueue.push(batch);
-      }
-
-      hashProgressBar?.increment();
-      return results;
-    },
-    { concurrency, retry: 3 },
-  );
-
-  for (const item of files) {
-    void queue.push(item);
+    }
+  } finally {
+    progressBar.stop();
  }

-  await queue.drained();
-
-  if (checkBulkUploadRequests.length > 0) {
-    void checkBulkUploadQueue.push(checkBulkUploadRequests);
-  }
-
-  await checkBulkUploadQueue.drained();
-
-  multiBar?.stop();
-
  console.log(`Found ${newFiles.length} new files and ${duplicates.length} duplicate${s(duplicates.length)}`);

-  // Report failures
-  const failedTasks = queue.tasks.filter((task) => task.status === 'failed');
-  if (failedTasks.length > 0) {
-    console.log(`Failed to verify ${failedTasks.length} file${s(failedTasks.length)}:`);
-    for (const task of failedTasks) {
-      console.log(`- ${task.data} - ${task.error}`);
-    }
-  }
-
  return { newFiles, duplicates };
 };

-export const uploadFiles = async (
-  files: string[],
-  { dryRun, concurrency, progress }: UploadOptionsDto,
-): Promise<Asset[]> => {
+const uploadFiles = async (files: string[], { dryRun, concurrency }: UploadOptionsDto): Promise<Asset[]> => {
  if (files.length === 0) {
    console.log('All assets were already uploaded, nothing to do.');
    return [];
@@ -282,20 +144,12 @@ export const uploadFiles = async (
    return files.map((filepath) => ({ id: '', filepath }));
  }

-  let uploadProgress: SingleBar | undefined;
-
-  if (progress) {
-    uploadProgress = new SingleBar(
-      {
-        format: 'Uploading assets | {bar} | {percentage}% | ETA: {eta_formatted} | {value_formatted}/{total_formatted}',
-      },
-      Presets.shades_classic,
-    );
-  } else {
-    console.log(`Uploading ${files.length} asset${s(files.length)} (${byteSize(totalSize)})`);
-  }
-  uploadProgress?.start(totalSize, 0);
-  uploadProgress?.update({ value_formatted: 0, total_formatted: byteSize(totalSize) });
+  const uploadProgress = new SingleBar(
+    { format: 'Uploading assets | {bar} | {percentage}% | ETA: {eta_formatted} | {value_formatted}/{total_formatted}' },
+    Presets.shades_classic,
+  );
+  uploadProgress.start(totalSize, 0);
+  uploadProgress.update({ value_formatted: 0, total_formatted: byteSize(totalSize) });

  let duplicateCount = 0;
  let duplicateSize = 0;
@@ -304,56 +158,41 @@ export const uploadFiles = async (

  const newAssets: Asset[] = [];

-  const queue = new Queue<string, AssetMediaResponseDto>(
-    async (filepath: string) => {
-      const stats = statsMap.get(filepath);
-      if (!stats) {
-        throw new Error(`Stats not found for ${filepath}`);
-      }
+  try {
+    for (const items of chunk(files, concurrency)) {
+      await Promise.all(
+        items.map(async (filepath) => {
+          const stats = statsMap.get(filepath) as Stats;
+          const response = await uploadFile(filepath, stats);

-      const response = await uploadFile(filepath, stats);
-      newAssets.push({ id: response.id, filepath });
-      if (response.status === AssetMediaStatus.Duplicate) {
-        duplicateCount++;
-        duplicateSize += stats.size ?? 0;
-      } else {
-        successCount++;
-        successSize += stats.size ?? 0;
-      }
+          newAssets.push({ id: response.id, filepath });

-      uploadProgress?.update(successSize, { value_formatted: byteSize(successSize + duplicateSize) });
+          if (response.duplicate) {
+            duplicateCount++;
+            duplicateSize += stats.size ?? 0;
+          } else {
+            successCount++;
+            successSize += stats.size ?? 0;
+          }

-      return response;
-    },
-    { concurrency, retry: 3 },
-  );
+          uploadProgress.update(successSize, { value_formatted: byteSize(successSize + duplicateSize) });

-  for (const item of files) {
-    void queue.push(item);
+          return response;
+        }),
+      );
+    }
+  } finally {
+    uploadProgress.stop();
  }

-  await queue.drained();
-
-  uploadProgress?.stop();
-
  console.log(`Successfully uploaded ${successCount} new asset${s(successCount)} (${byteSize(successSize)})`);
  if (duplicateCount > 0) {
    console.log(`Skipped ${duplicateCount} duplicate asset${s(duplicateCount)} (${byteSize(duplicateSize)})`);
  }
-
-  // Report failures
-  const failedTasks = queue.tasks.filter((task) => task.status === 'failed');
-  if (failedTasks.length > 0) {
-    console.log(`Failed to upload ${failedTasks.length} asset${s(failedTasks.length)}:`);
-    for (const task of failedTasks) {
-      console.log(`- ${task.data} - ${task.error}`);
-    }
-  }
-
  return newAssets;
 };

-const uploadFile = async (input: string, stats: Stats): Promise<AssetMediaResponseDto> => {
+const uploadFile = async (input: string, stats: Stats): Promise<AssetFileUploadResponseDto> => {
  const { baseUrl, headers } = defaults;

  const assetPath = path.parse(input);
@@ -386,7 +225,7 @@ const uploadFile = async (input: string, stats: Stats): Promise<AssetMediaRespon
    formData.append('sidecarData', sidecarData);
  }

-  const response = await fetch(`${baseUrl}/assets`, {
+  const response = await fetch(`${baseUrl}/asset/upload`, {
    method: 'post',
    redirect: 'error',
    headers: headers as Record<string, string>,
@@ -506,9 +345,7 @@ const updateAlbums = async (assets: Asset[], options: UploadOptionsDto) => {
  }
 };

-// `filepath` valid format:
-// - Windows: `D:\\test\\Filename.txt` or `D:/test/Filename.txt`
-// - Unix: `/test/Filename.txt`
-export const getAlbumName = (filepath: string, options: UploadOptionsDto) => {
-  return options.albumName ?? path.basename(path.dirname(filepath));
+const getAlbumName = (filepath: string, options: UploadOptionsDto) => {
+  const folderName = os.platform() === 'win32' ? filepath.split('\\').at(-2) : filepath.split('/').at(-2);
+  return options.albumName ?? folderName;
 };
--- a/cli/src/commands/auth.ts
+++ b/cli/src/commands/auth.ts
@@ -1,4 +1,4 @@
-import { getMyUser } from '@immich/sdk';
+import { getMyUserInfo } from '@immich/sdk';
 import { existsSync } from 'node:fs';
 import { mkdir, unlink } from 'node:fs/promises';
 import { BaseOptions, connect, getAuthFilePath, logError, withError, writeAuthFile } from 'src/utils';
@@ -10,13 +10,13 @@ export const login = async (url: string, key: string, options: BaseOptions) => {

  await connect(url, key);

-  const [error, user] = await withError(getMyUser());
+  const [error, userInfo] = await withError(getMyUserInfo());
  if (error) {
    logError(error, 'Failed to load user info');
    process.exit(1);
  }

-  console.log(`Logged in as ${user.email}`);
+  console.log(`Logged in as ${userInfo.email}`);

  if (!existsSync(configDir)) {
    // Create config folder if it doesn't exist
--- a/cli/src/commands/server-info.ts
+++ b/cli/src/commands/server-info.ts
@@ -1,4 +1,4 @@
-import { getAssetStatistics, getMyUser, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
+import { getAssetStatistics, getMyUserInfo, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
 import { BaseOptions, authenticate } from 'src/utils';

 export const serverInfo = async (options: BaseOptions) => {
@@ -8,7 +8,7 @@ export const serverInfo = async (options: BaseOptions) => {
    getServerVersion(),
    getSupportedMediaTypes(),
    getAssetStatistics({}),
-    getMyUser(),
+    getMyUserInfo(),
  ]);

  console.log(`Server Info (via ${userInfo.email})`);
--- a/cli/src/index.ts
+++ b/cli/src/index.ts
@@ -69,13 +69,6 @@ program
      .default(4),
  )
  .addOption(new Option('--delete', 'Delete local assets after upload').env('IMMICH_DELETE_ASSETS'))
-  .addOption(new Option('--no-progress', 'Hide progress bars').env('IMMICH_PROGRESS_BAR').default(true))
-  .addOption(
-    new Option('--watch', 'Watch for changes and upload automatically')
-      .env('IMMICH_WATCH_CHANGES')
-      .default(false)
-      .implies({ progress: false }),
-  )
  .argument('[paths...]', 'One or more paths to assets to be uploaded')
  .action((paths, options) => upload(paths, program.opts(), options));

--- a/cli/src/queue.ts
+++ b/cli/src/queue.ts
@@ -1,131 +0,0 @@
-import * as fastq from 'fastq';
-import { uniqueId } from 'lodash-es';
-
-export type Task<T, R> = {
-  readonly id: string;
-  status: 'idle' | 'processing' | 'succeeded' | 'failed';
-  data: T;
-  error: unknown | undefined;
-  count: number;
-  // TODO: Could be useful to adding progress property.
-  // TODO: Could be useful to adding start_at/end_at/duration properties.
-  result: undefined | R;
-};
-
-export type QueueOptions = {
-  verbose?: boolean;
-  concurrency?: number;
-  retry?: number;
-  // TODO: Could be useful to adding timeout property for retry.
-};
-
-export type ComputedQueueOptions = Required<QueueOptions>;
-
-export const defaultQueueOptions = {
-  concurrency: 1,
-  retry: 0,
-  verbose: false,
-};
-
-/**
- * An in-memory queue that processes tasks in parallel with a given concurrency.
- * @see {@link https://www.npmjs.com/package/fastq}
- * @template T - The type of the worker task data.
- * @template R - The type of the worker output data.
- */
-export class Queue<T, R> {
-  private readonly queue: fastq.queueAsPromised<string, Task<T, R>>;
-  private readonly store = new Map<string, Task<T, R>>();
-  readonly options: ComputedQueueOptions;
-  readonly worker: (data: T) => Promise<R>;
-
-  /**
-   * Create a new queue.
-   * @param worker - The worker function that processes the task.
-   * @param options - The queue options.
-   */
-  constructor(worker: (data: T) => Promise<R>, options?: QueueOptions) {
-    this.options = { ...defaultQueueOptions, ...options };
-    this.worker = worker;
-    this.store = new Map<string, Task<T, R>>();
-    this.queue = this.buildQueue();
-  }
-
-  get tasks(): Task<T, R>[] {
-    const tasks: Task<T, R>[] = [];
-    for (const task of this.store.values()) {
-      tasks.push(task);
-    }
-    return tasks;
-  }
-
-  getTask(id: string): Task<T, R> {
-    const task = this.store.get(id);
-    if (!task) {
-      throw new Error(`Task with id ${id} not found`);
-    }
-    return task;
-  }
-
-  /**
-   * Wait for the queue to be empty.
-   * @returns Promise<void> - The returned Promise will be resolved when all tasks in the queue have been processed by a worker.
-   * This promise could be ignored as it will not lead to a `unhandledRejection`.
-   */
-  drained(): Promise<void> {
-    return this.queue.drained();
-  }
-
-  /**
-   * Add a task at the end of the queue.
-   * @see {@link https://www.npmjs.com/package/fastq}
-   * @param data
-   * @returns Promise<void> - A Promise that will be fulfilled (rejected) when the task is completed successfully (unsuccessfully).
-   * This promise could be ignored as it will not lead to a `unhandledRejection`.
-   */
-  async push(data: T): Promise<Task<T, R>> {
-    const id = uniqueId();
-    const task: Task<T, R> = { id, status: 'idle', error: undefined, count: 0, data, result: undefined };
-    this.store.set(id, task);
-    return this.queue.push(id);
-  }
-
-  // TODO: Support more function delegation to fastq.
-
-  private buildQueue(): fastq.queueAsPromised<string, Task<T, R>> {
-    return fastq.promise((id: string) => {
-      const task = this.getTask(id);
-      return this.work(task);
-    }, this.options.concurrency);
-  }
-
-  private async work(task: Task<T, R>): Promise<Task<T, R>> {
-    task.count += 1;
-    task.error = undefined;
-    task.status = 'processing';
-    if (this.options.verbose) {
-      console.log('[task] processing:', task);
-    }
-    try {
-      task.result = await this.worker(task.data);
-      task.status = 'succeeded';
-      if (this.options.verbose) {
-        console.log('[task] succeeded:', task);
-      }
-      return task;
-    } catch (error) {
-      task.error = error;
-      task.status = 'failed';
-      if (this.options.verbose) {
-        console.log('[task] failed:', task);
-      }
-      if (this.options.retry > 0 && task.count < this.options.retry) {
-        if (this.options.verbose) {
-          console.log('[task] retry:', task);
-        }
-        return this.work(task);
-      }
-      return task;
-    }
-  }
-}
--- a/cli/src/utils.spec.ts
+++ b/cli/src/utils.spec.ts
@@ -1,21 +1,14 @@
 import mockfs from 'mock-fs';
-import { readFileSync } from 'node:fs';
-import { Batcher, CrawlOptions, crawl } from 'src/utils';
-import { Mock } from 'vitest';
+import { CrawlOptions, crawl } from 'src/utils';

 interface Test {
  test: string;
  options: Omit<CrawlOptions, 'extensions'>;
  files: Record<string, boolean>;
-  skipOnWin32?: boolean;
 }

 const cwd = process.cwd();

