immich packages for un-dockered installation on bare metal arch installation, version 1.40.0_63

1 files changed, 39 insertions, 0 deletions

diff --git a/immich-server.service b/immich-server.service
new file mode 100644
index 000000000000..416c4e59674c
--- /dev/null
+++ b/immich-server.service
@@ -0,0 +1,39 @@
+[Unit]
+Description=immich server
+Documentation=https://github.com/immich-app/immich
+Requires=redis.service
+Requires=postgresql.service
+After=network.target
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+User=immich
+Group=immich
+Type=simple
+Restart=on-failure
+
+EnvironmentFile=/etc/immich.conf
+Environment=NODE_ENV=production
+SyslogIdentifier=immich-server
+ExecStart=node dist/apps/immich/apps/immich/src/main
+
+PrivateDevices=true
+ProtectHome=true
+ProtectSystem=strict
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectControlGroups=yes
+
+RestrictNamespaces=yes
+
+SystemCallArchitectures=native
+AmbientCapabilities=
+CapabilityBoundingSet=
+NoNewPrivileges=yes
+
+WorkingDirectory=/var/lib/immich/app/server
+ReadWritePaths=/tmp /var/tmp /var/lib/immich/upload
+
+[Install]
+WantedBy=multi-user.target