immich Docker Compose (How it Works for Developers)

Introduction

Immich Docker is the setup of Immich, an open-source, self-hosted photo and video backup solution inside a Docker container. Docker is a lightweight and widely adopted platform for developing, distributing, and running applications with both physical and virtualized servers. Thanks to Docker, Immich can be easily installed on most systems and be operational with no complex configuration and headaches related to dependencies. This containerized approach to managing Immich makes it easier, allowing users to store, back up, and manage their media files securely.

Besides, Docker ensures consistency across different environments, and thus, users can easily move or scale their Immich instance with minimal hassle. This means Immich Docker would present the most efficient and seamless ways anybody hoping to self-host his/her media backup solution would have done using Docker.

Features of Immich

Immich Docker installs several out-of-the-box features that make deploying and managing the Immich photo and video backup solution much easier. This, in return, makes it pretty appealing for those who will self-host their media files securely and effectively. Among the main features of Immich Docker are the following:

Easy to deploy: Immich Docker has provided standard Docker images, making deployment easy. Besides, it keeps users away from dependent packages and complicated configuration; thus, users can immediately deploy Immich.

Cross-platform: Each Docker container makes sure the device can be run on most systems with Docker on Linux, macOS, and Windows OS. That makes the project highly portable across different environments.

Isolation: Besides, Immich services running in the Docker container would be kept isolated from other applications and services on the host machine. This would reduce conflicts, and compatibility issues, and would definitely make the operating environment much more stable for Immich.

Generally, scalability is very easy, most of all when a lot of volumes of media data are involved with deployment for Immich Docker users. Since Docker is inherently scalable, upgrading or increasing resources can be really quite easy.

Security: The reason is, that Docker containers introduce a layer of sandboxing away from the underlying system, giving extra security. Besides this, Immich self-hosting offers the possibility of allowing users full control over their data, and database storage location thus heightening privacy and security.

Automated Updates: Containers are relatively lightweight, easy to update, and maintenance-friendly; thus, users of Docker easily switch to newer features with the latest security patches with very few or no disruptions at all.

Backup and Restore: Immich Docker creates one source of truth when it comes to backing up media so one can restore photos and videos. Docker makes sure that all deployments have the same data.

Customizable: Immich is self-hosted, so users can modify it as per their requirements for more effective integration with other services and scaling options.

Community Support: It's an open-source project; therefore, the community provides continuous improvement, bug fixing, and support to its users.

Install Immich Docker

Prerequisites

• Install Docker and Docker Compose on your system.
• Ensure your machine has enough resources: 4GB or more RAM is recommended.

Clone Immich Repository

Download the docker-compose file from Git Hub.

git clone https://github.com/immich-app/immich.git
cd immich

git clone https://github.com/immich-app/immich.git
cd immich

Configure Environment Variables

To alter it, make a copy of the sample environment file and docker compose.yml files:

cp .env.example .env

cp .env.example .env

'INSTANT VB TODO TASK: The following line uses invalid syntax:
'cp.env.example.env

Open the .env file and set up variables (such as port, storage location env file name, and database credentials). In most configurations, the default settings are sufficient.

# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
# The location where your uploaded files are stored
UPLOAD_LOCATION=./library
# The location where your database files are stored
DB_DATA_LOCATION=./postgres
# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
# TZ=Etc/UTC
# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=release
# Connection secret for postgres. You should change it to a random password
# Please use only the characters `A-Za-z0-9`, without special characters or spaces
DB_PASSWORD=postgres
# The values below this line do not need to be changed
###################################################################################
DB_USERNAME=postgres
DB_DATABASE_NAME=postgres

# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
# The location where your uploaded files are stored
UPLOAD_LOCATION=./library
# The location where your database files are stored
DB_DATA_LOCATION=./postgres
# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
# TZ=Etc/UTC
# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=release
# Connection secret for postgres. You should change it to a random password
# Please use only the characters `A-Za-z0-9`, without special characters or spaces
DB_PASSWORD=postgres
# The values below this line do not need to be changed
###################################################################################
DB_USERNAME=postgres
DB_DATABASE_NAME=postgres

#You can find documentation for all the supported env variables at https: 'immich.app/docs/install/environment-variables
#The location where your uploaded files are stored
#The location where your database files are stored
#To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https: 'en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
#TZ=Etc/UTC
#The Immich version to use. You can pin this to a specific version like "v1.71.0"
#Connection secret for postgres. You should change it to a random password
#Please use only the characters `A-Za-z0-9`, without special characters or spaces
#The values below this line do not need to be changed
###################################################################################
'INSTANT VB TODO TASK: The following line uses invalid syntax:
'UPLOAD_LOCATION=./library DB_DATA_LOCATION=./postgres IMMICH_VERSION=release DB_PASSWORD=postgres DB_USERNAME=postgres DB_DATABASE_NAME=postgres

Launch Immich

Use Docker Compose to start the Immich server:

docker-compose up -d

docker-compose up -d

This command pulls all required images and starts the necessary containers:

• Backend
• Frontend
• Database (PostgreSQL)
• Redis (for caching)
• Machine Learning models (for features like facial recognition)

Access Immich on Your Browser

When all the files are downloaded make sure to env restart. Once the containers are running, open the browser and enter the below link.

http://localhost:2283

http://localhost:2283

http: 'localhost:2283

Replace env ports with 2283 with the specified port if you have altered the port in the .env file.

