2023-11-25 22:04:47 +01:00
|
|
|
---
|
|
|
|
|
2023-12-21 22:37:48 +01:00
|
|
|
# Name of this instance of immich
|
|
|
|
instance: immich
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-12-21 22:37:48 +01:00
|
|
|
immich:
|
2023-11-27 23:07:31 +01:00
|
|
|
|
|
|
|
# Immich version
|
2024-05-15 00:10:55 +02:00
|
|
|
version: 1.105.1
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2024-01-09 11:32:44 +01:00
|
|
|
postgres:
|
|
|
|
database: '[[ .instance ]]'
|
2024-01-31 13:50:03 +01:00
|
|
|
user: '{{ with secret "[[ .vault.root ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}'
|
|
|
|
password: '{{ with secret "[[ .vault.root ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}'
|
2024-05-15 00:10:55 +02:00
|
|
|
pooler:
|
|
|
|
mode: session
|
2024-01-09 11:32:44 +01:00
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# API server settings
|
2023-11-25 22:04:47 +01:00
|
|
|
server:
|
2023-11-27 23:07:31 +01:00
|
|
|
|
|
|
|
# Docker image to use
|
2024-01-31 21:50:30 +01:00
|
|
|
image: ghcr.io/immich-app/immich-server:v[[ .immich.version ]]
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Additional env to set ni the container
|
2023-11-25 22:04:47 +01:00
|
|
|
env:
|
2023-12-09 23:18:10 +01:00
|
|
|
NODE_OPTIONS: --max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2024-01-09 11:32:44 +01:00
|
|
|
vault:
|
|
|
|
policies:
|
|
|
|
- '[[ .instance ]][[ .consul.suffix ]]'
|
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Resource allocation
|
2023-11-25 22:04:47 +01:00
|
|
|
resources:
|
2023-11-27 23:07:31 +01:00
|
|
|
cpu: 300
|
|
|
|
memory: 320
|
2023-12-09 23:18:10 +01:00
|
|
|
memory_max: 512
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Wait for services to be ready before starting
|
2023-11-25 22:04:47 +01:00
|
|
|
wait_for:
|
2023-11-27 23:07:31 +01:00
|
|
|
- service: master.postgres[[ .consul.suffix ]]
|
2023-12-21 22:37:48 +01:00
|
|
|
- service: '[[ .instance ]]-ml[[ .consul.suffix ]]'
|
2023-11-25 22:04:47 +01:00
|
|
|
|
|
|
|
consul:
|
|
|
|
connect:
|
2023-11-27 23:07:31 +01:00
|
|
|
# Connect to some services through the mesh
|
2023-11-25 22:04:47 +01:00
|
|
|
upstreams:
|
2023-12-21 22:37:48 +01:00
|
|
|
- destination_name: '[[ .instance ]]-ml[[ .consul.suffix ]]'
|
2023-11-27 23:07:31 +01:00
|
|
|
local_bind_port: 3003
|
2024-02-12 13:35:25 +01:00
|
|
|
config:
|
|
|
|
protocol: http
|
2023-11-25 22:04:47 +01:00
|
|
|
- destination_name: postgres[[ .consul.suffix ]]
|
|
|
|
local_bind_port: 5432
|
2024-05-13 21:48:15 +02:00
|
|
|
- destination_name: '[[ .mail.smtp_service_name ]]'
|
|
|
|
local_bind_port: 25
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# The URL where Immich will be exposed to users
|
|
|
|
public_url: https://immich.example.org
|
|
|
|
|
|
|
|
# Controls how Traefik will expose the service
|
2023-11-25 22:04:47 +01:00
|
|
|
traefik:
|
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Immich needs a specific CSP
|
|
|
|
csp:
|
|
|
|
connect-src: "'self' https://maputnik.github.io https://*.cofractal.com https://fonts.openmaptiles.org"
|
2024-01-31 23:27:14 +01:00
|
|
|
img-src: "'self' data: blob:"
|
2024-04-29 22:37:23 +02:00
|
|
|
worker-src: "'self' blob:"
