From 65299f9f1f43a74e575343b383324227cbef9433 Mon Sep 17 00:00:00 2001
From: Andrea Ciceri <andrea.ciceri@autistici.org>
Date: Wed, 30 Apr 2025 23:00:40 +0200
Subject: [PATCH] Migrate Immich from Docker to the NixOS module

---
 modules/immich/default.nix      | 114 ++++++--------------------------
 modules/sisko-proxy/default.nix |   2 +-
 2 files changed, 21 insertions(+), 95 deletions(-)

diff --git a/modules/immich/default.nix b/modules/immich/default.nix
index ffa5968..bf93484 100644
--- a/modules/immich/default.nix
+++ b/modules/immich/default.nix
@@ -1,99 +1,25 @@
-{ ... }:
-let
-  vars = {
-    serviceConfigRoot = "/mnt/hd/immich/state";
-    mainArray = "/mnt/hd/immich/";
-    domainName = "photos.aciceri.dev";
-  };
-  directories = [
-    "${vars.serviceConfigRoot}/immich"
-    "${vars.serviceConfigRoot}/immich/postgresql"
-    "${vars.serviceConfigRoot}/immich/postgresql/data"
-    "${vars.serviceConfigRoot}/immich/config"
-    "${vars.serviceConfigRoot}/immich/machine-learning"
-    "${vars.mainArray}/Photos"
-    "${vars.mainArray}/Photos/Immich"
-    "${vars.mainArray}/Photos/S10m"
-  ];
-in
+{ config, ... }:
 {
-  systemd.tmpfiles.rules = map (x: "d ${x} 0775 root root - -") directories;
-  systemd.services = {
-    podman-immich = {
-      requires = [
-        "podman-immich-redis.service"
-        "podman-immich-postgres.service"
-      ];
-      after = [
-        "podman-immich-redis.service"
-        "podman-immich-postgres.service"
-      ];
-    };
-    podman-immich-postgres = {
-      requires = [ "podman-immich-redis.service" ];
-      after = [ "podman-immich-redis.service" ];
-    };
+  environment.persistence."/persist".directories = [
+    config.services.immich.machine-learning.environment.MACHINE_LEARNING_CACHE_FOLDER
+  ];
+
+  services.immich = {
+    enable = true;
+    mediaLocation = "/mnt/hd/immich";
   };
 
-  virtualisation.oci-containers.containers = {
-    immich = {
-      autoStart = true;
-      image = "ghcr.io/imagegenius/immich:latest";
-      volumes = [
-        "${vars.serviceConfigRoot}/immich/config:/config"
-        "${vars.mainArray}/Photos/Immich:/photos"
-        "${vars.mainArray}/Photos/S10m:/import:ro"
-        "${vars.serviceConfigRoot}/immich/machine-learning:/config/machine-learning"
-      ];
-      # environmentFiles = [ config.age.secrets.ariaImmichDatabase.path ];
-      environment = {
-        PUID = "994";
-        PGID = "993";
-        TZ = "Europe/Rome";
-        DB_HOSTNAME = "immich-postgres";
-        DB_USERNAME = "immich";
-        DB_DATABASE_NAME = "immich";
-        REDIS_HOSTNAME = "immich-redis";
-        DB_PASSWORD = "password";
-      };
-      extraOptions = [
-        "--pull=newer"
-        "--network=container:immich-redis"
-      ];
-    };
-
-    immich-redis = {
-      autoStart = true;
-      image = "redis";
-      extraOptions = [
-        "--pull=newer"
-        "-l=traefik.enable=true"
-        "-l=traefik.http.routers.immich.rule=Host(`photos.${vars.domainName}`)"
-        "-l=traefik.http.routers.immich.service=immich"
-        "-l=traefik.http.services.immich.loadbalancer.server.port=8080"
-      ];
-      ports = [
-        "8080:8080"
-      ];
-    };
-
-    immich-postgres = {
-      autoStart = true;
-      image = "tensorchord/pgvecto-rs:pg14-v0.2.1";
-      volumes = [
-        "${vars.serviceConfigRoot}/immich/postgresql/data:/var/lib/postgresql/data"
-      ];
-      # environmentFiles = [ config.age.secrets.ariaImmichDatabase.path ];
-      environment = {
-        POSTGRES_USER = "immich";
-        POSTGRES_DB = "immich";
-        POSTGRES_HOST_AUTH_METHOD = "trust";
-        POSTGRES_PASSWORD = "password";
-      };
-      extraOptions = [
-        "--pull=newer"
-        "--network=container:immich-redis"
-      ];
-    };
+  # The reason for this hack is quite bad
+  # Before using the NixOS module Immich was installed using Docker, for this
+  # reason the paths of the images in the database looks like `/photos/...`
+  # and after migrating to the NixOS module I kept getting 404s for all the
+  # old pictures.
+  # Frankly it seems weird that it saved the absolute paths in the DB, perhaps
+  # it saves somewhere else the media location root and then merge the paths,
+  # however, nevertheless I set `mediaLocation` it didn't work
+  fileSystems."/photos" = {
+    device = "/mnt/hd/immich/";
+    fsType = "ext4";
+    options = [ "bind" ];
   };
 }
diff --git a/modules/sisko-proxy/default.nix b/modules/sisko-proxy/default.nix
index f35fcd1..19b32b5 100644
--- a/modules/sisko-proxy/default.nix
+++ b/modules/sisko-proxy/default.nix
@@ -34,7 +34,7 @@
       forceSSL = true;
       enableACME = true;
       locations."/" = {
-        proxyPass = "http://localhost:8080";
+        proxyPass = "http://localhost:${builtins.toString config.services.immich.port}";
         proxyWebsockets = true;
       };
     };