Create or Log in Immich account

First-time use: when you first access the Immich URL it will display the web UI.

You will be asked to create an admin account.

Fill in the required information, and Immich will walk you through the setup.

Set Up Immich in the Web Interface

• Settings: Go into Immich's detailed settings via the admin dashboard.
• Upload Media: Now upload some photos/videos for testing.
• Explore Features: Enjoy other features such as Face detection, object tagging, and so on.

Once set up, you'll be able to access Immich right from your browser and get started with the management of your photo and video library.

What is IronSecureDoc?

IronSecureDoc is an advanced utility for document management and security, boasting robust encryption, advanced PDF manipulation, and digital signing. It provides companies and developers with document confidentiality and integrity along with smooth access and, therefore, simplifies the processing of PDF documents. It can also be called an aggressive PDF API in cases when its features allow developers to programmatically create, upload, manipulate, and secure PDF files and documents.

Other than that, IronPDF is a PDF API allowing the creation of PDFs from any data input, adding and editing content with parameters such as text, images, and metadata. This includes the facility of merging several PDFs to compose files, splitting documents, and even annotating comments, highlights, or watermarks.

Among its security features are password protection, AES encryption, and certificate-based access controls that secure all sensitive information and data. Besides this, it allows digital signing to authenticate documents and nonrepudiation, a very important feature in industries like financial, medical, and legal. The audit trail functionality allows it to keep track of all activities performed on the documents for better compliance and accountability.

Install and Run IronSecureDoc

Pull the Docker image of IronSecureDoc from the repository below by running this command at the Command Prompt or an open terminal window.

docker pull ironsoftwareofficial/ironsecuredoc

docker pull ironsoftwareofficial/ironsecuredoc

We will pull an image from the Docker container and then use another command to start the IronSecureDoc, an operating container.

docker container run --rm -p 8080:8080 -e IronSecureDoc_LicenseKey=<IRONSECUREDOC_LICENSE_KEY> -e ENVIRONMENT=Development -e HTTP_PORTS=8080 ironsoftwareofficial/ironsecuredoc:latest

docker container run --rm -p 8080:8080 -e IronSecureDoc_LicenseKey=<IRONSECUREDOC_LICENSE_KEY> -e ENVIRONMENT=Development -e HTTP_PORTS=8080 ironsoftwareofficial/ironsecuredoc:latest

The Docker run command above will start a container instance of the IronSecureDoc.

Download the Signature from Immich and add the signed PDF document

The REST API in IronSecureDoc is a modern web interface that enables developers to interact safely with the document management and PDF processing features of the software. Using RESTful principles, this API allows users to easily understand and standardize the integration of the functionalities of IronSecureDoc into their custom applications regardless of the technology stack used.

Download the image from Immich

Above is the sample signature file which is uploaded on the Immich.

using System;
using System.Net.Http;
using System.Threading.Tasks;
class ImmichIntegration
{
    private static readonly HttpClient client = new HttpClient();
    public async Task<string> GetImageFromImmich(string imageId, string immichBaseUrl, string apiKey)
    {
        client.DefaultRequestHeaders.Add("Authorization", $"Bearer {apiKey}");
        var response = await client.GetAsync($"{immichBaseUrl}/api/media/{imageId}");
        response.EnsureSuccessStatusCode();
        var responseData = await response.Content.ReadAsStringAsync();
        Console.WriteLine("Image data retrieved successfully!");
        return responseData; // Contains image metadata or downloadable URL
    }
}

using System;
using System.Net.Http;
using System.Threading.Tasks;
class ImmichIntegration
{
    private static readonly HttpClient client = new HttpClient();
    public async Task<string> GetImageFromImmich(string imageId, string immichBaseUrl, string apiKey)
    {
        client.DefaultRequestHeaders.Add("Authorization", $"Bearer {apiKey}");
        var response = await client.GetAsync($"{immichBaseUrl}/api/media/{imageId}");
        response.EnsureSuccessStatusCode();
        var responseData = await response.Content.ReadAsStringAsync();
        Console.WriteLine("Image data retrieved successfully!");
        return responseData; // Contains image metadata or downloadable URL
    }
}