-const readContent = (path: string) => {
-  return readFileSync(path).toString();
-};
-
 const extensions = [
  '.jpg',
  '.jpeg',
@@ -50,18 +43,6 @@ const tests: Test[] = [
      '/photos/image.jpg': true,
    },
  },
-  {
-    test: 'should crawl folders with quotes',
-    options: {
-      pathsToCrawl: ["/photo's/", '/photo"s/', '/photo`s/'],
-    },
-    files: {
-      "/photo's/image1.jpg": true,
-      '/photo"s/image2.jpg': true,
-      '/photo`s/image3.jpg': true,
-    },
-    skipOnWin32: true, // single quote interferes with mockfs root on Windows
-  },
  {
    test: 'should crawl a single file',
    options: {
@@ -129,7 +110,17 @@ const tests: Test[] = [
      '/albums/image3.jpg': true,
    },
  },
-
+  {
+    test: 'should support globbing paths',
+    options: {
+      pathsToCrawl: ['/photos*'],
+    },
+    files: {
+      '/photos1/image1.jpg': true,
+      '/photos2/image2.jpg': true,
+      '/images/image3.jpg': false,
+    },
+  },
  {
    test: 'should crawl a single path without trailing slash',
    options: {
@@ -265,8 +256,7 @@ const tests: Test[] = [
  {
    test: 'should support ignoring absolute paths',
    options: {
-      // Currently, fast-glob has some caveat when dealing with `/`.
-      pathsToCrawl: ['/*s'],
+      pathsToCrawl: ['/'],
      recursive: true,
      exclusionPattern: '/images/**',
    },
@@ -284,58 +274,17 @@ describe('crawl', () => {
  });

  describe('crawl', () => {
-    for (const { test: name, options, files, skipOnWin32 } of tests) {
-      if (process.platform === 'win32' && skipOnWin32) {
-        test.skip(name);
-        continue;
-      }
-      it(name, async () => {
-        // The file contents is the same as the path.
-        mockfs(Object.fromEntries(Object.keys(files).map((file) => [file, file])));
+    for (const { test, options, files } of tests) {
+      it(test, async () => {
+        mockfs(Object.fromEntries(Object.keys(files).map((file) => [file, ''])));

        const actual = await crawl({ ...options, extensions });
        const expected = Object.entries(files)
          .filter((entry) => entry[1])
          .map(([file]) => file);

-        // Compare file's content instead of path since a file can be represent in multiple ways.
-        expect(actual.map((path) => readContent(path)).sort()).toEqual(expected.sort());
+        expect(actual.sort()).toEqual(expected.sort());
      });
    }
  });
 });
-
-describe('Batcher', () => {
-  let batcher: Batcher;
-  let onBatch: Mock;
-  beforeEach(() => {
-    onBatch = vi.fn();
-    batcher = new Batcher({ batchSize: 2, onBatch });
-  });
-
-  it('should trigger onBatch() when a batch limit is reached', async () => {
-    batcher.add('a');
-    batcher.add('b');
-    batcher.add('c');
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a', 'b']);
-  });
-
-  it('should trigger onBatch() when flush() is called', async () => {
-    batcher.add('a');
-    batcher.flush();
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a']);
-  });
-
-  it('should trigger onBatch() when debounce time reached', async () => {
-    vi.useFakeTimers();
-    batcher = new Batcher({ batchSize: 2, debounceTimeMs: 100, onBatch });
-    batcher.add('a');
-    expect(onBatch).not.toHaveBeenCalled();
-    vi.advanceTimersByTime(200);
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a']);
-    vi.useRealTimers();
-  });
-});
--- a/cli/src/utils.ts
+++ b/cli/src/utils.ts
@@ -1,9 +1,8 @@
-import { getMyUser, init, isHttpError } from '@immich/sdk';
-import { convertPathToPattern, glob } from 'fast-glob';
+import { getMyUserInfo, init, isHttpError } from '@immich/sdk';
+import { glob } from 'fast-glob';
 import { createHash } from 'node:crypto';
 import { createReadStream } from 'node:fs';
 import { readFile, stat, writeFile } from 'node:fs/promises';
-import { platform } from 'node:os';
 import { join, resolve } from 'node:path';
 import yaml from 'yaml';

@@ -49,7 +48,7 @@ export const connect = async (url: string, key: string) => {

  init({ baseUrl: url, apiKey: key });

-  const [error] = await withError(getMyUser());
+  const [error] = await withError(getMyUserInfo());
  if (isHttpError(error)) {
    logError(error, 'Failed to connect to server');
    process.exit(1);
@@ -107,11 +106,6 @@ export interface CrawlOptions {
  exclusionPattern?: string;
  extensions: string[];
 }
-
-const convertPathToPatternOnWin = (path: string) => {
-  return platform() === 'win32' ? convertPathToPattern(path) : path;
-};
-
 export const crawl = async (options: CrawlOptions): Promise<string[]> => {
  const { extensions: extensionsWithPeriod, recursive, pathsToCrawl, exclusionPattern, includeHidden } = options;
  const extensions = extensionsWithPeriod.map((extension) => extension.replace('.', ''));
@@ -130,32 +124,36 @@ export const crawl = async (options: CrawlOptions): Promise<string[]> => {
      if (stats.isFile() || stats.isSymbolicLink()) {
        crawledFiles.push(absolutePath);
      } else {
-        patterns.push(convertPathToPatternOnWin(absolutePath));
+        patterns.push(absolutePath);
      }
    } catch (error: any) {
      if (error.code === 'ENOENT') {
-        patterns.push(convertPathToPatternOnWin(currentPath));
+        patterns.push(currentPath);
      } else {
        throw error;
      }
    }
  }

-  if (patterns.length === 0) {
+  let searchPattern: string;
+  if (patterns.length === 1) {
+    searchPattern = patterns[0];
+  } else if (patterns.length === 0) {
    return crawledFiles;
+  } else {
+    searchPattern = '{' + patterns.join(',') + '}';
  }

-  const searchPatterns = patterns.map((pattern) => {
-    let escapedPattern = pattern.replaceAll("'", "[']").replaceAll('"', '["]').replaceAll('`', '[`]');
-    if (recursive) {
-      escapedPattern = escapedPattern + '/**';
-    }
-    return `${escapedPattern}/*.{${extensions.join(',')}}`;
-  });
+  if (recursive) {
+    searchPattern = searchPattern + '/**/';
+  }

-  const globbedFiles = await glob(searchPatterns, {
+  searchPattern = `${searchPattern}/*.{${extensions.join(',')}}`;
+
+  const globbedFiles = await glob(searchPattern, {
    absolute: true,
    caseSensitiveMatch: false,
+    onlyFiles: true,
    dot: includeHidden,
    ignore: [`**/${exclusionPattern}`],
  });
@@ -172,64 +170,3 @@ export const sha1 = (filepath: string) => {
    rs.on('end', () => resolve(hash.digest('hex')));
  });
 };
-
-/**
- * Batches items and calls onBatch to process them
- * when the batch size is reached or the debounce time has passed.
- */
-export class Batcher<T = unknown> {
-  private items: T[] = [];
-  private readonly batchSize: number;
-  private readonly debounceTimeMs?: number;
-  private readonly onBatch: (items: T[]) => void;
-  private debounceTimer?: NodeJS.Timeout;
-
-  constructor({
-    batchSize,
-    debounceTimeMs,
-    onBatch,
-  }: {
-    batchSize: number;
-    debounceTimeMs?: number;
-    onBatch: (items: T[]) => Promise<void>;
-  }) {
-    this.batchSize = batchSize;
-    this.debounceTimeMs = debounceTimeMs;
-    this.onBatch = onBatch;
-  }
-
-  private setDebounceTimer() {
-    if (this.debounceTimer) {
-      clearTimeout(this.debounceTimer);
-    }
-    if (this.debounceTimeMs) {
-      this.debounceTimer = setTimeout(() => this.flush(), this.debounceTimeMs);
-    }
-  }
-
-  private clearDebounceTimer() {
-    if (this.debounceTimer) {
-      clearTimeout(this.debounceTimer);
-      this.debounceTimer = undefined;
-    }
-  }
-
-  add(item: T) {
-    this.items.push(item);
-    this.setDebounceTimer();
-    if (this.items.length >= this.batchSize) {
-      this.flush();
-    }
-  }
-
-  flush() {
-    this.clearDebounceTimer();
-    if (this.items.length === 0) {
-      return;
-    }
-
-    this.onBatch(this.items);
-
-    this.items = [];
-  }
-}
--- a/cli/src/version.ts
+++ b/cli/src/version.ts
@@ -0,0 +1,37 @@
+import { version } from '../package.json';
+
+export interface ICliVersion {
+  major: number;
+  minor: number;
+  patch: number;
+}
+
+export class CliVersion implements ICliVersion {
+  constructor(
+    public readonly major: number,
+    public readonly minor: number,
+    public readonly patch: number,
+  ) {}
+
+  toString() {
+    return `${this.major}.${this.minor}.${this.patch}`;
+  }
+
+  toJSON() {
+    const { major, minor, patch } = this;
+    return { major, minor, patch };
+  }
+
+  static fromString(version: string): CliVersion {
+    const regex = /v?(?<major>\d+)\.(?<minor>\d+)\.(?<patch>\d+)/i;
+    const matchResult = version.match(regex);
+    if (matchResult) {
+      const [, major, minor, patch] = matchResult.map(Number);
+      return new CliVersion(major, minor, patch);
+    } else {
+      throw new Error(`Invalid version format: ${version}`);
+    }
+  }
+}
+
+export const cliVersion = CliVersion.fromString(version);
--- a/cli/vite.config.ts
+++ b/cli/vite.config.ts
@@ -2,7 +2,6 @@ import { defineConfig } from 'vite';
 import tsconfigPaths from 'vite-tsconfig-paths';

