diff --git a/kubernetes/apps/media/immich/app/configmap.yaml b/kubernetes/apps/media/immich/app/configmap.yaml new file mode 100644 index 00000000..1938b3e2 --- /dev/null +++ b/kubernetes/apps/media/immich/app/configmap.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: immich-config + labels: + app.kubernetes.io/name: immich +data: + LOG_LEVEL: verbose + NODE_ENV: production + REDIS_HOSTNAME: dragonfly.database.svc.cluster.local + REDIS_PORT: "6379" + IMMICH_WEB_URL: http://immich-web.media.svc.cluster.local:3000 + IMMICH_SERVER_URL: http://immich-server.media.svc.cluster.local:3001 + IMMICH_MACHINE_LEARNING_URL: http://immich-machine-learning.media.svc.cluster.local:3003 \ No newline at end of file diff --git a/kubernetes/apps/media/immich/app/externalsecret.yaml b/kubernetes/apps/media/immich/app/externalsecret.yaml deleted file mode 100644 index ad17df81..00000000 --- a/kubernetes/apps/media/immich/app/externalsecret.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: immich -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: immich-secret - creationPolicy: Owner - template: - engineVersion: v2 - data: - JWT_SECRET: "{{ .JWT_SECRET }}" - dataFrom: - - extract: - key: immich \ No newline at end of file diff --git a/kubernetes/apps/media/immich/app/helmrelease.yaml b/kubernetes/apps/media/immich/app/helmrelease.yaml index 5940fe0c..df9a8793 100644 --- a/kubernetes/apps/media/immich/app/helmrelease.yaml +++ b/kubernetes/apps/media/immich/app/helmrelease.yaml @@ -72,7 +72,6 @@ spec: runAsGroup: 568 fsGroup: 568 fsGroupChangePolicy: OnRootMismatch - supplementalGroups: [44, 105, 10000] service: app: controller: immich-server @@ -104,7 +103,7 @@ spec: media: enabled: true type: nfs - server: 10.1.1.12 + server: 10.1.1.13 path: /eru/media/immich globalMounts: - path: /usr/src/app/upload diff --git a/kubernetes/apps/media/immich/app/kustomization.yaml b/kubernetes/apps/media/immich/app/kustomization.yaml index dbf548f4..5e390f0e 100644 --- a/kubernetes/apps/media/immich/app/kustomization.yaml +++ b/kubernetes/apps/media/immich/app/kustomization.yaml @@ -3,15 +3,19 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ../../../../templates/volsync - # - ./externalsecret.yaml - ./helmrelease.yaml + - ./machine-learning + - ./microservices - ./postgresCluster.yaml - # - ./pvc.yaml configMapGenerator: - name: immich-databse-init-sql files: - init.sql=./resources/init.sql +labels: + - pairs: + app.kubernetes.io/name: immich + app.kubernetes.io/instance: immich + app.kubernetes.io/part-of: immich generatorOptions: disableNameSuffixHash: true annotations: diff --git a/kubernetes/apps/media/immich/app/machine-learning/helmrelease.yaml b/kubernetes/apps/media/immich/app/machine-learning/helmrelease.yaml new file mode 100644 index 00000000..cf405afd --- /dev/null +++ b/kubernetes/apps/media/immich/app/machine-learning/helmrelease.yaml @@ -0,0 +1,85 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: immich-machine-learning +spec: + interval: 15m + chart: + spec: + chart: app-template + version: 3.0.4 + sourceRef: + kind: HelmRepository + name: bjw-s-charts + namespace: flux-system + interval: 15m + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + strategy: rollback + values: + controllers: + immich-machine-learning: + annotations: + reloader.stakater.com/auto: "true" + strategy: RollingUpdate + containers: + app: + image: + repository: ghcr.io/immich-app/immich-machine-learning + tag: v1.100.0 + resources: + requests: + cpu: 15m + memory: 250Mi + limits: + memory: 4000Mi + probes: + startup: + enabled: true + spec: + failureThreshold: 30 + periodSeconds: 5 + liveness: + enabled: true + readiness: + enabled: true + envFrom: + - configMapRef: + name: immich-config + env: + DB_URL: + valueFrom: + secretKeyRef: + name: immich-pguser-immich + key: uri + pod: + enableServiceLinks: false + securityContext: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + service: + app: + controller: immich-machine-learning + ports: + http: + port: 3003 + persistence: + media: + enabled: true + type: nfs + server: 10.1.1.13 + path: /eru/media/immich + globalMounts: + - path: /usr/src/app/upload + cache: + enabled: true + type: emptyDir \ No newline at end of file diff --git a/kubernetes/apps/media/immich/app/machine-learning/kustomization.yaml b/kubernetes/apps/media/immich/app/machine-learning/kustomization.yaml new file mode 100644 index 00000000..f191df21 --- /dev/null +++ b/kubernetes/apps/media/immich/app/machine-learning/kustomization.yaml @@ -0,0 +1,11 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: + - pairs: + app.kubernetes.io/name: immich-machine-learning + app.kubernetes.io/instance: immich-machine-learning + app.kubernetes.io/part-of: immich +resources: + - ./helmrelease.yaml \ No newline at end of file diff --git a/kubernetes/apps/media/immich/app/microservices/helmrelease.yaml b/kubernetes/apps/media/immich/app/microservices/helmrelease.yaml new file mode 100644 index 00000000..6ea98e33 --- /dev/null +++ b/kubernetes/apps/media/immich/app/microservices/helmrelease.yaml @@ -0,0 +1,83 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: immich-microservices +spec: + interval: 15m + chart: + spec: + chart: app-template + version: 3.0.4 + sourceRef: + kind: HelmRepository + name: bjw-s-charts + namespace: flux-system + interval: 15m + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + strategy: rollback + values: + controllers: + immich-microservices: + strategy: RollingUpdate + annotations: + reloader.stakater.com/auto: "true" + containers: + app: + image: + repository: ghcr.io/immich-app/immich-server + tag: v1.100.0 + command: /bin/sh + args: + - ./start-microservices.sh + resources: + requests: + cpu: 100m + memory: 250Mi + limits: + memory: 1000Mi + probes: + startup: + enabled: true + spec: + failureThreshold: 30 + periodSeconds: 5 + liveness: + enabled: true + readiness: + enabled: true + envFrom: + - configMapRef: + name: immich-config + env: + DB_URL: + valueFrom: + secretKeyRef: + name: immich-pguser-immich + key: uri + pod: + enableServiceLinks: false + securityContext: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + service: + app: + controller: immich-microservices + enabled: false + persistence: + media: + enabled: true + type: nfs + server: 10.1.1.13 + path: /eru/media/immich + globalMounts: + - path: /usr/src/app/upload \ No newline at end of file diff --git a/kubernetes/apps/media/immich/app/microservices/kustomization.yaml b/kubernetes/apps/media/immich/app/microservices/kustomization.yaml new file mode 100644 index 00000000..1d5656a2 --- /dev/null +++ b/kubernetes/apps/media/immich/app/microservices/kustomization.yaml @@ -0,0 +1,11 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +labels: + - pairs: + app.kubernetes.io/name: immich-microservices + app.kubernetes.io/instance: immich-microservices + app.kubernetes.io/part-of: immich +resources: + - ./helmrelease.yaml \ No newline at end of file diff --git a/kubernetes/apps/media/immich/ks.yaml b/kubernetes/apps/media/immich/ks.yaml index 6bc711f9..61788fa7 100644 --- a/kubernetes/apps/media/immich/ks.yaml +++ b/kubernetes/apps/media/immich/ks.yaml @@ -28,4 +28,3 @@ spec: APP: *app DB_NAME: immich DB_USER: immich - VOLSYNC_CAPACITY: 1Gi