diff --git a/hosts/nixos/thinkpad/containers.nix b/hosts/nixos/thinkpad/containers.nix
new file mode 100644
index 0000000..bb76b04
--- /dev/null
+++ b/hosts/nixos/thinkpad/containers.nix
@@ -0,0 +1,102 @@
+{ config, pkgs, lib, ... }:
+
+let
+  # Import Immich configuration from declarative config file
+  immichConfig = import ../../../config/immich.nix;
+
+  # Convert Nix configuration to JSON string
+  immichConfigJson = builtins.toJSON immichConfig;
+
+  # Write config file to a location accessible by the container
+  immichConfigFile = pkgs.writeText "immich.json" immichConfigJson;
+
+  # Universal container configuration
+  commonUID = "1000";
+  commonGID = "100";
+  systemTZ = config.time.timeZone;
+in
+{
+  # Container definitions for thinkpad host
+  virtualisation.oci-containers.containers = {
+
+    # Immich photo and video backup system
+    immich = {
+      image = "ghcr.io/imagegenius/immich:latest";
+
+      volumes = [
+        "/var/lib/containers/config/immich:/config"
+        "/home/yanlin/immich/photo-library:/photos"
+        "/home/yanlin/immich/ext-library:/libraries"
+        # Mount the declarative config file
+        "${immichConfigFile}:/config/immich.json:ro"
+      ];
+
+      environment = {
+        PUID = commonUID;
+        PGID = commonGID;
+        TZ = systemTZ;
+        # Point to the mounted config file
+        IMMICH_CONFIG_FILE = "/config/immich.json";
+        # Database connection (keep as env vars for security)
+        DB_HOSTNAME = "immich-db";
+        DB_USERNAME = "postgres";
+        DB_PASSWORD = "postgres";
+        DB_DATABASE_NAME = "postgres";
+        DB_PORT = "5432";
+        # Redis connection
+        REDIS_HOSTNAME = "immich-redis";
+        REDIS_PORT = "6379";
+        # Machine Learning server (internal)
+        MACHINE_LEARNING_HOST = "0.0.0.0";
+        MACHINE_LEARNING_PORT = "3003";
+        MACHINE_LEARNING_WORKERS = "1";
+        MACHINE_LEARNING_WORKER_TIMEOUT = "120";
+      };
+
+      ports = [
+        "5000:8080"
+      ];
+
+      extraOptions = [
+        "--network=podman"
+        "--device=/dev/dri:/dev/dri"  # Hardware acceleration
+      ];
+
+      dependsOn = [ "immich-db" "immich-redis" ];
+      autoStart = true;
+    };
+
+    # PostgreSQL database for Immich with vector extension
+    immich-db = {
+      image = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0";
+
+      volumes = [
+        "/var/lib/containers/config/immich-db:/var/lib/postgresql/data"
+      ];
+
+      environment = {
+        POSTGRES_PASSWORD = "postgres";
+        POSTGRES_USER = "postgres";
+        POSTGRES_DB = "postgres";
+      };
+
+      extraOptions = [
+        "--network=podman"
+      ];
+
+      autoStart = true;
+    };
+
+    # Redis cache for Immich
+    immich-redis = {
+      image = "docker.io/redis:7.2-alpine";
+
+      extraOptions = [
+        "--network=podman"
+      ];
+
+      autoStart = true;
+    };
+
+  };
+}
diff --git a/hosts/nixos/thinkpad/system.nix b/hosts/nixos/thinkpad/system.nix
index c0daabd..115cedc 100644
--- a/hosts/nixos/thinkpad/system.nix
+++ b/hosts/nixos/thinkpad/system.nix
@@ -3,7 +3,9 @@
 {
   imports = [
     ./hardware-configuration.nix
+    ./containers.nix
     ../system-default.nix
+    ../../../modules/podman.nix
     ../../../modules/tailscale.nix
     ../../../modules/login-display.nix
     ../../../modules/borg/server.nix
@@ -46,6 +48,8 @@
         intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but sometimes works better)
         libva-vdpau-driver
         libvdpau-va-gl
+        vpl-gpu-rt
+        intel-compute-runtime
       ];
     };
 
diff --git a/hosts/nixos/vps/proxy.nix b/hosts/nixos/vps/proxy.nix
index a0566ab..5643971 100644
--- a/hosts/nixos/vps/proxy.nix
+++ b/hosts/nixos/vps/proxy.nix
@@ -110,7 +110,7 @@
         photo = {
           loadBalancer = {
             servers = [{
-              url = "http://hs.yanlincs.com:5000";
+              url = "http://thinkpad.yanlincs.com:5000";
             }];
           };
         };