diff --git a/configurations/nos/modules/docker/immich/.gitignore b/configurations/nos/modules/docker/immich/.gitignore new file mode 100644 index 00000000..70314f03 --- /dev/null +++ b/configurations/nos/modules/docker/immich/.gitignore @@ -0,0 +1,2 @@ +# upload script with secrets +upload.sh diff --git a/configurations/nos/modules/docker/immich/compose.nix b/configurations/nos/modules/docker/immich/compose.nix index d889e3ba..bc4b28ff 100644 --- a/configurations/nos/modules/docker/immich/compose.nix +++ b/configurations/nos/modules/docker/immich/compose.nix @@ -1,28 +1,64 @@ { config, + lib, pkgs, ... }: let + inherit (lib) attrValues; + inherit (config.sops) secrets; inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/immich"; UPLOAD_LOCATION = "${rwPath}/data"; + synologyPath = "/var/lib/synology-immich"; in { + # NFS client setup + services.rpcbind.enable = true; + boot.supportedFilesystems = ["nfs"]; + + environment.systemPackages = attrValues { + inherit + (pkgs) + nfs-utils + immich-go # for uploading google photos + ; + }; + + systemd.mounts = let + host = "10.0.0.117"; + in [ + { + type = "nfs"; + mountConfig = { + Options = "noatime"; + }; + what = "${host}:/volume1/Photo-Immich"; + where = synologyPath; + requiredBy = ["docker-immich_immich_server.service"]; + } + ]; + + # Docker compose khepri.compositions."immich" = { networks.proxy_net = {external = true;}; services = { "immich_server" = { image = import ./images/server.nix pkgs; + + restart = "always"; + environmentFiles = [ - "${./env}" + ./env secrets.immich.path ]; volumes = [ + # "${synologyPath}:/usr/src/app/upload:rw" "${UPLOAD_LOCATION}:/usr/src/app/upload:rw" + "${synologyPath}:${synologyPath}:rw" ]; ports = [ "2283:2283" @@ -30,16 +66,17 @@ in { networks = ["proxy_net"]; dependsOn = ["immich_redis" "immich_postgres"]; - restart = "always"; environment.NODE_ENV = "production"; }; "immich_machine_learning" = { image = import ./images/machine-learning.nix pkgs; + restart = "always"; + environmentFiles = [ - "${./env}" + ./env secrets.immich.path ]; networks = ["proxy_net"]; @@ -51,20 +88,24 @@ in { "immich_redis" = { image = import ./images/redis.nix pkgs; + restart = "always"; - tmpfs = ["/data"]; + environmentFiles = [ - "${./env}" + ./env secrets.immich.path ]; networks = ["proxy_net"]; + tmpfs = ["/data"]; }; "immich_postgres" = { image = import ./images/postgres.nix pkgs; + restart = "always"; + environmentFiles = [ - "${./env}" + ./env secrets.immich.path ]; networks = ["proxy_net"];