immich fixes #167

Merged
jahanson merged 14 commits from immich into main 2024-03-29 12:21:40 -05:00
4 changed files with 54 additions and 33 deletions
Showing only changes of commit 6e02defa5f - Show all commits

View file

@ -0,0 +1,20 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: immich
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: immich-secret
creationPolicy: Owner
template:
engineVersion: v2
data:
JWT_SECRET: "{{ .JWT_SECRET }}"
dataFrom:
- extract:
key: immich

View file

@ -25,44 +25,46 @@ spec:
strategy: rollback strategy: rollback
values: values:
controllers: controllers:
jellyfin: immich-server:
type: statefulset type: statefulset
annotations: annotations:
reloader.stakater.com/auto: "true" reloader.stakater.com/auto: "true"
containers: containers:
app: app:
image: image:
repository: jellyfin/jellyfin repository: ghcr.io/immich-app/immich-server
tag: 10.8.13 tag: v1.100.0
env: command: /bin/sh
NVIDIA_VISIBLE_DEVICES: "all" args:
NVIDIA_DRIVER_CAPABILITIES: "compute,video,utility" - ./start-server.sh
DOTNET_SYSTEM_IO_DISABLEFILELOCKING: "true"
JELLYFIN_FFmpeg__probesize: 50000000
JELLYFIN_FFmpeg__analyzeduration: 50000000
JELLYFIN_PublishedServerUrl: jelly.hsn.dev
TZ: America/Chicago
probes: probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /health
port: &port 8096
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
startup: startup:
enabled: false enabled: true
spec:
failureThreshold: 30
periodSeconds: 5
liveness:
enabled: true
readiness:
enabled: true
resources: resources:
requests: requests:
cpu: 100m cpu: 100m
memory: 512Mi memory: 512Mi
limits: limits:
memory: 4Gi memory: 4Gi
env:
TZ: America/Chicago
DB_URL:
valueFrom:
secretKeyRef:
name: immich-pguser-immich
key: uri
envFrom:
- secretRef:
name: immich-secret
- configMapRef:
name: immich-config
pod: pod:
enableServiceLinks: false enableServiceLinks: false
securityContext: securityContext:
@ -73,10 +75,10 @@ spec:
supplementalGroups: [44, 105, 10000] supplementalGroups: [44, 105, 10000]
service: service:
app: app:
controller: *name controller: immich-server
ports: ports:
http: http:
port: *port port: 3001
ingress: ingress:
app: app:
enabled: true enabled: true
@ -84,8 +86,9 @@ spec:
annotations: annotations:
external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
external-dns.alpha.kubernetes.io/target: external.hsn.dev external-dns.alpha.kubernetes.io/target: external.hsn.dev
nginx.ingress.kubernetes.io/proxy-body-size: "0"
hosts: hosts:
- host: &host "jelly.hsn.dev" - host: &host "im.hsn.dev"
paths: paths:
- path: / - path: /
service: service:
@ -98,14 +101,10 @@ spec:
config: config:
existingClaim: immich existingClaim: immich
enabled: true enabled: true
ml-cache:
type: emptyDir
globalMounts:
- path: /mlcache
media: media:
enabled: true enabled: true
type: nfs type: nfs
server: 10.1.1.12 server: 10.1.1.12
path: /eru/media/immich path: /eru/media/immich
globalMounts: globalMounts:
- path: /media - path: /usr/src/app/upload

View file

@ -3,10 +3,11 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- ../../../../templates/volsync
# - ./externalsecret.yaml # - ./externalsecret.yaml
- ./helmrelease.yaml
- ./postgresCluster.yaml - ./postgresCluster.yaml
# - ./pvc.yaml # - ./pvc.yaml
# - ./helmrelease.yaml
configMapGenerator: configMapGenerator:
- name: immich-databse-init-sql - name: immich-databse-init-sql
files: files:

View file

@ -28,3 +28,4 @@ spec:
APP: *app APP: *app
DB_NAME: immich DB_NAME: immich
DB_USER: immich DB_USER: immich
VOLSYNC_CAPACITY: 1Gi