|
2023-11-27 23:07:31 +01:00
|
|
|
|
2024-01-28 23:17:47 +01:00
|
|
|
middlewares:
|
|
|
|
rate-limit: false
|
2023-11-27 23:07:31 +01:00
|
|
|
|
|
|
|
# Use distinct Traefik settings for /share. This can be used for example to restrict the main app to trusted IP but allow /share from anywhere
|
|
|
|
share:
|
|
|
|
traefik:
|
2024-02-26 22:32:57 +01:00
|
|
|
rule: 'Host(`[[ (urlParse .immich.server.public_url).Hostname ]]`) && PathRegexp(`^[[ (urlParse .immich.server.public_url).Path ]]/(share/|_app/immutable/|custom\\.css|api/(asset|server-info)/.*)`)'
|
2024-01-31 13:50:03 +01:00
|
|
|
router: share
|
2023-11-27 23:07:31 +01:00
|
|
|
|
2023-12-15 22:00:56 +01:00
|
|
|
# Volumes used for data storage
|
|
|
|
volumes:
|
|
|
|
data:
|
|
|
|
type: csi
|
2023-12-21 22:37:48 +01:00
|
|
|
source: '[[ .instance ]]-data'
|
2024-01-14 23:02:45 +01:00
|
|
|
access_mode: multi-node-multi-writer
|
2023-12-15 22:00:56 +01:00
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# The microservices do the bulk of media handling (thumbnails etc.)
|
2023-11-25 22:04:47 +01:00
|
|
|
microservices:
|
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Docker image to use
|
2024-01-31 21:50:30 +01:00
|
|
|
image: ghcr.io/immich-app/immich-server:v[[ .immich.version ]]
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Env vars to set in the container
|
2023-11-25 22:04:47 +01:00
|
|
|
env:
|
2023-12-09 23:18:10 +01:00
|
|
|
NODE_OPTIONS: --max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2024-01-09 11:32:44 +01:00
|
|
|
vault:
|
|
|
|
policies:
|
|
|
|
- '[[ .instance ]][[ .consul.suffix ]]'
|
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Resource allocation
|
2023-11-25 22:04:47 +01:00
|
|
|
resources:
|
2023-11-27 23:07:31 +01:00
|
|
|
cpu: 500
|
2024-02-11 22:48:56 +01:00
|
|
|
memory: 768
|
|
|
|
memory_max: 1200
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# The machine learning
|
2023-11-25 22:04:47 +01:00
|
|
|
machine_learning:
|
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Machine learning is optional, and can be disabled
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
# The Docker image to use
|
2024-01-31 21:50:30 +01:00
|
|
|
image: ghcr.io/immich-app/immich-machine-learning:v[[ .immich.version ]]
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Environment var to set in the container
|
2023-11-25 22:04:47 +01:00
|
|
|
env: {}
|
|
|
|
|
2023-11-27 23:07:31 +01:00
|
|
|
# Resource allocation
|
2023-11-25 22:04:47 +01:00
|
|
|
resources:
|
2023-11-27 23:07:31 +01:00
|
|
|
cpu: 1024
|
2024-05-13 22:06:39 +02:00
|
|
|
memory: 512
|
2024-02-11 22:48:56 +01:00
|
|
|
memory_max: 1536
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-12-15 22:00:56 +01:00
|
|
|
volumes:
|
|
|
|
# Volume used for models cache
|
|
|
|
ml:
|
|
|
|
type: csi
|
2023-12-21 22:37:48 +01:00
|
|
|
source: '[[ .instance ]]-ml'
|
2024-05-04 09:07:06 +02:00
|
|
|
access_mode: multi-node-multi-writer
|
2023-11-25 22:04:47 +01:00
|
|
|
|
2023-11-30 20:45:32 +01:00
|
|
|
# Redis task will use a common template
|
|
|
|
# We just set custom resources allocation
|
|
|
|
redis:
|
|
|
|
resources:
|
|
|
|
cpu: 20
|
|
|
|
memory: 64
|
|
|
|
|