 export default defineConfig({
-  resolve: { alias: { src: '/src' } },
  build: {
    rollupOptions: {
      input: 'src/index.ts',
--- a/deployment/.gitignore
+++ b/deployment/.gitignore
@@ -1,38 +0,0 @@
-# OpenTofu
-
-# Local .terraform directories
-**/.terraform/*
-
-# .tfstate files
-*.tfstate
-*.tfstate.*
-
-# Crash log files
-crash.log
-crash.*.log
-
-# Ignore override files as they are usually used to override resources locally and so
-# are not checked in
-override.tf
-override.tf.json
-*_override.tf
-*_override.tf.json
-
-# Include override files you do wish to add to version control using negated pattern
-# !example_override.tf
-
-# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
-# example: *tfplan*
-
-# Ignore CLI configuration files
-.terraformrc
-terraform.rc
-
-# Terragrunt
-
-# terragrunt cache directories
-**/.terragrunt-cache/*
-
-# Terragrunt debug output file (when using `--terragrunt-debug` option)
-# See: https://terragrunt.gruntwork.io/docs/reference/cli-options/#terragrunt-debug
-terragrunt-debug.tfvars.json
--- a/deployment/modules/cloudflare/docs-release/.terraform.lock.hcl
+++ b/deployment/modules/cloudflare/docs-release/.terraform.lock.hcl
@@ -1,38 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.52.0"
-  constraints = "4.52.0"
-  hashes = [
-    "h1:2BEJyXJtYC4B4nda/WCYUmuJYDaYk88F8t1pwPzr0iQ=",
-    "h1:4IASk5SESeWKQ7JU0+M7KApuF5mZyklvwMXPBabim3c=",
-    "h1:5ImZxxALSnWfH/4EXw/wFirSmk5Tr0ACmcysy51AafE=",
-    "h1:6TJ3dxLSin4ZKBJLsZDn95H2ZYnGm8S7GGHvvXuuMQU=",
-    "h1:IzTUjg9kQ4N3qizP9CjYLeHwjsuGgtxwXvfUQWyOLcA=",
-    "h1:NTaOQfYINA0YTG/V1/9+SYtgX1it63+cBugj4WK4FWc=",
-    "h1:PXH48LuJn329sCfMXprdMDk51EZaWFyajVvS03qhQLs=",
-    "h1:Pi5M+GeoMSN2eJ6QnIeXjBf19O+rby/74CfB2ocpv20=",
-    "h1:ShXZ2ZjBvm3thfoPPzPT8+OhyismnydQVkUAfI8X12w=",
-    "h1:WQ9hu0Wge2msBbODfottCSKgu8oKUrw4Opz+fDPVVHk=",
-    "h1:Z5yXML2DE0uH9UU+M0ut9JMQAORcwVZz1CxBHzeBmao=",
-    "h1:jqI2qKknpleS3JDSplyGYHMu0u9K/tor1ZOjFwDgEMk=",
-    "h1:kgfutDh14Q5nw4eg6qGFamFxIiY8Ae0FPKRBLDOzpcI=",
-    "h1:zCAO7GZmfYhWb+i6TfqlqhMeDyPZWGio2IzEzAh3YTs=",
-    "zh:19be1a91c982b902c42aba47766860dfa5dc151eed1e95fd39ca642229381ef0",
-    "zh:1de451c4d1ecf7efbe67b6dace3426ba810711afdd644b0f1b870364c8ae91f8",
-    "zh:352b4a2120173298622e669258744554339d959ac3a95607b117a48ee4a83238",
-    "zh:3c6f1346d9154afbd2d558fabb4b0150fc8d559aa961254144fe1bc17fe6032f",
-    "zh:4c4c92d53fb535b1e0eff26f222bbd627b97d3b4c891ec9c321268676d06152f",
-    "zh:53276f68006c9ceb7cdb10a6ccf91a5c1eadd1407a28edb5741e84e88d7e29e8",
-    "zh:7925a97773948171a63d4f65bb81ee92fd6d07a447e36012977313293a5435c9",
-    "zh:7dfb0a4496cfe032437386d0a2cd9229a1956e9c30bd920923c141b0f0440060",
-    "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:8d4aa79f0a414bb4163d771063c70cd991c8fac6c766e685bac2ee12903c5bd6",
-    "zh:a67540c13565616a7e7e51ee9366e88b0dc60046e1d75c72680e150bd02725bb",
-    "zh:a936383a4767f5393f38f622e92bf2d0c03fe04b69c284951f27345766c7b31b",
-    "zh:d4887d73c466ff036eecf50ad6404ba38fd82ea4855296b1846d244b0f13c380",
-    "zh:e9093c8bd5b6cd99c81666e315197791781b8f93afa14fc2e0f732d1bb2a44b7",
-    "zh:efd3b3f1ec59a37f635aa1d4efcf178734c2fcf8ddb0d56ea690bec342da8672",
-  ]
-}
--- a/deployment/modules/cloudflare/docs-release/config.tf
+++ b/deployment/modules/cloudflare/docs-release/config.tf
@@ -1,11 +0,0 @@
-terraform {
-  backend "pg" {}
-  required_version = "~> 1.7"
-
-  required_providers {
-    cloudflare = {
-      source = "cloudflare/cloudflare"
-      version = "4.52.0"
-    }
-  }
-}
--- a/deployment/modules/cloudflare/docs-release/domain.tf
+++ b/deployment/modules/cloudflare/docs-release/domain.tf
@@ -1,14 +0,0 @@
-resource "cloudflare_pages_domain" "immich_app_release_domain" {
-  account_id   = var.cloudflare_account_id
-  project_name = data.terraform_remote_state.cloudflare_account.outputs.immich_app_archive_pages_project_name
-  domain       = "immich.app"
-}
-
-resource "cloudflare_record" "immich_app_release_domain" {
-  name = "immich.app"
-  proxied = true
-  ttl = 1
-  type = "CNAME"
-  content = data.terraform_remote_state.cloudflare_immich_app_docs.outputs.immich_app_branch_pages_hostname
-  zone_id = data.terraform_remote_state.cloudflare_account.outputs.immich_app_zone_id
-}
--- a/deployment/modules/cloudflare/docs-release/providers.tf
+++ b/deployment/modules/cloudflare/docs-release/providers.tf
@@ -1,3 +0,0 @@
-provider "cloudflare" {
-  api_token = data.terraform_remote_state.api_keys_state.outputs.terraform_key_cloudflare_docs
-}
--- a/deployment/modules/cloudflare/docs-release/remote-state.tf
+++ b/deployment/modules/cloudflare/docs-release/remote-state.tf
@@ -1,27 +0,0 @@
-data "terraform_remote_state" "api_keys_state" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_api_keys"
-  }
-}
-
-data "terraform_remote_state" "cloudflare_account" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_account"
-  }
-}
-
-data "terraform_remote_state" "cloudflare_immich_app_docs" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_immich_app_docs_${var.prefix_name}"
-  }
-}
-
--- a/deployment/modules/cloudflare/docs-release/terragrunt.hcl
+++ b/deployment/modules/cloudflare/docs-release/terragrunt.hcl
@@ -1,20 +0,0 @@
-terraform {
-  source = "."
-
-  extra_arguments custom_vars {
-    commands = get_terraform_commands_that_need_vars()
-  }
-}
-
-include {
-  path = find_in_parent_folders("state.hcl")
-}
-
-remote_state {
-  backend = "pg"
-
-  config = {
-    conn_str = get_env("TF_STATE_POSTGRES_CONN_STR")
-    schema_name = "prod_cloudflare_immich_app_docs_release"
-  }
-}
--- a/deployment/modules/cloudflare/docs-release/variables.tf
+++ b/deployment/modules/cloudflare/docs-release/variables.tf
@@ -1,4 +0,0 @@
-variable "cloudflare_account_id" {}
-variable "tf_state_postgres_conn_str" {}
-
-variable "prefix_name" {}
--- a/deployment/modules/cloudflare/docs/.terraform.lock.hcl
+++ b/deployment/modules/cloudflare/docs/.terraform.lock.hcl
@@ -1,38 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.52.0"
-  constraints = "4.52.0"
-  hashes = [
-    "h1:2BEJyXJtYC4B4nda/WCYUmuJYDaYk88F8t1pwPzr0iQ=",
-    "h1:4IASk5SESeWKQ7JU0+M7KApuF5mZyklvwMXPBabim3c=",
-    "h1:5ImZxxALSnWfH/4EXw/wFirSmk5Tr0ACmcysy51AafE=",
-    "h1:6TJ3dxLSin4ZKBJLsZDn95H2ZYnGm8S7GGHvvXuuMQU=",
-    "h1:IzTUjg9kQ4N3qizP9CjYLeHwjsuGgtxwXvfUQWyOLcA=",
-    "h1:NTaOQfYINA0YTG/V1/9+SYtgX1it63+cBugj4WK4FWc=",
-    "h1:PXH48LuJn329sCfMXprdMDk51EZaWFyajVvS03qhQLs=",
-    "h1:Pi5M+GeoMSN2eJ6QnIeXjBf19O+rby/74CfB2ocpv20=",
-    "h1:ShXZ2ZjBvm3thfoPPzPT8+OhyismnydQVkUAfI8X12w=",
-    "h1:WQ9hu0Wge2msBbODfottCSKgu8oKUrw4Opz+fDPVVHk=",
-    "h1:Z5yXML2DE0uH9UU+M0ut9JMQAORcwVZz1CxBHzeBmao=",
-    "h1:jqI2qKknpleS3JDSplyGYHMu0u9K/tor1ZOjFwDgEMk=",
-    "h1:kgfutDh14Q5nw4eg6qGFamFxIiY8Ae0FPKRBLDOzpcI=",
-    "h1:zCAO7GZmfYhWb+i6TfqlqhMeDyPZWGio2IzEzAh3YTs=",
-    "zh:19be1a91c982b902c42aba47766860dfa5dc151eed1e95fd39ca642229381ef0",
-    "zh:1de451c4d1ecf7efbe67b6dace3426ba810711afdd644b0f1b870364c8ae91f8",
-    "zh:352b4a2120173298622e669258744554339d959ac3a95607b117a48ee4a83238",
-    "zh:3c6f1346d9154afbd2d558fabb4b0150fc8d559aa961254144fe1bc17fe6032f",
-    "zh:4c4c92d53fb535b1e0eff26f222bbd627b97d3b4c891ec9c321268676d06152f",
-    "zh:53276f68006c9ceb7cdb10a6ccf91a5c1eadd1407a28edb5741e84e88d7e29e8",
-    "zh:7925a97773948171a63d4f65bb81ee92fd6d07a447e36012977313293a5435c9",
-    "zh:7dfb0a4496cfe032437386d0a2cd9229a1956e9c30bd920923c141b0f0440060",
-    "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:8d4aa79f0a414bb4163d771063c70cd991c8fac6c766e685bac2ee12903c5bd6",
-    "zh:a67540c13565616a7e7e51ee9366e88b0dc60046e1d75c72680e150bd02725bb",
-    "zh:a936383a4767f5393f38f622e92bf2d0c03fe04b69c284951f27345766c7b31b",
-    "zh:d4887d73c466ff036eecf50ad6404ba38fd82ea4855296b1846d244b0f13c380",
-    "zh:e9093c8bd5b6cd99c81666e315197791781b8f93afa14fc2e0f732d1bb2a44b7",
-    "zh:efd3b3f1ec59a37f635aa1d4efcf178734c2fcf8ddb0d56ea690bec342da8672",
-  ]
-}
--- a/deployment/modules/cloudflare/docs/config.tf
+++ b/deployment/modules/cloudflare/docs/config.tf
@@ -1,11 +0,0 @@
-terraform {
-  backend "pg" {}
-  required_version = "~> 1.7"
-
-  required_providers {
-    cloudflare = {
-      source = "cloudflare/cloudflare"
-      version = "4.52.0"
-    }
-  }
-}
--- a/deployment/modules/cloudflare/docs/domain.tf
+++ b/deployment/modules/cloudflare/docs/domain.tf
@@ -1,26 +0,0 @@
-resource "cloudflare_pages_domain" "immich_app_branch_domain" {
-  account_id   = var.cloudflare_account_id
-  project_name = local.is_release ? data.terraform_remote_state.cloudflare_account.outputs.immich_app_archive_pages_project_name : data.terraform_remote_state.cloudflare_account.outputs.immich_app_preview_pages_project_name
-  domain       = "${var.prefix_name}.${local.deploy_domain_prefix}.immich.app"
-}
-
-resource "cloudflare_record" "immich_app_branch_subdomain" {
-  name    = "${var.prefix_name}.${local.deploy_domain_prefix}.immich.app"
-  proxied = true
-  ttl     = 1
-  type    = "CNAME"
-  content   = "${replace(var.prefix_name, "/\\/|\\./", "-")}.${local.is_release ? data.terraform_remote_state.cloudflare_account.outputs.immich_app_archive_pages_project_subdomain : data.terraform_remote_state.cloudflare_account.outputs.immich_app_preview_pages_project_subdomain}"
-  zone_id = data.terraform_remote_state.cloudflare_account.outputs.immich_app_zone_id
-}
-
-output "immich_app_branch_subdomain" {
-  value = cloudflare_record.immich_app_branch_subdomain.hostname
-}
-
-output "immich_app_branch_pages_hostname" {
-  value = cloudflare_record.immich_app_branch_subdomain.content
-}
-
-output "pages_project_name" {
-  value = cloudflare_pages_domain.immich_app_branch_domain.project_name
-}
--- a/deployment/modules/cloudflare/docs/locals.tf
+++ b/deployment/modules/cloudflare/docs/locals.tf
@@ -1,7 +0,0 @@
-locals {
-  domain_name = "immich.app"
-  preview_prefix = contains(["branch", "pr"], var.prefix_event_type) ? "preview" : ""
-  archive_prefix = contains(["release"], var.prefix_event_type) ? "archive" : ""
-  deploy_domain_prefix = coalesce(local.preview_prefix, local.archive_prefix)
-  is_release = contains(["release"], var.prefix_event_type)
-}
--- a/deployment/modules/cloudflare/docs/providers.tf
+++ b/deployment/modules/cloudflare/docs/providers.tf
@@ -1,3 +0,0 @@
-provider "cloudflare" {
-  api_token = data.terraform_remote_state.api_keys_state.outputs.terraform_key_cloudflare_docs
-}
--- a/deployment/modules/cloudflare/docs/remote-state.tf
+++ b/deployment/modules/cloudflare/docs/remote-state.tf
@@ -1,17 +0,0 @@
-data "terraform_remote_state" "api_keys_state" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_api_keys"
-  }
-}
-
-data "terraform_remote_state" "cloudflare_account" {
-  backend = "pg"
-
-  config = {
-    conn_str = var.tf_state_postgres_conn_str
-    schema_name = "prod_cloudflare_account"
-  }
-}
--- a/deployment/modules/cloudflare/docs/terragrunt.hcl
+++ b/deployment/modules/cloudflare/docs/terragrunt.hcl
@@ -1,24 +0,0 @@
-terraform {
-  source = "."
-
-  extra_arguments custom_vars {
-    commands = get_terraform_commands_that_need_vars()
-  }
-}
-
-include {
-  path = find_in_parent_folders("state.hcl")
-}
-
-locals {
-  prefix_name = get_env("TF_VAR_prefix_name")
-}
-
-remote_state {
-  backend = "pg"
-
-  config = {
-    conn_str = get_env("TF_STATE_POSTGRES_CONN_STR")
-    schema_name = "prod_cloudflare_immich_app_docs_${local.prefix_name}"
-  }
-}
--- a/deployment/modules/cloudflare/docs/variables.tf
+++ b/deployment/modules/cloudflare/docs/variables.tf
@@ -1,5 +0,0 @@
-variable "cloudflare_account_id" {}
-variable "tf_state_postgres_conn_str" {}
-
-variable "prefix_name" {}
-variable "prefix_event_type" {}
--- a/deployment/state.hcl
+++ b/deployment/state.hcl
@@ -1,20 +0,0 @@
-locals {
-  cloudflare_account_id = get_env("CLOUDFLARE_ACCOUNT_ID")
-  cloudflare_api_token  = get_env("CLOUDFLARE_API_TOKEN")
-
-  tf_state_postgres_conn_str = get_env("TF_STATE_POSTGRES_CONN_STR")
-}
-
-remote_state {
-  backend = "pg"
-
-  config = {
-    conn_str = local.tf_state_postgres_conn_str
-  }
-}
-
-inputs = {
-  cloudflare_account_id      = local.cloudflare_account_id
-  cloudflare_api_token       = local.cloudflare_api_token
-  tf_state_postgres_conn_str = local.tf_state_postgres_conn_str
-}
--- a/docker/docker-compose.dev.yml
+++ b/docker/docker-compose.dev.yml
@@ -1,13 +1,4 @@
-#
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
-#
-# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
-#
-# The compose file on main may not be compatible with the latest release.
-
-# For development see:
+# See:
 # - https://immich.app/docs/developer/setup
 # - https://immich.app/docs/developer/troubleshooting