Imports System
Imports System.Net.Http
Imports System.Threading.Tasks
Friend Class ImmichIntegration
	Private Shared ReadOnly client As New HttpClient()
	Public Async Function GetImageFromImmich(ByVal imageId As String, ByVal immichBaseUrl As String, ByVal apiKey As String) As Task(Of String)
		client.DefaultRequestHeaders.Add("Authorization", $"Bearer {apiKey}")
		Dim response = Await client.GetAsync($"{immichBaseUrl}/api/media/{imageId}")
		response.EnsureSuccessStatusCode()
		Dim responseData = Await response.Content.ReadAsStringAsync()
		Console.WriteLine("Image data retrieved successfully!")
		Return responseData ' Contains image metadata or downloadable URL
	End Function
End Class

The code allows us to download the image from the Immich server. Make sure to generate an API key from the Immich server.

Upload Image to IronSecureDoc

using System.IO;
class IronSecureDocIntegration
{
    private static readonly HttpClient client = new HttpClient();
    public async Task UploadImageToIronSecureDoc(string imagePath)
    {
    var request = new HttpRequestMessage(HttpMethod.Post, "http://localhost:8080/v1/document-services/pdfs/sign?sign_specific_page=0&signature_image_x=100&signature_image_y=150&signature_image_w=300&signature_image_h=400&certificate_password=Ibrahim%4021&certificate_permissions=1");
    request.Headers.Add("sec-ch-ua-platform", "\"Windows\"");
    request.Headers.Add("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36");
    request.Headers.Add("accept", "*/*");
    request.Headers.Add("sec-ch-ua", "\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"");
    request.Headers.Add("sec-ch-ua-mobile", "?0");
    request.Headers.Add("Sec-Fetch-Site", "same-origin");
    request.Headers.Add("Sec-Fetch-Mode", "cors");
    request.Headers.Add("Sec-Fetch-Dest", "empty");
    request.Headers.Add("host", "localhost");
    var content = new MultipartFormDataContent();
    content.Add(new StreamContent(File.OpenRead(imagePath)), "signature_image_file", imagePath);
    content.Add(new StreamContent(File.OpenRead("IronsecureDoc.pfx")), "certificate_file", "IronsecureDoc.pfx");
    content.Add(new StreamContent(File.OpenRead("Input.pdf")), "pdf_file", "Input.pdf");
    request.Content = content;
    var response = await client.SendAsync(request);
    response.EnsureSuccessStatusCode();
    //save the file as required
    Console.WriteLine(await response.Content.ReadAsStringAsync());
    }
}

using System.IO;
class IronSecureDocIntegration
{
    private static readonly HttpClient client = new HttpClient();
    public async Task UploadImageToIronSecureDoc(string imagePath)
    {
    var request = new HttpRequestMessage(HttpMethod.Post, "http://localhost:8080/v1/document-services/pdfs/sign?sign_specific_page=0&signature_image_x=100&signature_image_y=150&signature_image_w=300&signature_image_h=400&certificate_password=Ibrahim%4021&certificate_permissions=1");
    request.Headers.Add("sec-ch-ua-platform", "\"Windows\"");
    request.Headers.Add("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36");
    request.Headers.Add("accept", "*/*");
    request.Headers.Add("sec-ch-ua", "\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"");
    request.Headers.Add("sec-ch-ua-mobile", "?0");
    request.Headers.Add("Sec-Fetch-Site", "same-origin");
    request.Headers.Add("Sec-Fetch-Mode", "cors");
    request.Headers.Add("Sec-Fetch-Dest", "empty");
    request.Headers.Add("host", "localhost");
    var content = new MultipartFormDataContent();
    content.Add(new StreamContent(File.OpenRead(imagePath)), "signature_image_file", imagePath);
    content.Add(new StreamContent(File.OpenRead("IronsecureDoc.pfx")), "certificate_file", "IronsecureDoc.pfx");
    content.Add(new StreamContent(File.OpenRead("Input.pdf")), "pdf_file", "Input.pdf");
    request.Content = content;
    var response = await client.SendAsync(request);
    response.EnsureSuccessStatusCode();
    //save the file as required
    Console.WriteLine(await response.Content.ReadAsStringAsync());
    }
}

