Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| services:immich [2025/02/24 10:32] – [SSO authentication setup] willy | services:immich [2025/03/13 14:41] (current) – [Installation] willy | ||
|---|---|---|---|
| Line 18: | Line 18: | ||
| Immich needs to be installed using a docker compose file. This is the official and only supported installation method. I will show you, of course, how to run it rootless with podman. Immich installation is detailed [[https:// | Immich needs to be installed using a docker compose file. This is the official and only supported installation method. I will show you, of course, how to run it rootless with podman. Immich installation is detailed [[https:// | ||
| - | I assume you have already created the photo user and group (see [[services: | + | I assume you have already created the photo user and group (see [[selfhost: |
| <code bash> | <code bash> | ||
| useradd -d / | useradd -d / | ||
| Line 143: | Line 143: | ||
| authelia crypto rand --length 72 --charset rfc3986 | authelia crypto rand --length 72 --charset rfc3986 | ||
| </ | </ | ||
| + | This information will need to copied to both authelia config and immich settings. | ||
| To generate a Client Secret: | To generate a Client Secret: | ||
| Line 152: | Line 153: | ||
| Then you need to configure Immich to use Authelia SSO, so go to //Immich web gui → administration → settings → Authentication settings// and enter the following information: | Then you need to configure Immich to use Authelia SSO, so go to //Immich web gui → administration → settings → Authentication settings// and enter the following information: | ||
| * Issuer URL: https:// | * Issuer URL: https:// | ||
| - | * Client ID: immich. | + | * Client ID: << the generated ClientID >>. |
| * Client Secret: insecure_secret. | * Client Secret: insecure_secret. | ||
| * Scope: openid profile email. | * Scope: openid profile email. | ||