221 lines
7.5 KiB
Nix
221 lines
7.5 KiB
Nix
# { lib, pkgs, config, ... }:
|
|
# let
|
|
# immichRoot = "/mnt/hd/immich";
|
|
# immichData = "${immichRoot}/data";
|
|
# # immichVersion = "v1.105.1";
|
|
# immichVersion = "v1.105.1";
|
|
# sharedEnv = {
|
|
# # You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
|
|
# # The location where your uploaded files are stored
|
|
# UPLOAD_LOCATION="./library";
|
|
# DB_DATA_LOCATION="./postgres";
|
|
# IMMICH_VERSION=immichVersion;
|
|
# DB_PASSWORD="postgres";
|
|
# DB_USERNAME="postgres";
|
|
# DB_DATABASE_NAME="immich";
|
|
# DB_HOSTNAME="postgres";
|
|
# REDIS_HOSTNAME = "redis";
|
|
# };
|
|
# postgresRoot = "${immichRoot}/pgsql";
|
|
# machineLearning = "${immichRoot}/ml-cache";
|
|
# in {
|
|
# systemd.tmpfiles.rules = [
|
|
# "d ${immichRoot} 770 ccr wheel"
|
|
# "d ${immichData} 770 ccr wheel"
|
|
# "d ${postgresRoot} 770 ccr wheel"
|
|
# "d ${machineLearning} 770 ccr wheel"
|
|
# ];
|
|
# virtualisation.docker.enable = lib.mkForce false;
|
|
# virtualisation.podman.enable = lib.mkForce true;
|
|
# virtualisation.podman.dockerSocket.enable = lib.mkForce true;
|
|
# virtualisation.podman.defaultNetwork.settings.dns_enabled = lib.mkForce true;
|
|
# networking.firewall.interfaces."podman+".allowedUDPPorts = [53 5353];
|
|
# environment.systemPackages = [
|
|
# pkgs.arion
|
|
# ];
|
|
# virtualisation.arion = {
|
|
# backend = lib.mkForce "podman-socket";
|
|
# projects.immich = {
|
|
# serviceName = "immich";
|
|
# settings = {
|
|
# project.name = "immich";
|
|
# networks.default = {
|
|
# name = "immich";
|
|
# };
|
|
# services = {
|
|
# "server" = {
|
|
# service = {
|
|
# image = "ghcr.io/immich-app/immich-server:${immichVersion}";
|
|
# container_name = "server";
|
|
# command = ["start.sh" "immich"];
|
|
# environment = sharedEnv // {
|
|
# # NODE_ENV = "production";
|
|
# };
|
|
# ports = [
|
|
# "2283:3001"
|
|
# ];
|
|
# volumes = [
|
|
# "${immichData}:/usr/src/app/upload:rw"
|
|
# "/etc/localtime:/etc/localtime:ro"
|
|
# ];
|
|
# depends_on = ["redis" "postgres"];
|
|
# restart = "always";
|
|
# };
|
|
# };
|
|
# "microservices" = {
|
|
# service = {
|
|
# image = "ghcr.io/immich-app/immich-server:${immichVersion}";
|
|
# container_name = "microservices";
|
|
# command = ["start.sh" "microservices"];
|
|
# environment = sharedEnv;
|
|
# volumes = ["${immichData}:/usr/src/app/upload:rw"];
|
|
# depends_on = ["redis" "postgres"];
|
|
# restart = "always";
|
|
# };
|
|
# };
|
|
# "machine_learning" = {
|
|
# service = {
|
|
# image = "ghcr.io/immich-app/immich-machine-learning:${immichVersion}";
|
|
# container_name = "machine_learning";
|
|
# volumes = [
|
|
# "${machineLearning}:/cache"
|
|
# ];
|
|
# restart = "always";
|
|
# environment = sharedEnv // {
|
|
# # NODE_ENV = "production";
|
|
# };
|
|
# };
|
|
# };
|
|
# "redis" = {
|
|
# service = {
|
|
# image = "docker.io/redis:6.2-alpine";
|
|
# container_name = "redis";
|
|
# restart = "always";
|
|
# tmpfs = ["/data"];
|
|
# };
|
|
# };
|
|
# "postgres" = {
|
|
# service = {
|
|
# image = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0";
|
|
# container_name = "postgres";
|
|
# volumes = [
|
|
# "${postgresRoot}:/var/lib/postgresql/data"
|
|
# ];
|
|
# restart = "always";
|
|
# environment = {
|
|
# POSTGRES_PASSWORD = sharedEnv.DB_PASSWORD;
|
|
# POSTGRES_USER = sharedEnv.DB_USERNAME;
|
|
# POSTGRES_DB = sharedEnv.DB_DATABASE_NAME;
|
|
# POSTGRES_INITDB_ARGS = "--data-checksums";
|
|
# };
|
|
# };
|
|
# };
|
|
# };
|
|
# };
|
|
# };
|
|
# };
|
|
# }
|
|
{config, ...}: let
|
|
immichHost = "immich.example.com"; # TODO: put your immich domain name here
|
|
|
|
immichRoot = "/mnt/hd/immich"; # TODO: Tweak these to your desired storage locations
|
|
immichPhotos = "${immichRoot}/photos";
|
|
immichAppdataRoot = "${immichRoot}/appdata";
|
|
immichVersion = "release";
|
|
# immichExternalVolume1 = "/tank/BackupData/Google Photos/someone@example.com"; # TODO: if external volumes are desired
|
|
|
|
postgresRoot = "${immichAppdataRoot}/pgsql";
|
|
postgresPassword = "immich"; # TODO: put a random password here
|
|
postgresUser = "immich";
|
|
postgresDb = "immich";
