diff --git a/compose-files/immich/immich/docker-compose.yml b/compose-files/immich/immich/docker-compose.yml
new file mode 100644
index 0000000..ceddeec
--- /dev/null
+++ b/compose-files/immich/immich/docker-compose.yml
@@ -0,0 +1,74 @@
+# Immich Stack - immich VM (.82)
+# Uses shared PostgreSQL on databases VM (.81:5432)
+# Upload location: NFS mount /mnt/nas/media/Pictures/immich
+
+name: immich
+
+services:
+  immich-server:
+    container_name: immich_server
+    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+    volumes:
+      - ${UPLOAD_LOCATION}:/usr/src/app/upload
+      - /etc/localtime:/etc/localtime:ro
+    env_file:
+      - .env
+    ports:
+      - "2283:2283"
+    depends_on:
+      redis:
+        condition: service_healthy
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "immich-healthcheck"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
+    labels:
+      - "autoheal=true"
+      - "com.centurylinklabs.watchtower.enable=true"
+    networks:
+      - immich
+
+  immich-machine-learning:
+    container_name: immich_machine_learning
+    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
+    volumes:
+      - model-cache:/cache
+    env_file:
+      - .env
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "python3 healthcheck.py"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 120s
+    labels:
+      - "autoheal=true"
+      - "com.centurylinklabs.watchtower.enable=true"
+    networks:
+      - immich
+
+  redis:
+    container_name: immich_redis
+    image: docker.io/valkey/valkey:8-bookworm
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    labels:
+      - "autoheal=true"
+      - "com.centurylinklabs.watchtower.enable=true"
+    networks:
+      - immich
+
+volumes:
+  model-cache:
+
+networks:
+  immich:
+    driver: bridge
diff --git a/playbooks/deploy-immich.yml b/playbooks/deploy-immich.yml
new file mode 100644
index 0000000..8edc09f
--- /dev/null
+++ b/playbooks/deploy-immich.yml
@@ -0,0 +1,53 @@
+---
+# Deploy Immich to immich VM (.82)
+# Uses shared PostgreSQL on databases VM (.81:5432)
+
+- name: Deploy Immich to immich VM
+  hosts: immich
+  become: true
+  vars:
+    immich_dir: /home/docker/appdata/immich
+    compose_src: "{{ playbook_dir }}/../compose-files/immich/immich"
+
+  tasks:
+    - name: Create immich directories
+      file:
+        path: "{{ item }}"
+        state: directory
+        mode: '0755'
+      loop:
+        - "{{ immich_dir }}"
+
+    - name: Ensure immich network exists
+      community.docker.docker_network:
+        name: immich
+
+    - name: Copy docker-compose.yml
+      copy:
+        src: "{{ compose_src }}/docker-compose.yml"
+        dest: "{{ immich_dir }}/docker-compose.yml"
+        mode: '0644'
+
+    - name: Copy .env file
+      copy:
+        src: "{{ compose_src }}/.env"
+        dest: "{{ immich_dir }}/.env"
+        mode: '0600'
+
+    - name: Pull Immich images
+      community.docker.docker_compose_v2:
+        project_src: "{{ immich_dir }}"
+        state: present
+        pull: always
+      register: pull_output
+
+    - name: Start Immich stack
+      community.docker.docker_compose_v2:
+        project_src: "{{ immich_dir }}"
+        state: present
+        recreate: always
+      register: compose_output
+
+    - name: Show deployment result
+      debug:
+        msg: "Immich deployed! Access at https://photos.3ddbrewery.com (update Traefik to point to .82:2283)"