Immich hr

This commit is contained in:
Joseph Hanson 2024-03-29 06:46:47 -05:00
parent a4d7b18c67
commit 6e02defa5f
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
4 changed files with 54 additions and 33 deletions

View file

@ -0,0 +1,20 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: immich
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: immich-secret
creationPolicy: Owner
template:
engineVersion: v2
data:
JWT_SECRET: "{{ .JWT_SECRET }}"
dataFrom:
- extract:
key: immich

View file

@ -25,44 +25,46 @@ spec:
strategy: rollback
values:
controllers:
jellyfin:
immich-server:
type: statefulset
annotations:
reloader.stakater.com/auto: "true"
containers:
app:
image:
repository: jellyfin/jellyfin
tag: 10.8.13
env:
NVIDIA_VISIBLE_DEVICES: "all"
NVIDIA_DRIVER_CAPABILITIES: "compute,video,utility"
DOTNET_SYSTEM_IO_DISABLEFILELOCKING: "true"
JELLYFIN_FFmpeg__probesize: 50000000
JELLYFIN_FFmpeg__analyzeduration: 50000000
JELLYFIN_PublishedServerUrl: jelly.hsn.dev
TZ: America/Chicago
repository: ghcr.io/immich-app/immich-server
tag: v1.100.0
command: /bin/sh
args:
- ./start-server.sh
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /health
port: &port 8096
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
startup:
enabled: false
enabled: true
spec:
failureThreshold: 30
periodSeconds: 5
liveness:
enabled: true
readiness:
enabled: true
resources:
requests:
cpu: 100m
memory: 512Mi
limits:
memory: 4Gi
env:
TZ: America/Chicago
DB_URL:
valueFrom:
secretKeyRef:
name: immich-pguser-immich
key: uri
envFrom:
- secretRef:
name: immich-secret
- configMapRef:
name: immich-config
pod:
enableServiceLinks: false
securityContext:
@ -73,10 +75,10 @@ spec:
supplementalGroups: [44, 105, 10000]
service:
app:
controller: *name
controller: immich-server
ports:
http:
port: *port
port: 3001
ingress:
app:
enabled: true
@ -84,8 +86,9 @@ spec:
annotations:
external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
external-dns.alpha.kubernetes.io/target: external.hsn.dev
nginx.ingress.kubernetes.io/proxy-body-size: "0"
hosts:
- host: &host "jelly.hsn.dev"
- host: &host "im.hsn.dev"
paths:
- path: /
service:
@ -98,14 +101,10 @@ spec:
config:
existingClaim: immich
enabled: true
ml-cache:
type: emptyDir
globalMounts:
- path: /mlcache
media:
enabled: true
type: nfs
server: 10.1.1.12
path: /eru/media/immich
globalMounts:
- path: /media
- path: /usr/src/app/upload

View file

@ -3,10 +3,11 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../../templates/volsync
# - ./externalsecret.yaml
- ./helmrelease.yaml
- ./postgresCluster.yaml
# - ./pvc.yaml
# - ./helmrelease.yaml
configMapGenerator:
- name: immich-databse-init-sql
files:

View file

@ -28,3 +28,4 @@ spec:
APP: *app
DB_NAME: immich
DB_USER: immich
VOLSYNC_CAPACITY: 1Gi