diff --git a/group_vars/all.yaml b/group_vars/all.yaml
index ffe0c46..4957ae1 100644
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -35,6 +35,8 @@ ldap_group_dn: "ou=groups,dc=atlantishq,dc=de"
 ldap_connection_url: ldap://192.168.122.112
 ldap_connection_url_ext: "ldaps://ldap.atlantishq.de"
 
+immich_pg_password: HISTORY_PURGED_SECRET
+
 event_dispatcher_token: "HISTORY_PURGED_SECRET"
 
 extra_root_keys:
diff --git a/roles/docker-deployments/tasks/main.yaml b/roles/docker-deployments/tasks/main.yaml
index 760a9bd..8204e52 100644
--- a/roles/docker-deployments/tasks/main.yaml
+++ b/roles/docker-deployments/tasks/main.yaml
@@ -65,6 +65,7 @@
     - ntfy
     - code-server
     - nginx-media-cdn
+    - immich
 
 - name: Copy AtlantisHub config
   copy:
@@ -118,6 +119,7 @@
     - code-server
     - serienampel
     - nginx-media-cdn
+    - immich
 
 - name: Copy compose templates
   template:
@@ -145,6 +147,7 @@
     - code-server
     - serienampel
     - nginx-media-cdn
+    - immich
 
 - name: create sites-enabled dir
   file:
@@ -204,6 +207,7 @@
     - code-server
     - serienampel
     - nginx-media-cdn
+    - immich
 
 - name: OAuth2Proxy directories
   file:
diff --git a/roles/docker-deployments/templates/immich.yaml b/roles/docker-deployments/templates/immich.yaml
new file mode 100644
index 0000000..3c1ee8c
--- /dev/null
+++ b/roles/docker-deployments/templates/immich.yaml
@@ -0,0 +1,57 @@
+name: immich
+services:
+  immich-server:
+    container_name: immich_server
+    image: ghcr.io/immich-app/immich-server:release
+    volumes:
+      - /data/immich/upload:/usr/src/app/upload
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+        DB_USERNAME: postgres
+        DB_PASSWORD: HISTORY_PURGED_SECRET
+        DB_DATABASE_NAME: immich 
+    ports:
+      - 2283:3001
+    depends_on:
+      - redis
+      - database
+    restart: always
+
+  immich-machine-learning:
+    container_name: immich_machine_learning
+    image: ghcr.io/immich-app/immich-machine-learning:release
+    volumes:
+      - model-cache:/cache
+    environment:
+        DB_USERNAME: postgres
+        DB_PASSWORD: HISTORY_PURGED_SECRET
+        DB_DATABASE_NAME: immich 
+    restart: always
+
+  redis:
+    container_name: immich_redis
+    image: docker.io/redis:6.2-alpine
+    healthcheck:
+      test: redis-cli ping || exit 1
+    restart: always
+
+  database:
+    container_name: immich_postgres
+    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0
+    environment:
+      POSTGRES_PASSWORD: {{ immich_pg_password }}
+      POSTGRES_USER: postgres
+      POSTGRES_DB: immich
+      POSTGRES_INITDB_ARGS: '--data-checksums'
+    volumes:
+      - /data/immich/pgdata:/var/lib/postgresql/data
+    healthcheck:
+      test: pg_isready --dbname='immich' --username='postgres' || exit 1; Chksum="$$(psql --dbname='immich' --username='postgres' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
+      interval: 5m
+      start_interval: 30s
+      start_period: 5m
+    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"]
+    restart: always
+
+volumes:
+  model-cache: