immich/variables.yml

---

# Name of this instance of immich
instance: immich

immich:

  # Immich version
  version: 1.103.1

  postgres:
    database: '[[ .instance ]]'
    user: '{{ with secret "[[ .vault.root ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}'
    password: '{{ with secret "[[ .vault.root ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}'

  # API server settings
  server:

    # Docker image to use
    image: ghcr.io/immich-app/immich-server:v[[ .immich.version ]]

    # Additional env to set ni the container
    env:
      NODE_OPTIONS: --max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}

    vault:
      policies:
        - '[[ .instance ]][[ .consul.suffix ]]'

    # Resource allocation
    resources:
      cpu: 300
      memory: 320
      memory_max: 512

    # Wait for services to be ready before starting
    wait_for:
      - service: master.postgres[[ .consul.suffix ]]
      - service: '[[ .instance ]]-ml[[ .consul.suffix ]]'

    consul:
      connect:
        # Connect to some services through the mesh
        upstreams:
          - destination_name: '[[ .instance ]]-ml[[ .consul.suffix ]]'
            local_bind_port: 3003
            config:
              protocol: http
          - destination_name: postgres[[ .consul.suffix ]]
            local_bind_port: 5432

    # The URL where Immich will be exposed to users
    public_url: https://immich.example.org

    # Controls how Traefik will expose the service
    traefik:

      # Immich needs a specific CSP
      csp:
        connect-src: "'self' https://maputnik.github.io https://*.cofractal.com https://fonts.openmaptiles.org"
        img-src: "'self' data: blob:"
        worker-src: "'self' blob:"

      middlewares:
        rate-limit: false

    # Use distinct Traefik settings for /share. This can be used for example to restrict the main app to trusted IP but allow /share from anywhere
    share:
      traefik:
        rule: 'Host(`[[ (urlParse .immich.server.public_url).Hostname ]]`) && PathRegexp(`^[[ (urlParse .immich.server.public_url).Path ]]/(share/|_app/immutable/|custom\\.css|api/(asset|server-info)/.*)`)'
        router: share

    # Volumes used for data storage
    volumes:
      data:
        type: csi
        source: '[[ .instance ]]-data'
        access_mode: multi-node-multi-writer

  # The microservices do the bulk of media handling (thumbnails etc.)
  microservices:

    # Docker image to use
    image: ghcr.io/immich-app/immich-server:v[[ .immich.version ]]

    # Env vars to set in the container
    env:
      NODE_OPTIONS: --max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}

    vault:
      policies:
        - '[[ .instance ]][[ .consul.suffix ]]'

    # Resource allocation
    resources:
      cpu: 500
      memory: 768
      memory_max: 1200

  # The machine learning
  machine_learning:

    # Machine learning is optional, and can be disabled
    enabled: true

    # The Docker image to use
    image: ghcr.io/immich-app/immich-machine-learning:v[[ .immich.version ]]

    # Environment var to set in the container
    env: {}

    # Resource allocation
    resources:
      cpu: 1024
      memory: 1024
      memory_max: 1536

    volumes:
      # Volume used for models cache
      ml:
        type: csi
        source: '[[ .instance ]]-ml'
        access_mode: multi-node-multi-writer

  # Redis task will use a common template
  # We just set custom resources allocation
  redis:
    resources:
      cpu: 20
      memory: 64
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`---`

Cleanup 2023-12-21 22:37:48 +01:00			`# Name of this instance of immich`
			`instance: immich`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Cleanup 2023-12-21 22:37:48 +01:00			`immich:`
Immich working now 2023-11-27 23:07:31 +01:00
			`# Immich version`
Update to 1.103.1 2024-04-29 22:37:23 +02:00			`version: 1.103.1`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Support pgbouncer 2024-01-09 11:32:44 +01:00			`postgres:`
			`database: '[[ .instance ]]'`
Cleanup 2024-01-31 13:50:03 +01:00			`user: '{{ with secret "[[ .vault.root ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}'`
			`password: '{{ with secret "[[ .vault.root ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}'`
Support pgbouncer 2024-01-09 11:32:44 +01:00
Immich working now 2023-11-27 23:07:31 +01:00			`# API server settings`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`server:`
Immich working now 2023-11-27 23:07:31 +01:00
			`# Docker image to use`
Update to 1.94.1 2024-01-31 21:50:30 +01:00			`image: ghcr.io/immich-app/immich-server:v[[ .immich.version ]]`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Immich working now 2023-11-27 23:07:31 +01:00			`# Additional env to set ni the container`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`env:`
Update to 1.90.2 and adjust some resources allocation 2023-12-09 23:18:10 +01:00			`NODE_OPTIONS: --max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Support pgbouncer 2024-01-09 11:32:44 +01:00			`vault:`
			`policies:`
			`- '[[ .instance ]][[ .consul.suffix ]]'`

Immich working now 2023-11-27 23:07:31 +01:00			`# Resource allocation`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`resources:`
Immich working now 2023-11-27 23:07:31 +01:00			`cpu: 300`
			`memory: 320`
Update to 1.90.2 and adjust some resources allocation 2023-12-09 23:18:10 +01:00			`memory_max: 512`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Immich working now 2023-11-27 23:07:31 +01:00			`# Wait for services to be ready before starting`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`wait_for:`
Immich working now 2023-11-27 23:07:31 +01:00			`- service: master.postgres[[ .consul.suffix ]]`
Cleanup 2023-12-21 22:37:48 +01:00			`- service: '[[ .instance ]]-ml[[ .consul.suffix ]]'`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
			`consul:`
			`connect:`
Immich working now 2023-11-27 23:07:31 +01:00			`# Connect to some services through the mesh`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`upstreams:`
Cleanup 2023-12-21 22:37:48 +01:00			`- destination_name: '[[ .instance ]]-ml[[ .consul.suffix ]]'`
Immich working now 2023-11-27 23:07:31 +01:00			`local_bind_port: 3003`
Update rendered example 2024-02-12 13:35:25 +01:00			`config:`
			`protocol: http`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`- destination_name: postgres[[ .consul.suffix ]]`
			`local_bind_port: 5432`

Immich working now 2023-11-27 23:07:31 +01:00			`# The URL where Immich will be exposed to users`
			`public_url: https://immich.example.org`

			`# Controls how Traefik will expose the service`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`traefik:`

Immich working now 2023-11-27 23:07:31 +01:00			`# Immich needs a specific CSP`
			`csp:`
			`connect-src: "'self' https://maputnik.github.io https://*.cofractal.com https://fonts.openmaptiles.org"`
Fix CSP to load images 2024-01-31 23:27:14 +01:00			`img-src: "'self' data: blob:"`
Update to 1.103.1 2024-04-29 22:37:23 +02:00			`worker-src: "'self' blob:"`
Immich working now 2023-11-27 23:07:31 +01:00
Use traefik_tags template 2024-01-28 23:17:47 +01:00			`middlewares:`
			`rate-limit: false`
Immich working now 2023-11-27 23:07:31 +01:00
			`# Use distinct Traefik settings for /share. This can be used for example to restrict the main app to trusted IP but allow /share from anywhere`
			`share:`
			`traefik:`
Fix share router name 2024-02-26 22:32:57 +01:00			rule: 'Host(`[[ (urlParse .immich.server.public_url).Hostname ]]`) && PathRegexp(`^[[ (urlParse .immich.server.public_url).Path ]]/(share/\|_app/immutable/\|custom\\.css\|api/(asset\|server-info)/.*)`)'
Cleanup 2024-01-31 13:50:03 +01:00			`router: share`
Immich working now 2023-11-27 23:07:31 +01:00
Update to 1.91.0 And remove typesense 2023-12-15 22:00:56 +01:00			`# Volumes used for data storage`
			`volumes:`
			`data:`
			`type: csi`
Cleanup 2023-12-21 22:37:48 +01:00			`source: '[[ .instance ]]-data'`
Mark data volume as multi-node-multi-writer 2024-01-14 23:02:45 +01:00			`access_mode: multi-node-multi-writer`
Update to 1.91.0 And remove typesense 2023-12-15 22:00:56 +01:00
Immich working now 2023-11-27 23:07:31 +01:00			`# The microservices do the bulk of media handling (thumbnails etc.)`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`microservices:`

Immich working now 2023-11-27 23:07:31 +01:00			`# Docker image to use`
Update to 1.94.1 2024-01-31 21:50:30 +01:00			`image: ghcr.io/immich-app/immich-server:v[[ .immich.version ]]`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Immich working now 2023-11-27 23:07:31 +01:00			`# Env vars to set in the container`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`env:`
Update to 1.90.2 and adjust some resources allocation 2023-12-09 23:18:10 +01:00			`NODE_OPTIONS: --max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Support pgbouncer 2024-01-09 11:32:44 +01:00			`vault:`
			`policies:`
			`- '[[ .instance ]][[ .consul.suffix ]]'`

Immich working now 2023-11-27 23:07:31 +01:00			`# Resource allocation`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`resources:`
Immich working now 2023-11-27 23:07:31 +01:00			`cpu: 500`
Update resources allocation and rendered example 2024-02-11 22:48:56 +01:00			`memory: 768`
			`memory_max: 1200`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Immich working now 2023-11-27 23:07:31 +01:00			`# The machine learning`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`machine_learning:`

Immich working now 2023-11-27 23:07:31 +01:00			`# Machine learning is optional, and can be disabled`
			`enabled: true`

			`# The Docker image to use`
Update to 1.94.1 2024-01-31 21:50:30 +01:00			`image: ghcr.io/immich-app/immich-machine-learning:v[[ .immich.version ]]`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Immich working now 2023-11-27 23:07:31 +01:00			`# Environment var to set in the container`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`env: {}`

Immich working now 2023-11-27 23:07:31 +01:00			`# Resource allocation`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00			`resources:`
Immich working now 2023-11-27 23:07:31 +01:00			`cpu: 1024`
Update resources allocation and rendered example 2024-02-11 22:48:56 +01:00			`memory: 1024`
			`memory_max: 1536`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
Update to 1.91.0 And remove typesense 2023-12-15 22:00:56 +01:00			`volumes:`
			`# Volume used for models cache`
			`ml:`
			`type: csi`
Cleanup 2023-12-21 22:37:48 +01:00			`source: '[[ .instance ]]-ml'`
immich-ml volume is multi-node-multi-writer 2024-05-04 09:07:06 +02:00			`access_mode: multi-node-multi-writer`
Start working on immich (still WIP) 2023-11-25 22:04:47 +01:00
More mem for typesense and redis 2023-11-30 20:45:32 +01:00			`# Redis task will use a common template`
			`# We just set custom resources allocation`
			`redis:`
			`resources:`
			`cpu: 20`
			`memory: 64`