|
|
in {
|
|
# The primary source for this configuration is the recommended docker-compose installation of immich from
|
|
# https://immich.app/docs/install/docker-compose, which linkes to:
|
|
# - https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
|
|
# - https://github.com/immich-app/immich/releases/latest/download/example.env
|
|
# and has been transposed into nixos configuration here. Those upstream files should probably be checked
|
|
# for serious changes if there are any upgrade problems here.
|
|
#
|
|
# After initial deployment, these in-process configurations need to be done:
|
|
# - create an admin user by accessing the site
|
|
# - login with the admin user
|
|
# - set the "Machine Learning Settings" > "URL" to http://immich_machine_learning:3003
|
|
|
|
virtualisation.oci-containers.containers.immich_server = {
|
|
image = "ghcr.io/immich-app/immich-server:${immichVersion}";
|
|
ports = ["127.0.0.1:2283:3001"];
|
|
extraOptions = [
|
|
"--pull=newer"
|
|
# Force DNS resolution to only be the podman dnsname name server; by default podman provides a resolv.conf
|
|
# that includes both this server and the upstream system server, causing resolutions of other pod names
|
|
# to be inconsistent.
|
|
"--dns=10.88.0.1"
|
|
];
|
|
cmd = ["start.sh" "immich"];
|
|
environment = {
|
|
IMMICH_VERSION = immichVersion;
|
|
DB_HOSTNAME = "immich_postgres";
|
|
DB_USERNAME = postgresUser;
|
|
DB_DATABASE_NAME = postgresDb;
|
|
DB_PASSWORD = postgresPassword;
|
|
REDIS_HOSTNAME = "immich_redis";
|
|
};
|
|
volumes = [
|
|
"${immichPhotos}:/usr/src/app/upload"
|
|
"/etc/localtime:/etc/localtime:ro"
|
|
# "${immichExternalVolume1}:${immichExternalVolume1}:ro"
|
|
];
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.immich_microservices = {
|
|
image = "ghcr.io/immich-app/immich-server:${immichVersion}";
|
|
extraOptions = [
|
|
"--pull=newer"
|
|
# Force DNS resolution to only be the podman dnsname name server; by default podman provides a resolv.conf
|
|
# that includes both this server and the upstream system server, causing resolutions of other pod names
|
|
# to be inconsistent.
|
|
"--dns=10.88.0.1"
|
|
];
|
|
cmd = ["start.sh" "microservices"];
|
|
environment = {
|
|
IMMICH_VERSION = immichVersion;
|
|
DB_HOSTNAME = "immich_postgres";
|
|
DB_USERNAME = postgresUser;
|
|
DB_DATABASE_NAME = postgresDb;
|
|
DB_PASSWORD = postgresPassword;
|
|
REDIS_HOSTNAME = "immich_redis";
|
|
};
|
|
volumes = [
|
|
"${immichPhotos}:/usr/src/app/upload"
|
|
"/etc/localtime:/etc/localtime:ro"
|
|
# "${immichExternalVolume}1:${immichExternalVolume1}:ro"
|
|
];
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.immich_machine_learning = {
|
|
image = "ghcr.io/immich-app/immich-machine-learning:${immichVersion}";
|
|
extraOptions = ["--pull=newer"];
|
|
environment = {
|
|
IMMICH_VERSION = immichVersion;
|
|
};
|
|
volumes = [
|
|
"${immichAppdataRoot}/model-cache:/cache"
|
|
];
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.immich_redis = {
|
|
image = "redis:6.2-alpine@sha256:80cc8518800438c684a53ed829c621c94afd1087aaeb59b0d4343ed3e7bcf6c5";
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.immich_postgres = {
|
|
image = "tensorchord/pgvecto-rs:pg14-v0.1.11";
|
|
environment = {
|
|
POSTGRES_PASSWORD = postgresPassword;
|
|
POSTGRES_USER = postgresUser;
|
|
POSTGRES_DB = postgresDb;
|
|
};
|
|
volumes = [
|
|
"${postgresRoot}:/var/lib/postgresql/data"
|
|
];
|
|
};
|
|
}
|