@@ -18,14 +9,11 @@ services:
    container_name: immich_server
    command: ['/usr/src/app/bin/immich-dev']
    image: immich-server-dev:latest
-    # extends:
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
    build:
      context: ../
      dockerfile: server/Dockerfile
      target: dev
-    restart: unless-stopped
+    restart: always
    volumes:
      - ../server:/usr/src/app
      - ../open-api:/usr/src/open-api
@@ -35,52 +23,31 @@ services:
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
-    environment:
-      IMMICH_REPOSITORY: immich-app/immich
-      IMMICH_REPOSITORY_URL: https://github.com/immich-app/immich
-      IMMICH_SOURCE_REF: local
-      IMMICH_SOURCE_COMMIT: af2efbdbbddc27cd06142f22253ccbbbbeec1f55
-      IMMICH_SOURCE_URL: https://github.com/immich-app/immich/commit/af2efbdbbddc27cd06142f22253ccbbbbeec1f55
-      IMMICH_BUILD: '9654404849'
-      IMMICH_BUILD_URL: https://github.com/immich-app/immich/actions/runs/9654404849
-      IMMICH_BUILD_IMAGE: development
-      IMMICH_BUILD_IMAGE_URL: https://github.com/immich-app/immich/pkgs/container/immich-server
-      IMMICH_THIRD_PARTY_SOURCE_URL: https://github.com/immich-app/immich/
-      IMMICH_THIRD_PARTY_BUG_FEATURE_URL: https://github.com/immich-app/immich/issues
-      IMMICH_THIRD_PARTY_DOCUMENTATION_URL: https://immich.app/docs
-      IMMICH_THIRD_PARTY_SUPPORT_URL: https://immich.app/docs/third-party
    ulimits:
      nofile:
        soft: 1048576
        hard: 1048576
    ports:
+      - 3001:3001
      - 9230:9230
-      - 9231:9231
-      - 2283:2283
    depends_on:
      - redis
      - database
-    healthcheck:
-      disable: false

  immich-web:
    container_name: immich_web
    image: immich-web-dev:latest
-    # Needed for rootless docker setup, see https://github.com/moby/moby/issues/45919
-    # user: 0:0
    build:
      context: ../web
    command: ['/usr/src/app/bin/immich-web']
    env_file:
      - .env
    ports:
-      - 3000:3000
+      - 2283:3000
      - 24678:24678
    volumes:
      - ../web:/usr/src/app
-      - ../i18n:/usr/src/i18n
      - ../open-api/:/usr/src/open-api/
-      # - ../../ui:/usr/ui
      - /usr/src/app/node_modules
    ulimits:
      nofile:
@@ -95,12 +62,12 @@ services:
    image: immich-machine-learning-dev:latest
    # extends:
    #   file: hwaccel.ml.yml
-    #   service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference
    build:
      context: ../machine-learning
      dockerfile: Dockerfile
      args:
-        - DEVICE=cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference
+        - DEVICE=cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference
    ports:
      - 3003:3003
    volumes:
@@ -111,18 +78,16 @@ services:
    depends_on:
      - database
    restart: unless-stopped
-    healthcheck:
-      disable: false

  redis:
    container_name: immich_redis
-    image: redis:6.2-alpine@sha256:148bb5411c184abd288d9aaed139c98123eeb8824c5d3fce03cf721db58066d8
+    image: redis:6.2-alpine@sha256:e31ca60b18f7e9b78b573d156702471d4eda038803c0b8e6f01559f350031e93
    healthcheck:
      test: redis-cli ping || exit 1

  database:
    container_name: immich_postgres
-    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52
+    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    env_file:
      - .env
    environment:
@@ -135,25 +100,13 @@ services:
    ports:
      - 5432:5432
    healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
-        Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
-        --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
-        echo "checksum failure count is $$Chksum";
-        [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT SUM(checksum_failures) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
      interval: 5m
      start_interval: 30s
      start_period: 5m
-    command: >-
-      postgres
-      -c shared_preload_libraries=vectors.so
-      -c 'search_path="$$user", public, vectors'
-      -c logging_collector=on
-      -c max_wal_size=2GB
-      -c shared_buffers=512MB
-      -c wal_compression=on
+    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]

-  # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
+  # set IMMICH_METRICS=true in .env to enable metrics
  # immich-prometheus:
  #   container_name: immich_prometheus
  #   ports:
--- a/docker/docker-compose.prod.yml
+++ b/docker/docker-compose.prod.yml
@@ -1,21 +1,9 @@
-#
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
-#
-# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
-#
-# The compose file on main may not be compatible with the latest release.
-
 name: immich-prod

 services:
  immich-server:
    container_name: immich_server
    image: immich-server:latest
-    # extends:
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
    build:
      context: ../
      dockerfile: server/Dockerfile
@@ -25,45 +13,39 @@ services:
    env_file:
      - .env
    ports:
-      - 2283:2283
+      - 2283:3001
    depends_on:
      - redis
      - database
    restart: always
-    healthcheck:
-      disable: false

  immich-machine-learning:
    container_name: immich_machine_learning
    image: immich-machine-learning:latest
    # extends:
    #   file: hwaccel.ml.yml
-    #   service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference
    build:
      context: ../machine-learning
      dockerfile: Dockerfile
      args:
-        - DEVICE=cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference
-    ports:
-      - 3003:3003
+        - DEVICE=cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always
-    healthcheck:
-      disable: false

  redis:
    container_name: immich_redis
-    image: redis:6.2-alpine@sha256:148bb5411c184abd288d9aaed139c98123eeb8824c5d3fce03cf721db58066d8
+    image: redis:6.2-alpine@sha256:e31ca60b18f7e9b78b573d156702471d4eda038803c0b8e6f01559f350031e93
    healthcheck:
      test: redis-cli ping || exit 1
    restart: always

  database:
    container_name: immich_postgres
-    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52
+    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    env_file:
      - .env
    environment:
@@ -76,21 +58,19 @@ services:
    ports:
      - 5432:5432
    healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1; Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT SUM(checksum_failures) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
      interval: 5m
      start_interval: 30s
      start_period: 5m
-    command: >-
-      postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on
+    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
    restart: always

-  # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
+  # set IMMICH_METRICS=true in .env to enable metrics
  immich-prometheus:
    container_name: immich_prometheus
    ports:
      - 9090:9090
-    image: prom/prometheus@sha256:502ad90314c7485892ce696cb14a99fceab9fc27af29f4b427f41bd39701a199
+    image: prom/prometheus@sha256:5c435642ca4d8427ca26f4901c11114023004709037880cd7860d5b7176aa731
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml
      - prometheus-data:/prometheus
@@ -99,10 +79,10 @@ services:
  # add data source for http://immich-prometheus:9090 to get started
  immich-grafana:
    container_name: immich_grafana
-    command: [ './run.sh', '-disable-reporting' ]
+    command: ['./run.sh', '-disable-reporting']
    ports:
      - 3000:3000
-    image: grafana/grafana:11.5.2-ubuntu@sha256:8b5858c447e06fd7a89006b562ba7bba7c4d5813600c7982374c41852adefaeb
+    image: grafana/grafana:11.0.0-ubuntu@sha256:02e99d1ee0b52dc9d3000c7b5314e7a07e0dfd69cc49bb3f8ce323491ed3406b
    volumes:
      - grafana-data:/var/lib/grafana

--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -1,11 +1,10 @@
 #
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
+# WARNING: Make sure to use the docker-compose.yml of the current release:
 #
 # https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
 #
 # The compose file on main may not be compatible with the latest release.
+#

 name: immich

@@ -13,66 +12,55 @@ services:
  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
-    # extends:
-    #   file: hwaccel.transcoding.yml
-    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
    volumes:
-      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
    ports:
-      - '2283:2283'
+      - 2283:3001
    depends_on:
      - redis
      - database
    restart: always
-    healthcheck:
-      disable: false

  immich-machine-learning:
    container_name: immich_machine_learning
-    # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag.
+    # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
    # Example tag: ${IMMICH_VERSION:-release}-cuda
    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
    #   file: hwaccel.ml.yml
-    #   service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the `-wsl` version for WSL2 where applicable
+    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always
-    healthcheck:
-      disable: false

  redis:
    container_name: immich_redis
-    image: docker.io/redis:6.2-alpine@sha256:148bb5411c184abd288d9aaed139c98123eeb8824c5d3fce03cf721db58066d8
+    image: docker.io/redis:6.2-alpine@sha256:e31ca60b18f7e9b78b573d156702471d4eda038803c0b8e6f01559f350031e93
    healthcheck:
      test: redis-cli ping || exit 1
    restart: always

  database:
    container_name: immich_postgres
-    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52
+    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
      POSTGRES_INITDB_ARGS: '--data-checksums'
    volumes:
-      # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
    healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1; Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT SUM(checksum_failures) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
      interval: 5m
      start_interval: 30s
      start_period: 5m
-    command: >-
-      postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on
+    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
    restart: always

 volumes:
--- a/docker/example.env
+++ b/docker/example.env
@@ -5,14 +5,10 @@ UPLOAD_LOCATION=./library
 # The location where your database files are stored
 DB_DATA_LOCATION=./postgres

-# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
-# TZ=Etc/UTC
-
 # The Immich version to use. You can pin this to a specific version like "v1.71.0"
 IMMICH_VERSION=release

 # Connection secret for postgres. You should change it to a random password
-# Please use only the characters `A-Za-z0-9`, without special characters or spaces
 DB_PASSWORD=postgres

 # The values below this line do not need to be changed
--- a/docker/hwaccel.ml.yml
+++ b/docker/hwaccel.ml.yml
@@ -13,13 +13,6 @@ services:
    volumes:
      - /lib/firmware/mali_csffw.bin:/lib/firmware/mali_csffw.bin:ro # Mali firmware for your chipset (not always required depending on the driver)
      - /usr/lib/libmali.so:/usr/lib/libmali.so:ro # Mali driver for your chipset (always required)
-  
-  rknn:
-    security_opt:
-      - systempaths=unconfined
-      - apparmor=unconfined
-    devices:
-      - /dev/dri:/dev/dri

  cpu: {}

@@ -33,13 +26,6 @@ services:
              capabilities:
                - gpu

-  rocm:
-    group_add:
-      - video
-    devices:
-      - /dev/dri:/dev/dri
-      - /dev/kfd:/dev/kfd
-
  openvino:
    device_cgroup_rules:
      - 'c 189:* rmw'
--- a/docker/hwaccel.transcoding.yml
+++ b/docker/hwaccel.transcoding.yml
@@ -48,8 +48,8 @@ services:
  vaapi-wsl: # use this for VAAPI if you're running Immich in WSL2
    devices:
      - /dev/dri:/dev/dri
-      - /dev/dxg:/dev/dxg
    volumes:
      - /usr/lib/wsl:/usr/lib/wsl
    environment:
+      - LD_LIBRARY_PATH=/usr/lib/wsl/lib
      - LIBVA_DRIVER_NAME=d3d12
--- a/docker/prometheus.yml
+++ b/docker/prometheus.yml
@@ -3,10 +3,10 @@ global:
  evaluation_interval: 15s

 scrape_configs:
-  - job_name: immich_api
+  - job_name: immich_server
    static_configs:
      - targets: ['immich-server:8081']
-
+  
  - job_name: immich_microservices
    static_configs:
-      - targets: ['immich-server:8082']
+      - targets: ['immich-microservices:8081']
--- a/docker/scripts/get-cpus.sh
+++ b/docker/scripts/get-cpus.sh
@@ -1,49 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-LOG_LEVEL="${IMMICH_LOG_LEVEL:='info'}"
-
-logDebug() {
-    if [ "$LOG_LEVEL" = "debug" ] || [ "$LOG_LEVEL" = "verbose" ]; then
-        echo "DEBUG: $1" >&2
-    fi
-}
-
-if [ -f /sys/fs/cgroup/cgroup.controllers ]; then
-    logDebug "cgroup v2 detected."
-    if [ -f /sys/fs/cgroup/cpu.max ]; then
-        read -r quota period </sys/fs/cgroup/cpu.max
-        if [ "$quota" = "max" ]; then
-            logDebug "No CPU limits set."
-            unset quota period
-        fi
-    else
-        logDebug "/sys/fs/cgroup/cpu.max not found."
-    fi
-else
-    logDebug "cgroup v1 detected."
-
-    if [ -f /sys/fs/cgroup/cpu/cpu.cfs_quota_us ] && [ -f /sys/fs/cgroup/cpu/cpu.cfs_period_us ]; then
-        quota=$(cat /sys/fs/cgroup/cpu/cpu.cfs_quota_us)
-        period=$(cat /sys/fs/cgroup/cpu/cpu.cfs_period_us)
-
-        if [ "$quota" = "-1" ]; then
-            logDebug "No CPU limits set."
-            unset quota period
-        fi
-    else
-        logDebug "/sys/fs/cgroup/cpu/cpu.cfs_quota_us or /sys/fs/cgroup/cpu/cpu.cfs_period_us not found."
-    fi
-fi
-
-if [ -n "${quota:-}" ] && [ -n "${period:-}" ]; then
-    cpus=$((quota / period))
-    if [ "$cpus" -eq 0 ]; then
-        cpus=1
-    fi
-else
-    cpus=$(grep -c ^processor /proc/cpuinfo)
-fi
-
-echo "$cpus"
--- a/docs/.nvmrc
+++ b/docs/.nvmrc
@@ -1 +1 @@
-22.14.0
+20.13
--- a/docs/blog/2023/06-24/update.mdx
+++ b/docs/blog/2023/06-24/update.mdx
@@ -94,7 +94,7 @@ Thank you, and I am asking for your support for the project. I hope to be a full
 - Bitcoin: 3QVAb9dCHutquVejeNXitPqZX26Yg5kxb7
 - Give a project a star - the contributors love gazing at the stars and seeing their creations shining in the sky.

-Join our friendly [Discord](https://discord.immich.app) to talk and discuss Immich, tech, or anything
+Join our friendly [Discord](https://discord.gg/D8JsnBEuKb) to talk and discuss Immich, tech, or anything

 Cheer!

--- a/docs/blog/2023/07-29/update.mdx
+++ b/docs/blog/2023/07-29/update.mdx
@@ -142,7 +142,7 @@ Thank you, and I am asking for your support for the project. I hope to be a full
 - Bitcoin: 3QVAb9dCHutquVejeNXitPqZX26Yg5kxb7
 - Give a project a star - the contributors love gazing at the stars and seeing their creations shining in the sky.

-Join our friendly [Discord](https://discord.immich.app) to talk and discuss Immich, tech, or anything
+Join our friendly [Discord](https://discord.gg/D8JsnBEuKb) to talk and discuss Immich, tech, or anything

 Cheer!

--- a/docs/blog/2024/immich-core-team-goes-fulltime.mdx
+++ b/docs/blog/2024/immich-core-team-goes-fulltime.mdx
@@ -1,7 +1,7 @@
 ---
 title: The Immich core team goes full-time
 authors: [alextran]
-tags: [update, announcement, FUTO]
+tags: [update, announcement, futo]
 date: 2024-05-01T00:00
 ---

--- a/docs/blog/2024/immich-licensing.mdx
+++ b/docs/blog/2024/immich-licensing.mdx
@@ -1,91 +0,0 @@
---
-title: Licensing announcement - Purchase a license to support Immich
-authors: [alextran]
-tags: [update, announcement, FUTO]
-date: 2024-07-18T00:00
---
-
-Hello everybody,
-
-Firstly, on behalf of the Immich team, I'd like to thank everybody for your continuous support of Immich since the very first day! Your contributions, encouragement, and community engagement have helped bring Immich to its current state. The team and I are forever grateful for that.
-
-Since our [last announcement of the core team joining FUTO to work on Immich full-time](https://immich.app/blog/2024/immich-core-team-goes-fulltime), one of the goals of our new position is to foster a healthy relationship between the developers and the users. We believe that this enables us to create great software, establish transparent policies and build trust.
-
-We want to build a great software application that brings value to you and your loved ones' lives. We are not using you as a product, i.e., selling or tracking your data. We are not putting annoying ads into our software. We respect your privacy. We want to be compensated for the hard work we put in to build Immich for you.
-
-With those notes, we have enabled a way for you to financially support the continued development of Immich, ensuring the software can move forward and will be maintained, by offering a lifetime license of the software. We think if you like and use software, you should pay for it, but _we're never going to force anyone to pay or try to limit Immich for those who don't._
-
-There are two types of license that you can choose to purchase: **Server License** and **Individual License**.
-
-### Server License
-
-This is a lifetime license costing **$99.99**. The license is applied to the whole server. You and all users that use your server are licensed.
-
-### Individual License
-
-This is a lifetime license costing **$24.99**. The license is applied to a single user, and can be used on any server they choose to connect to.
-
-<img
-  width="837"
-  alt="license-social-gh"
-  src="https://github.com/user-attachments/assets/241932ed-ef3b-44ec-a9e2-ee80754e0cca"
-/>
-
-You can purchase the license on [our page - https://buy.immich.app](https://buy.immich.app).
-
-Starting with release `v1.109.0` you can purchase and enter your purchased license key directly in the app.
-
-<img
-  width="1414"
-  alt="license-page-gh"
-  src="https://github.com/user-attachments/assets/364fc32a-f6ef-4594-9fea-28d5a26ad77c"
-/>
-
-## Thank you
-
-Thank you again for your support, this will help create a strong foundation and stability for the Immich team to continue developing and maintaining the project that you love to use.
-
-<p align="center">
-  <img
-    src="https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExbjY2eWc5Y2F0ZW56MmR4aWE0dDhzZXlidXRmYWZyajl1bWZidXZpcyZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/87CKDqErVfMqY/giphy.gif"
-    width="550"
-    title="SUPPORT THE PROJECT!"
-  />
-</p>
-
-<br />
-<br />
-
-Cheers! 🎉
-
-Immich team
-
-# FAQ
-
-### 1. Where can I purchase a license?
-
-There are several places where you can purchase the license from
-
- [https://buy.immich.app](https://buy.immich.app)
- [https://pay.futo.org](https://pay.futo.org/)
- or directly from the app.
-
-### 2. Do I need both _Individual License_ and _Server License_?
-
-No,
-
-If you are the admin and the sole user, or your instance has less than a total of 4 users, you can buy the **Individual License** for each user.
-
-If your instance has more than 4 users, it is more cost-effective to buy the **Server License**, which will license all the users on your instance.
-
-### 3. What do I do if I don't pay?
-
-You can continue using Immich without any restriction.
-
-### 4. Will there be any paywalled features?
-
-No, there will never be any paywalled features.
-
-### 5. Where can I get support regarding payment issues?
-
-You can email us with your `orderId` and your email address `billing@futo.org` or on our Discord server.
--- a/docs/blog/2024/update-july-2024.mdx
+++ b/docs/blog/2024/update-july-2024.mdx
@@ -1,78 +0,0 @@
---
-title: Immich Update - July 2024
-authors: [alextran]
-date: 2024-07-01T00:00
-tags: [update, v1.106.0]
---
-
-Hello everybody! Alex from Immich here and I am back with another development progress update for the project.
-
-Summer has returned once again, and the night sky is filled with stars, thank you for **38_000 shining stars** you have sent to our [GitHub repo](https://github.com/immich-app/immich)! Since the last announcement several core contributors have started full time. Everything is going great with development, PRs get merged with _brrrrrrr_ rate, conversation exchange between team members is on a new high, we met and are working with the great engineers at FUTO. The spirit is high and we have a lot of things brewing that we think you will like.
-
-Let's go over some of the updates we had since the last post.
-
-### Container consolidation
-
-Reduced the number of total containers from 5 to 4 by making the microservices thread get spawned directly in the server container. Woohoo, remember when Immich had 7 containers?
-
-### Email notifications
-
-![smtp](https://github.com/immich-app/immich/assets/27055614/949cba85-d3f1-4cd3-b246-a6f5fb5d3ae8)
-
-We added email notifications to the app with SMTP settings that you can configure for the following events
-
- A new account is created for you.
- You are added to a shared album.
- New media is added to an album.
-
-### Versioned docs
-
-You can now jump back into the past or take a peek at the unreleased version of the documentation by selecting the version on the website.
-
-![version-doc](https://github.com/immich-app/immich/assets/27055614/6d22898a-5093-41ad-b416-4573d7ce6e03)
-
-### Similarity deduplication
-
-With more machine learning and CLIP magic, we now have similarity deduplication built into the application where it will search for closely similar images and let you decide what to do with them; i.e keep or trash.
-
-![similarity-deduplication](https://github.com/immich-app/immich/assets/27055614/3cac8478-fbf7-47ea-acb6-0146901dc67e)
-
-### Permanent URL for asset on the web
-
-The detail view for an asset now has a permanent URL so you can easily share them with your loved ones.
-
-### Web app translations
-
-We now have a public Weblate project which the community can use to translate the webapp to their native languages. We are planning to port the mobile app translation to this platform as well. If you would like to contribute, you can take a look [here](https://hosted.weblate.org/projects/immich/immich/). We're already close to 50% translations -- we really appreciate everyone contributing to that!
-
-![web-translation](https://github.com/immich-app/immich/assets/27055614/363df2ed-656c-4584-bd82-0708a693c5bc)
-
-### Read-only/Editor mode on shared album
-
-As the owner of the album, you can choose if the shared user can edit the album or to only view the content of the album without any modification.
-
-![read-only-album](https://github.com/immich-app/immich/assets/27055614/c6f66375-b869-495a-9a86-3e87b316d109)
-
-### Better video thumbnails
-
-Immich now tries to find a descriptive video thumbnail instead of simply using the first frame. No more black images for thumbnails!
-
-### Public Roadmap
-
-We now have a [public roadmap](https://immich.app/roadmap), giving you a high-level overview of things the team is working on. The first goal of this roadmap is to bring Immich to a stable release, which is expected sometime later this year. Some of the highlights include
-
- Auto stacking - Auto stacking of burst photos
- Basic editor - Basic photo editing capabilities
- Workflows - Automate tasks with workflows
- Fine grained access controls - Granular access controls for users and api keys
- Better background backups - Rework background backups to be more reliable
- Private/locked photos - Private assets with extra protections
-
-Beyond the items in the roadmap, we have _many many_ more ideas for Immich. The team and I hope that you are enjoying the application, find it helpful in your life and we have nothing but the intention of building out great software for you all!
-
-Have an amazing Summer or Winter for those in the southern hemisphere! :D
-
-Until next time,
-
-Cheers!
-Alex
--- a/docs/docs/FAQ.mdx
+++ b/docs/docs/FAQ.mdx
@@ -49,38 +49,17 @@ The behaviors differ based on your device manufacturer and operating system, but
 On iOS (iPhone and iPad), the operating system determines if a particular app can invoke background tasks based on multiple factors, most of which the Immich app has no control over. To increase the likelihood that the background backup task is run, follow the steps below:

 - Enable Background App Refresh for Immich in the iOS settings at `Settings > General > Background App Refresh`.
- Disable **Low Power Mode** when not needed, as this can prevent apps from running in the background.
 - Disable Background App Refresh for apps that don't need background tasks to run. This will reduce the competition for background task invocation for Immich.
 - Use the Immich app more often.

-### Why are features in the mobile app not working with a self-signed certificate, Basic Auth, custom headers, or mutual TLS?
-
-These network features are experimental. They often do not work with video playback, asset upload or download, and other features.
-Many of these limitations are tracked in [#15230](https://github.com/immich-app/immich/issues/15230).
-Instead of these experimental features, we recommend using the URL switching feature, a VPN, or a [free trusted SSL certificate](https://letsencrypt.org/) for your domain.
-
-We are not actively developing these features and will not be able to provide support, but welcome contributions to improve them.
-Please discuss any large PRs with our dev team to ensure your time is not wasted.
-
-### Why isn't the mobile app updated yet?
-
-The app stores can take a few days to approve new builds of the app. If you're impatient, android APKs can be downloaded from the GitHub releases.
-
 ---

 ## Assets

 ### Does Immich change the file?

-No, Immich does not modify the original files.
-All edited metadata is saved in companion `.xmp` sidecar files and the database.
-However, Immich will delete original files that have been trashed when the trash is emptied in the Immich UI.
-
-### Why do my file names appear as a random string in the file manager?
-
-When Storage Template is off (default) Immich saves the file names in a random string (also known as random UUIDs) to prevent duplicate file names.
-To retrieve the original file names, you must enable the Storage Template and then run the STORAGE TEMPLATE MIGRATION job.
-It is recommended to read about [Storage Template](https://immich.app/docs/administration/storage-template) before activation.
+No, Immich does not touch the original file under any circumstances,  
+all edited metadata are saved in the companion sidecar file and the database.

 ### Can I add my existing photo library?

@@ -88,24 +67,15 @@ Yes, with an [External Library](/docs/features/libraries.md).

 ### What happens to existing files after I choose a new [Storage Template](/docs/administration/storage-template.mdx)?

-Template changes will only apply to _new_ assets. To retroactively apply the template to previously uploaded assets, run the Storage Migration Job, available on the [Jobs](/docs/administration/jobs-workers/#jobs) page.
+Template changes will only apply to _new_ assets. To retroactively apply the template to previously uploaded assets, run the Storage Migration Job, available on the [Jobs](/docs/administration/jobs.md) page.

 ### Why are only photos and not videos being uploaded to Immich?

-This often happens when using a reverse proxy in front of Immich.
-Make sure to [set your reverse proxy](/docs/administration/reverse-proxy/) to allow large requests.
-Also, check the disk space of your reverse proxy.
-In some cases, proxies cache requests to disk before passing them on, and if disk space runs out, the request fails.
-
-If you are using Cloudflare Tunnel, please know that they set a maximum filesize of 100 MB that cannot be changed.
-At times, files larger than this may work, potentially up to 1 GB. However, the official limit is 100 MB.
-If you are having issues, we recommend switching to a different network deployment.
+This often happens when using a reverse proxy (such as Nginx or Cloudflare tunnel) in front of Immich. Make sure to set your reverse proxy to allow large `POST` requests. In `nginx`, set `client_max_body_size 50000M;` or similar. Also, check the disk space of your reverse proxy. In some cases, proxies cache requests to disk before passing them on, and if disk space runs out, the request fails.

 ### Why are some photos stored in the file system with the wrong date?

-There are a few different scenarios that can lead to this situation. The solution is to rerun the storage migration job.
-The job is only automatically run once per asset after upload. If metadata extraction originally failed, the jobs were cleared/canceled, etc.,
-the job may not have run automatically the first time.
+There are a few different scenarios that can lead to this situation. The solution is to rerun the storage migration job. The job is only automatically run once per asset after upload. If metadata extraction originally failed, the jobs were cleared/canceled, etc., the job may not have run automatically the first time.

 ### How can I hide photos from the timeline?

@@ -117,7 +87,7 @@ See [Backup and Restore](/docs/administration/backup-and-restore.md).

 ### Does Immich support reading existing face tag metadata?

-Yes, it creates new faces and persons from the imported asset metadata. For details see the [feature request #4348](https://github.com/immich-app/immich/discussions/4348) and [PR #6455](https://github.com/immich-app/immich/pull/6455).
+No, it currently does not. There is an [open feature request on GitHub](https://github.com/immich-app/immich/discussions/4348).

 ### Does Immich support the filtering of NSFW images?

@@ -135,8 +105,7 @@ Also, there are additional jobs for person (face) thumbnails.

 ### Why do files from WhatsApp not appear with the correct date?

-Files sent on WhatsApp are saved without metadata on the file. Therefore, Immich has no way of knowing the original date of the file when files are uploaded from WhatsApp,
-not the order of arrival on the device. [See #9116](https://github.com/immich-app/immich/discussions/9116).
+Files sent on WhatsApp are saved without metadata on the file. Therefore, Immich has no way of knowing the original date of the file when files are uploaded from WhatsApp, not the order of arrival on the device. [See #3527](https://github.com/immich-app/immich/issues/3527).

 ### What happens if an asset exists in more than one account?

@@ -164,35 +133,40 @@ For example, say you have existing transcodes with the policy "Videos higher tha

 No. Our design principle is that the original assets should always be untouched.

-### How can I mount a CIFS/Samba volume within Docker?
+### How can I move all data (photos, persons, albums, libraries) from one user to another?

-If you aren't able to or prefer not to mount Samba on the host (such as Windows environment), you can mount the volume within Docker.
-Below is an example in the `docker-compose.yml`.
+This is not officially supported but can be accomplished with some database updates. You can do this on the command line (in the PostgreSQL container using the `psql` command), or you can add, for example, an [Adminer](https://www.adminer.org/) container to the `docker-compose.yml` file so that you can use a web interface.

-Change your username, password, local IP, and share name, and see below where the line `- originals:/usr/src/app/originals`,
-correlates to the section where the volume `originals` was created. You can call this whatever you like, and map it to the docker container as you like.
-For example you could change `originals:` to `Photos:`, and change `- originals:/usr/src/app/originals` to `Photos:/usr/src/app/photos`.
+<details>
+<summary>Steps</summary>