Imports System.IO
Friend Class IronSecureDocIntegration
	Private Shared ReadOnly client As New HttpClient()
	Public Async Function UploadImageToIronSecureDoc(ByVal imagePath As String) As Task
	Dim request = New HttpRequestMessage(HttpMethod.Post, "http://localhost:8080/v1/document-services/pdfs/sign?sign_specific_page=0&signature_image_x=100&signature_image_y=150&signature_image_w=300&signature_image_h=400&certificate_password=Ibrahim%4021&certificate_permissions=1")
	request.Headers.Add("sec-ch-ua-platform", """Windows""")
	request.Headers.Add("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36")
	request.Headers.Add("accept", "*/*")
	request.Headers.Add("sec-ch-ua", """Google Chrome"";v=""131"", ""Chromium"";v=""131"", ""Not_A Brand"";v=""24""")
	request.Headers.Add("sec-ch-ua-mobile", "?0")
	request.Headers.Add("Sec-Fetch-Site", "same-origin")
	request.Headers.Add("Sec-Fetch-Mode", "cors")
	request.Headers.Add("Sec-Fetch-Dest", "empty")
	request.Headers.Add("host", "localhost")
	Dim content = New MultipartFormDataContent()
	content.Add(New StreamContent(File.OpenRead(imagePath)), "signature_image_file", imagePath)
	content.Add(New StreamContent(File.OpenRead("IronsecureDoc.pfx")), "certificate_file", "IronsecureDoc.pfx")
	content.Add(New StreamContent(File.OpenRead("Input.pdf")), "pdf_file", "Input.pdf")
	request.Content = content
	Dim response = Await client.SendAsync(request)
	response.EnsureSuccessStatusCode()
	'save the file as required
	Console.WriteLine(Await response.Content.ReadAsStringAsync())
	End Function
End Class

Calling Immich and IronSecureDoc

The code below will help us integrate it.

class Integration
{
    public async Task IntegrateImmichWithIronSecureDoc(string immichImageId, string immichBaseUrl, string immichApiKey,string imagePath)
    {
        var immich = new ImmichIntegration();
        var ironSecureDoc = new IronSecureDocIntegration();
        // Step 1: Fetch image metadata or download from Immich
        string imageData = await immich.GetImageFromImmich(immichImageId, immichBaseUrl, immichApiKey);
        // Step 2: Optionally download the image locally using imageData URL (not shown here)
        // Assume imagePath is the downloaded image file path
        // Step 3: Upload the image to IronSecureDoc
        await ironSecureDoc.UploadImageToIronSecureDoc(imagePath);
    }
}

class Integration
{
    public async Task IntegrateImmichWithIronSecureDoc(string immichImageId, string immichBaseUrl, string immichApiKey,string imagePath)
    {
        var immich = new ImmichIntegration();
        var ironSecureDoc = new IronSecureDocIntegration();
        // Step 1: Fetch image metadata or download from Immich
        string imageData = await immich.GetImageFromImmich(immichImageId, immichBaseUrl, immichApiKey);
        // Step 2: Optionally download the image locally using imageData URL (not shown here)
        // Assume imagePath is the downloaded image file path
        // Step 3: Upload the image to IronSecureDoc
        await ironSecureDoc.UploadImageToIronSecureDoc(imagePath);
    }
}

Friend Class Integration
	Public Async Function IntegrateImmichWithIronSecureDoc(ByVal immichImageId As String, ByVal immichBaseUrl As String, ByVal immichApiKey As String, ByVal imagePath As String) As Task
		Dim immich = New ImmichIntegration()
		Dim ironSecureDoc = New IronSecureDocIntegration()
		' Step 1: Fetch image metadata or download from Immich
		Dim imageData As String = Await immich.GetImageFromImmich(immichImageId, immichBaseUrl, immichApiKey)
		' Step 2: Optionally download the image locally using imageData URL (not shown here)
		' Assume imagePath is the downloaded image file path
		' Step 3: Upload the image to IronSecureDoc
		Await ironSecureDoc.UploadImageToIronSecureDoc(imagePath)
	End Function
End Class

Use IronSecureDoc's API to attach photos and apply digital signatures. Add the necessary API call in the IronSecureDocIntegration class to complete the document. Below is the sample PDF generated from the IronSecureDoc after adding the signature.

Conclusion

While both Immich and IronSecureDoc do a great job in responding to specific needs, they serve different use cases best. Immich does self-hosted, feature-rich photo and video management well, such as facial recognition, object detection, and streamlined organization of multimedia files. It is going to be ideal for personal or small-scale, media storage location management where one wants a solution tailored exactly to their needs.

IronSecureDoc is an organization-wide secure document and signing solution that integrates the fantastic benefits of advanced encryption with the simplicity of integrating workflow to allow security, scalability, and professional-grade document handling to come together.

Reliable and Compliant: Since it offers complete audit capabilities with strong security, it is reliable and compliant. Using the IronSecureDoc REST API, developers of web, mobile, and corporate systems can now easily integrate secure printing and efficient PDF format and handling with their applications. To learn more about the licensing of IronSecureDoc, check the licensing page. To learn more about the offerings from Iron Software, visit the IronSuite page.