immich

History

Robert Schäfer 146bf65d02 refactor(dev): remove ulimits for rootless docker (#24393 ) Description ----------- When I follow the [developer setup](https://docs.immich.app/developer/setup) I run into a permission error using rootless docker. A while ago I asked on Discord in [#contributing](https://discord.com/channels/979116623879368755/1071165397228855327/1442974448776122592) about these ulimits. I suggest to remove the `ulimits` altogether. It seems that @ItalyPaleAle has left the setting just hoping that it could help somebody in the future. See the [PR description](https://github.com/immich-app/immich/pull/4556). How Has This Been Tested? ------------------------- Using rootless docker: ``` $ docker context ls NAME DESCRIPTION DOCKER ENDPOINT ERROR default unix:///var/run/docker.sock rootless * unix:///run/user/1000/docker.sock ``` Running `make` will fail because of permission errors: ``` $ docker compose -f ./docker/docker-compose.dev.yml up --remove-orphans ... Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting rlimits for ready process: error setting rlimit type 7: operation not permitted ``` On my machine I have the following hard limit for "Maximum number of open file descriptors": ``` $ ulimit -nH 524288 ``` I can confirm that the permission error is caused by the security restrictions of the operating system mentioned above: Changing `docker/docker-compose.dev.yml` like .. ``` ulimits: nofile: soft: 524289 hard: 524289 ``` .. will lead to a permission error whereas this .. ``` ulimits: nofile: soft: 524288 hard: 524288 ``` .. starts fine. Apparently the defaults for these limits are coming from [systemd](`26b2085d54/man/systemd.exec.xml (L1122)`) which is used on nearly every linux distribution. So my assumption is that almost any linux user who uses rootless docker will run into a permission error when starting the development setup. Checklist: ---------- - [x] I have performed a self-review of my own code - [x] I have made corresponding changes to the documentation if applicable - [x] I have no unrelated changes in the PR. - [ ] I have confirmed that any new dependencies are strictly necessary. - [ ] I have written tests for new code (if applicable) - [ ] I have followed naming conventions/patterns in the surrounding code - [ ] All code in `src/services/` uses repositories implementations for database calls, filesystem operations, etc. - [ ] All code in `src/repositories/` is pretty basic/simple and does not have any immich specific logic (that belongs in `src/services/`)		2025-12-05 09:26:20 +07:00
..
.gitignore	…
README.md	chore: add warning to compose file and readme (#5123 )	2023-11-18 11:43:10 +07:00
docker-compose.dev.yml	refactor(dev): remove ulimits for rootless docker (#24393 )	2025-12-05 09:26:20 +07:00
docker-compose.prod.yml	chore(deps): update docker.io/valkey/valkey docker tag to v9 (#24336 )	2025-12-02 09:26:39 +07:00
docker-compose.yml	chore(deps): update docker.io/valkey/valkey docker tag to v9 (#24336 )	2025-12-02 09:26:39 +07:00
example.env	feat(server): pin to v2 (#23170 )	2025-10-22 16:06:00 +07:00
hwaccel.ml.yml	chore: replace immich.app/docs with docs.immich.app globally (#22428 )	2025-10-02 10:42:14 +07:00
hwaccel.transcoding.yml	chore: replace immich.app/docs with docs.immich.app globally (#22428 )	2025-10-02 10:42:14 +07:00
prometheus.yml	fix(server): otel not working due to port conflicts after combining containers (#10078 )	2024-06-10 16:01:04 +07:00

README.md

[!CAUTION] Make sure to use the docker-compose.yml of the current release: https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml

The compose file on main may not be compatible with the latest release.