-```diff
-...
-services:
-  immich-server:
-...
-    volumes:
-      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
-      - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /etc/localtime:/etc/localtime:ro
-+     - originals:/usr/src/app/originals
-...
-volumes:
-  model-cache:
-+ originals:
-+   driver_opts:
-+     type: cifs
-+     o: 'iocharset=utf8,username=USERNAMEHERE,password=PASSWORDHERE,rw' # change to `ro` if read only desired
-+     device: '//localipaddress/sharename'
+1. **MAKE A BACKUP** - See [backup and restore](/docs/administration/backup-and-restore.md).
+
+2. Find the ID of both the 'source' and the 'destination' user (it's the id column in the `users` table)
+
+3. Four tables need to be updated:
+
+```sql
+BEGIN;
+-- reassign albums
+UPDATE albums SET "ownerId" = '<destinationId>' WHERE "ownerId" = '<sourceId>';
+
+-- reassign people
+UPDATE person SET "ownerId" = '<destinationId>' WHERE "ownerId" = '<sourceId>';
+
+-- reassign assets
+UPDATE assets SET "ownerId" = '<destinationId>' WHERE "ownerId" = '<sourceId>'
+ AND CHECKSUM NOT IN (SELECT CHECKSUM FROM assets WHERE "ownerId" = '<destinationId>');
+
+-- reassign external libraries
+UPDATE libraries SET "ownerId" = '<destinationId>' WHERE "ownerId" = '<sourceId>';
+COMMIT;
 ```

+4. There might be left-over assets in the 'source' user's library if they are skipped by the last query because of duplicate checksums. These are probably duplicates anyway, and can probably be removed.
+
+</details>
+
 ---

 ## Albums
@@ -217,30 +191,17 @@ We haven't implemented an official mechanism for creating albums from external l

 Duplicate checking only exists for upload libraries, using the file hash. Furthermore, duplicate checking is not global, but _per library_. Therefore, a situation where the same file appears twice in the timeline is possible, especially for external libraries.

-### Why are my edits to files not being saved in read-only external libraries?
-
-Images in read-write external libraries (the default) can be edited as normal.
-In read-only libraries (`:ro` in the `docker-compose.yml`), Immich is unable to create the `.xmp` sidecar files to store edited file metadata.
-For this reason, the metadata (timestamp, location, description, star rating, etc.) cannot be edited for files in read-only external libraries.
-
-### How are deletions of files handled in external libraries?
-
-Immich will attempt to delete original files that have been trashed when the trash is emptied.
-In read-write external libraries (the default), Immich will delete the original file.
-In read-only libraries (`:ro` in the `docker-compose.yml`), files can still be trashed in the UI.
-However, when the trash is emptied, the files will re-appear in the main timeline since Immich is unable to delete the original file.
-
 ---

 ## Machine Learning

 ### How does smart search work?

-Immich uses CLIP models. An ML model converts each image to an "embedding", which is essentially a string of numbers that semantically encodes what is in the image. The same is done for the text that you enter when you do a search, and that text embedding is then compared with those of the images to find similar ones. As such, there are no "tags", "labels", or "descriptions" generated that you can look at. For more information about CLIP and its capabilities, read about it [here](https://openai.com/research/clip).
+Immich uses CLIP models. For more information about CLIP and its capabilities, read about it [here](https://openai.com/research/clip).

 ### How does facial recognition work?

-See [How Facial Recognition Works](/docs/features/facial-recognition#how-facial-recognition-works) for details.
+For face detection and recognition, Immich uses [InsightFace models](https://github.com/deepinsight/insightface/tree/master/model_zoo).

 ### How can I disable machine learning?

@@ -254,15 +215,19 @@ However, disabling all jobs will not disable the machine learning service itself

 ### I'm getting errors about models being corrupt or failing to download. What do I do?

-You can delete the model cache volume, where models are downloaded. This will give the service a clean environment to download the model again. If models are failing to download entirely, you can manually download them from [Hugging Face][huggingface] and place them in the cache folder.
+You can delete the model cache volume, where models are downloaded. This will give the service a clean environment to download the model again. If models are failing to download entirely, you can manually download them from [Huggingface][huggingface] and place them in the cache folder.

 ### Can I use a custom CLIP model?

-No, this is not supported. Only models listed in the [Hugging Face][huggingface] page are compatible. Feel free to make a feature request if there's a model not listed here that you think should be added.
+No, this is not supported. Only models listed in the [Huggingface][huggingface] page are compatible. Feel free to make a feature request if there's a model not listed here that you think should be added.

 ### I want to be able to search in other languages besides English. How can I do that?

-You can change to a multilingual CLIP model. See [here](/docs/features/searching#clip-models) for instructions.
+You can change to a multilingual model listed [here](https://huggingface.co/collections/immich-app/multilingual-clip-654eb08c2382f591eeb8c2a7) by going to Administration > Machine Learning Settings > Smart Search and replacing the name of the model. Be sure to re-run Smart Search on all assets after this change. You can then search in over 100 languages.
+
+:::note
+Feel free to make a feature request if there's a model you want to use that isn't in [Immich Huggingface list][huggingface].
+:::

 ### Does Immich support Facial Recognition for videos?

@@ -273,7 +238,7 @@ Scanning the entire video for faces may be implemented in the future.

 No.
 :::tip
-You can use [Smart Search](/docs/features/searching.md) for this to some extent. For example, if you have a Golden Retriever and a Chihuahua, type these words in the smart search and watch the results.
+You can use [Smart Search](/docs/features/smart-search.md) for this to some extent. For example, if you have a Golden Retriever and a Chihuahua, type these words in the smart search and watch the results.
 :::

 ### I'm getting a lot of "faces" that aren't faces, what can I do?
@@ -303,7 +268,7 @@ ls clip/ facial-recognition/

 ### Why is Immich slow on low-memory systems like the Raspberry Pi?

-Immich optionally uses transcoding and machine learning for several features. However, it can be too heavy to run on a Raspberry Pi. You can [mitigate](/docs/FAQ#can-i-lower-cpu-and-ram-usage) this or host Immich's machine-learning container on a [more powerful system](/docs/guides/remote-machine-learning), or [disable](/docs/FAQ#how-can-i-disable-machine-learning) machine learning entirely.
+Immich optionally uses machine learning for several features. However, it can be too heavy to run on a Raspberry Pi. You can [mitigate](/docs/FAQ#can-i-lower-cpu-and-ram-usage) this or host Immich's machine-learning container on a [more powerful system](/docs/guides/remote-machine-learning), or [disable](/docs/FAQ#how-can-i-disable-machine-learning) machine learning entirely.

 ### Can I lower CPU and RAM usage?

@@ -312,12 +277,10 @@ The initial backup is the most intensive due to the number of jobs running. The
 - Lower the job concurrency for these jobs to 1.
 - Under Settings > Transcoding Settings > Threads, set the number of threads to a low number like 1 or 2.
 - Under Settings > Machine Learning Settings > Facial Recognition > Model Name, you can change the facial recognition model to `buffalo_s` instead of `buffalo_l`. The former is a smaller and faster model, albeit not as good.
-  - For facial recognition on new images to work properly, You must re-run the Face Detection job for all images after this.
- At the container level, you can [set resource constraints](/docs/FAQ#can-i-limit-cpu-and-ram-usage) to lower usage further.
-  - It's recommended to only apply these constraints _after_ taking some of the measures here for best performance.
- If these changes are not enough, see [above](/docs/FAQ#how-can-i-disable-machine-learning) for instructions on how to disable machine learning.
+- For facial recognition on new images to work properly, You must re-run the Face Detection job for all images after this.
+- If these changes are not enough, see [below](/docs/FAQ#how-can-i-disable-machine-learning) for instructions on how to disable machine learning.

-### Can I limit CPU and RAM usage?
+### Can I limit the amount of CPU and RAM usage?

 By default, a container has no resource constraints and can use as much of a given resource as the host's kernel scheduler allows. To limit this, you can add the following to the `docker-compose.yml` block of any containers that you want to have limited resources.

@@ -337,8 +300,6 @@ deploy:
 </details>
 For more details, you can look at the [original docker docs](https://docs.docker.com/config/containers/resource_constraints/) or use this [guide](https://www.baeldung.com/ops/docker-memory-limit).

-Note that memory constraints work by terminating the container, so this can introduce instability if set too low.
-
 ### How can I boost machine learning speed?

 :::note
@@ -348,16 +309,21 @@ This advice improves throughput, not latency. This is to say that it will make S
 You can increase throughput by increasing the job concurrency for machine learning jobs (Smart Search, Face Detection). With higher concurrency, the host will work on more assets in parallel. You can do this by navigating to Administration > Settings > Job Settings and increasing concurrency as needed.

 :::danger
-On a normal machine, 2 or 3 concurrent jobs can probably max the CPU. Storage speed and latency can quickly become the limiting factor beyond this, particularly when using HDDs.
+On a normal machine, 2 or 3 concurrent jobs can probably max the CPU. Beyond this, note that storage speed and latency may quickly become the limiting factor; particularly when using HDDs.

-The concurrency can be increased more comfortably with a GPU, but should still not be above 16 in most cases.
+Do not exaggerate with the amount of jobs because you're probably thoroughly overloading the server.

-Do not exaggerate with the job concurrency because you're probably thoroughly overloading the server.
+More details can be found [here](https://discord.com/channels/979116623879368755/994044917355663450/1174711719994605708)
 :::

-### My server shows Server Status Offline | Version Unknown. What can I do?
+### Why is Immich using so much of my CPU?

-You need to [enable WebSockets](/docs/administration/reverse-proxy/) on your reverse proxy.
+When a large number of assets are uploaded to Immich, it makes sense that the CPU and RAM will be heavily used for machine learning work and creating image thumbnails.
+Once this process is completed, the percentage of CPU usage will drop to around 3-5% usage
+
+### My server shows Server Status Offline | Version Unknown what can I do?
+
+You need to enable Websocket on your reverse proxy.

 ---

@@ -367,12 +333,6 @@ You need to [enable WebSockets](/docs/administration/reverse-proxy/) on your rev

 Immich components are typically deployed using docker. To see logs for deployed docker containers, you can use the [Docker CLI](https://docs.docker.com/engine/reference/commandline/cli/), specifically the `docker logs` command. For examples, see [Docker Help](/docs/guides/docker-help.md).

-### How can I reduce the log verbosity of Redis?
-
-To decrease Redis logs, you can add the following line to the `redis:` section of the `docker-compose.yml`:
-
-`    command: redis-server --loglevel warning`
-
 ### How can I run Immich as a non-root user?

 You can change the user in the container by setting the `user` argument in `docker-compose.yml` for each service.
@@ -382,13 +342,9 @@ You may need to add mount points or docker volumes for the following internal co
 - `immich-machine-learning:/.cache`
 - `redis:/data`

-The non-root user/group needs read/write access to the volume mounts, including `UPLOAD_LOCATION` and `/cache` for machine-learning.
+The non-root user/group needs read/write access to the volume mounts, including `UPLOAD_LOCATION`.

-:::note Docker Compose Volumes
-The Docker Compose top level volume element does not support non-root access, all of the above volumes must be local volume mounts.
-:::
-
-For a further hardened system, you can add the following block to every container.
+For a further hardened system, you can add the following block to every container except for `immich_postgres`.

 <details>
 <summary>docker-compose.yml</summary>
@@ -437,28 +393,29 @@ If the error says the worker is exiting, then this is normal. This is a feature

 There are a few reasons why this can happen.

-If the error mentions SIGKILL or error code 137, it most likely means the service is running out of memory.
-Consider either increasing the server's RAM or moving the service to a server with more RAM.
+If the error mentions SIGKILL or error code 137, it most likely means the service is running out of memory. Consider either increasing the server's RAM or moving the service to a server with more RAM.

-If it mentions SIGILL (note the lack of a K) or error code 132, it most likely means your server's CPU is incompatible with Immich.
+If it mentions SIGILL (note the lack of a K) or error code 132, it most likely means your server's CPU is incompatible. This is unlikely to occur on version 1.92.0 or later. Consider upgrading if your version of Immich is below that.
+
+If your version of Immich is below 1.92.0 and the crash occurs after logs about tracing or exporting a model, consider either upgrading or disabling the Tag Objects job.

 ## Database

 ### Why am I getting database ownership errors?

 If you get database errors such as `FATAL:  data directory "/var/lib/postgresql/data" has wrong ownership` upon database startup, this is likely due to an issue with your filesystem.
-NTFS and ex/FAT/32 filesystems are not supported. See [here](/docs/install/requirements#special-requirements-for-windows-users) for more details.
+NTFS and ex/FAT/32 filesystems are not supported. See [here](/docs/install/environment-variables#supported-filesystems) for more details.

 ### How can I verify the integrity of my database?

-Database checksums are enabled by default for new installations since v1.104.0. You can check if they are enabled by running the following command.
+If you installed Immich using v1.104.0 or later, you likely have database checksums enabled by default. You can check this by running the following command.
 A result of `on` means that checksums are enabled.

 <details>
 <summary>Check if checksums are enabled</summary>

 ```bash
-docker exec -it immich_postgres psql --dbname=postgres --username=<DB_USERNAME> --command="show data_checksums"
+docker exec -it immich_postgres psql --dbname=immich --username=<DB_USERNAME> --command="show data_checksums"
 data_checksums
 ----------------
 on
@@ -467,13 +424,13 @@ docker exec -it immich_postgres psql --dbname=postgres --username=<DB_USERNAME>

 </details>

-If checksums are enabled, you can check the status of the database with the following command. A normal result is all `0`s.
+If checksums are enabled, you can check the status of the database with the following command. A normal result is all zeroes.

 <details>
 <summary>Check for database corruption</summary>

 ```bash
-docker exec -it immich_postgres psql --dbname=postgres --username=<DB_USERNAME> --command="SELECT datname, checksum_failures, checksum_last_failure FROM pg_stat_database WHERE datname IS NOT NULL"
+docker exec -it immich_postgres psql --dbname=immich --username=<DB_USERNAME> --command="SELECT datname, checksum_failures, checksum_last_failure FROM pg_stat_database WHERE datname IS NOT NULL"
  datname  | checksum_failures | checksum_last_failure
 -----------+-------------------+-----------------------
 postgres  |                 0 |
@@ -485,29 +442,4 @@ docker exec -it immich_postgres psql --dbname=postgres --username=<DB_USERNAME>

 </details>

-You can also scan the Postgres database file structure for errors:
-
-<details>
-<summary>Scan for file structure errors</summary>
-```bash
-docker exec -it immich_postgres pg_amcheck --username=postgres --heapallindexed --parent-check --rootdescend --progress --all --install-missing
-```
-
-A normal result will end something like this and return with an exit code of `0`:
-
-```bash
-7470/8832 relations (84%), 730829/734735 pages (99%)
-8425/8832 relations (95%), 734367/734735 pages (99%)
-8832/8832 relations (100%), 734735/734735 pages (100%)
-```
-
-</details>
-
-If corruption is detected, you should immediately make a backup before performing any other work in the database.
-To do so, you may need to set the `zero_damaged_pages=on` flag for the database server to allow `pg_dumpall` to succeed.
-After taking a backup, the recommended next step is to restore the database from a healthy backup before corruption was detected.
-The damaged database dump can be used to manually recover any changes made since the last backup, if needed.
-
-The causes of possible corruption are many, but can include unexpected poweroffs or unmounts, use of a network share for Postgres data, or a poor storage medium such an SD card or failing HDD/SSD.
-
 [huggingface]: https://huggingface.co/immich-app
--- a/docs/docs/administration/backup-and-restore.md
+++ b/docs/docs/administration/backup-and-restore.md
@@ -5,10 +5,6 @@ import TabItem from '@theme/TabItem';

 A [3-2-1 backup strategy](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) is recommended to protect your data. You should keep copies of your uploaded photos/videos as well as the Immich database for a comprehensive backup solution. This page provides an overview on how to backup the database and the location of user-uploaded pictures and videos. A template bash script that can be run as a cron job is provided [here](/docs/guides/template-backup-script.md)

-:::danger
-The instructions on this page show you how to prepare your Immich instance to be backed up, and which files to take a backup of. You still need to take care of using an actual backup tool to make a backup yourself.
-:::
-
 ## Database

 :::caution
@@ -19,31 +15,12 @@ Immich saves [file paths in the database](https://github.com/immich-app/immich/d
 Refer to the official [postgres documentation](https://www.postgresql.org/docs/current/backup.html) for details about backing up and restoring a postgres database.
 :::

+The recommended way to backup and restore the Immich database is to use the `pg_dumpall` command. When restoring, you need to delete the `DB_DATA_LOCATION` folder (if it exists) to reset the database.
+
 :::caution
 It is not recommended to directly backup the `DB_DATA_LOCATION` folder. Doing so while the database is running can lead to a corrupted backup that cannot be restored.
 :::

-### Automatic Database Backups
-
-For convenience, Immich will automatically create database backups by default. The backups are stored in `UPLOAD_LOCATION/backups`.  
-As mentioned above, you should make your own backup of these together with the asset folders as noted below.  
-You can adjust the schedule and amount of kept backups in the [admin settings](http://my.immich.app/admin/system-settings?isOpen=backup).  
-By default, Immich will keep the last 14 backups and create a new backup every day at 2:00 AM.
-
-#### Trigger Backup
-
-You are able to trigger a backup in the [admin job status page](http://my.immich.app/admin/jobs-status).
-Visit the page, open the "Create job" modal from the top right, select "Backup Database" and click "Confirm".
-A job will run and trigger a backup, you can verify this worked correctly by checking the logs or the backup folder.
-This backup will count towards the last X backups that will be kept based on your settings.
-
-#### Restoring
-
-We hope to make restoring simpler in future versions, for now you can find the backups in the `UPLOAD_LOCATION/backups` folder on your host.  
-Then please follow the steps in the following section for restoring the database.
-
-### Manual Backup and Restore
-
 <Tabs>
  <TabItem value="Linux system" label="Linux system" default>

@@ -52,62 +29,92 @@ docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgre
 ```

 ```bash title='Restore'
-docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch
-## Uncomment the next line and replace DB_DATA_LOCATION with your Postgres path to permanently reset the Postgres database
-# rm -rf DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch
-docker compose pull             # Update to latest version of Immich (if desired)
-docker compose create           # Create Docker containers for Immich apps without running them
+docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch.
+# rm -rf DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch.
+docker compose pull     # Update to latest version of Immich (if desired)
+docker compose create   # Create Docker containers for Immich apps without running them.
 docker start immich_postgres    # Start Postgres server
-sleep 10                        # Wait for Postgres server to start up
-# Check the database user if you deviated from the default
-gunzip --stdout "/path/to/backup/dump.sql.gz" \
+sleep 10    # Wait for Postgres server to start up
+gunzip < "/path/to/backup/dump.sql.gz" \
 | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
-| docker exec -i immich_postgres psql --dbname=postgres --username=<DB_USERNAME>  # Restore Backup
-docker compose up -d            # Start remainder of Immich apps
+| docker exec -i immich_postgres psql --username=postgres    # Restore Backup
+docker compose up -d    # Start remainder of Immich apps
 ```

 </TabItem>
  <TabItem value="Windows system (PowerShell)" label="Windows system (PowerShell)">

 ```powershell title='Backup'
-[System.IO.File]::WriteAllLines("C:\absolute\path\to\backup\dump.sql", (docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgres))
+docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgres > "\path\to\backup\dump.sql"
 ```

 ```powershell title='Restore'
-docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch
-## Uncomment the next line and replace DB_DATA_LOCATION with your Postgres path to permanently reset the Postgres database
-# Remove-Item -Recurse -Force DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch
-## You should mount the backup (as a volume, example: `- 'C:\path\to\backup\dump.sql:/dump.sql'`) into the immich_postgres container using the docker-compose.yml
-docker compose pull                               # Update to latest version of Immich (if desired)
-docker compose create                             # Create Docker containers for Immich apps without running them
-docker start immich_postgres                      # Start Postgres server
-sleep 10                                          # Wait for Postgres server to start up
-docker exec -it immich_postgres bash              # Enter the Docker shell and run the following command
-# Check the database user if you deviated from the default. If your backup ends in `.gz`, replace `cat` with `gunzip --stdout`
-cat "/dump.sql" | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" | psql --dbname=postgres --username=<DB_USERNAME>
-exit                                              # Exit the Docker shell
-docker compose up -d                              # Start remainder of Immich apps
+docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch.
+# Remove-Item -Recurse -Force DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch.
+docker compose pull     # Update to latest version of Immich (if desired)
+docker compose create   # Create Docker containers for Immich apps without running them.
+docker start immich_postgres    # Start Postgres server
+sleep 10    # Wait for Postgres server to start up
+gc "C:\path\to\backup\dump.sql" | docker exec -i immich_postgres psql --username=postgres   # Restore Backup
+docker compose up -d    # Start remainder of Immich apps
 ```

 </TabItem>
 </Tabs>

-Note that for the database restore to proceed properly, it requires a completely fresh install (i.e. the Immich server has never run since creating the Docker containers). If the Immich app has run, Postgres conflicts may be encountered upon database restoration (relation already exists, violated foreign key constraints, multiple primary keys, etc.), in which case you need to delete the `DB_DATA_LOCATION` folder to reset the database.
+Note that for the database restore to proceed properly, it requires a completely fresh install (i.e. the Immich server has never run since creating the Docker containers). If the Immich app has run, Postgres conflicts may be encountered upon database restoration (relation already exists, violated foreign key constraints, multiple primary keys, etc.).

 :::tip
-Some deployment methods make it difficult to start the database without also starting the server. In these cases, you may set the environment variable `DB_SKIP_MIGRATIONS=true` before starting the services. This will prevent the server from running migrations that interfere with the restore process. Be sure to remove this variable and restart the services after the database is restored.
+Some deployment methods make it difficult to start the database without also starting the server or microservices. In these cases, you may set the environmental variable `DB_SKIP_MIGRATIONS=true` before starting the services. This will prevent the server from running migrations that interfere with the restore process. Note that both the server and microservices must have this variable set to prevent the migrations from running. Be sure to remove this variable and restart the services after the database is restored.
+:::
+
+The database dumps can also be automated (using [this image](https://github.com/prodrigestivill/docker-postgres-backup-local)) by editing the docker compose file to match the following:
+
+```yaml
+services:
+  ...
+  backup:
+    container_name: immich_db_dumper
+    image: prodrigestivill/postgres-backup-local:14
+    env_file:
+      - .env
+    environment:
+      POSTGRES_HOST: database
+      POSTGRES_CLUSTER: 'TRUE'
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      SCHEDULE: "@daily"
+      POSTGRES_EXTRA_OPTS: '--clean --if-exists'
+      BACKUP_DIR: /db_dumps
+    volumes:
+      - ./db_dumps:/db_dumps
+    depends_on:
+      - database
+```
+
+Then you can restore with the same command but pointed at the latest dump.
+
+```bash title='Automated Restore'
+gunzip < db_dumps/last/immich-latest.sql.gz \
+| sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
+| docker exec -i immich_postgres psql --username=postgres
+```
+
+:::note
+If you see the error `ERROR:  type "earth" does not exist`, or you have problems with Reverse Geocoding after a restore, add the following `sed` fragment to your restore command.
+
+Example: `gunzip < "/path/to/backup/dump.sql.gz" | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" | docker exec -i immich_postgres psql --username=postgres`
 :::

 ## Filesystem

-Immich stores two types of content in the filesystem: (a) original, unmodified assets (photos and videos), and (b) generated content. We recommend backing up the entire contents of `UPLOAD_LOCATION`, but only the original content is critical, which is stored in the following folders:
+Immich stores two types of content in the filesystem: (1) original, unmodified assets (photos and videos), and (2) generated content. Only the original content needs to be backed-up, which is stored in the following folders:

 1. `UPLOAD_LOCATION/library`
 2. `UPLOAD_LOCATION/upload`
 3. `UPLOAD_LOCATION/profile`

-If you choose to back up only those folders, you will need to rerun the transcoding and thumbnail generation jobs for all assets after you restore from a backup.
-
 :::caution
 If you moved some of these folders onto a different storage device, such as `profile/`, make sure to adjust the backup path to match your setup
 :::
@@ -141,21 +148,9 @@ for more info read the [release notes](https://github.com/immich-app/immich/rele
  - Preview images (small thumbnails and large previews) for each asset and thumbnails for recognized faces.
  - Stored in `UPLOAD_LOCATION/thumbs/<userID>`.
 - **Encoded Assets:**
-
  - Videos that have been re-encoded from the original for wider compatibility. The original is not removed.
  - Stored in `UPLOAD_LOCATION/encoded-video/<userID>`.

- **Postgres**
-
-  - The Immich database containing all the information to allow the system to function properly.  
-    **Note:** This folder will only appear to users who have made the changes mentioned in [v1.102.0](https://github.com/immich-app/immich/discussions/8930) (an optional, non-mandatory change) or who started with this version.
-  - Stored in `DB_DATA_LOCATION`.
-
-  :::danger
-  A backup of this folder does not constitute a backup of your database!
-  Follow the instructions listed [here](/docs/administration/backup-and-restore#database) to learn how to perform a proper backup.
-  :::
-
 </TabItem>
  <TabItem value="Storage Template On" label="Storage Template On">

@@ -183,7 +178,7 @@ When you turn off the storage template engine, it will leave the assets in `UPLO
  - Stored in `UPLOAD_LOCATION/profile/<userID>`.
 - **Thumbs Images:**
  - Preview images (blurred, small, large) for each asset and thumbnails for recognized faces.
-  - Stored in `UPLOAD_LOCATION/thumbs/<userID>`.
+  - Stored in `UPLOCAD_LOCATION/thumbs/<userID>`.
 - **Encoded Assets:**
  - Videos that have been re-encoded from the original for wider compatibility. The original is not removed.
  - Stored in `UPLOAD_LOCATION/encoded-video/<userID>`.
@@ -191,22 +186,11 @@ When you turn off the storage template engine, it will leave the assets in `UPLO
  - Files uploaded through mobile apps.
  - Temporarily located in `UPLOAD_LOCATION/upload/<userID>`.
  - Transferred to `UPLOAD_LOCATION/library/<userID>` upon successful upload.
- **Postgres**
-
-  - The Immich database containing all the information to allow the system to function properly.  
-    **Note:** This folder will only appear to users who have made the changes mentioned in [v1.102.0](https://github.com/immich-app/immich/discussions/8930) (an optional, non-mandatory change) or who started with this version.
-  - Stored in `DB_DATA_LOCATION`.
-
-  :::danger
-  A backup of this folder does not constitute a backup of your database!
-  Follow the instructions listed [here](/docs/administration/backup-and-restore#database) to learn how to perform a proper backup.
-  :::

 </TabItem>
-
 </Tabs>

 :::danger
-Do not touch the files inside these folders under any circumstances except taking a backup. Changing or removing an asset can cause untracked and missing files.
+Do not touch the files inside these folders under any circumstances except taking a backup, changing or removing an asset can cause untracked and missing files.
 You can think of it as App-Which-Must-Not-Be-Named, the only access to viewing, changing and deleting assets is only through the mobile or browser interface.
 :::
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
martin	a20ff86591	Update web/src/lib/components/photos-page/asset-grid.svelte Co-authored-by: Daniel Dietzler <36593685+danieldietzler@users.noreply.github.com>	2024-05-27 21:02:08 +02:00
martin	43aa1e8162	Update web/src/lib/actions/focus.ts Co-authored-by: Daniel Dietzler <36593685+danieldietzler@users.noreply.github.com>	2024-05-27 21:02:01 +02:00
martabal	683f503647	feat: use shortcut to favorite and archive on asset-grid	2024-05-25 12:58:49 +02:00
				`@@ -1 +0,0 @@`
				`custom: ['https://buy.immich.app', 'https://immich.store']`
@@ -1 +1 @@
 .14.0
 .13