Support pgbouncer
This commit is contained in:
parent
0229b0b253
commit
057d8ec06d
|
@ -76,7 +76,6 @@ job "immich" {
|
|||
]
|
||||
}
|
||||
|
||||
# Wait for external services to be ready before continuing
|
||||
# wait for required services tp be ready before starting the main task
|
||||
task "wait-for" {
|
||||
|
||||
|
@ -107,6 +106,7 @@ job "immich" {
|
|||
|
||||
|
||||
|
||||
|
||||
# The main immich API server
|
||||
task "server" {
|
||||
driver = "docker"
|
||||
|
@ -122,12 +122,14 @@ job "immich" {
|
|||
pids_limit = 100
|
||||
}
|
||||
|
||||
|
||||
vault {
|
||||
policies = ["immich"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
|
||||
|
||||
env {
|
||||
REDIS_HOSTNAME = "127.0.0.1"
|
||||
IMMICH_MEDIA_LOCATION = "/data"
|
||||
|
@ -137,7 +139,6 @@ job "immich" {
|
|||
# Use a template block instead of env {} so we can fetch values from vault
|
||||
template {
|
||||
data = <<_EOT
|
||||
DB_URL={{ with secret "database/creds/immich" }}postgres://{{ .Data.username }}:{{ urlquery .Data.password }}@localhost:5432/immich{{ end }}
|
||||
LANG=fr_FR.utf8
|
||||
NODE_OPTIONS=--max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}
|
||||
TZ=Europe/Paris
|
||||
|
@ -148,6 +149,15 @@ _EOT
|
|||
}
|
||||
|
||||
|
||||
template {
|
||||
data = <<_EOT
|
||||
DB_URL=postgres://{{ with secret "database/creds/immich" }}{{ .Data.username }}{{ end }}:{{ with secret "database/creds/immich" }}{{ .Data.password }}{{ end }}@127.0.0.1:5432/immich
|
||||
_EOT
|
||||
destination = "secrets/.db.env"
|
||||
perms = 400
|
||||
env = true
|
||||
}
|
||||
|
||||
volume_mount {
|
||||
volume = "data"
|
||||
destination = "/data"
|
||||
|
@ -178,12 +188,14 @@ _EOT
|
|||
pids_limit = 100
|
||||
}
|
||||
|
||||
|
||||
vault {
|
||||
policies = ["immich"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
|
||||
|
||||
env {
|
||||
REDIS_HOSTNAME = "127.0.0.1"
|
||||
IMMICH_MEDIA_LOCATION = "/data"
|
||||
|
@ -193,7 +205,6 @@ _EOT
|
|||
# Use a template block instead of env {} so we can fetch values from vault
|
||||
template {
|
||||
data = <<_EOT
|
||||
DB_URL={{ with secret "database/creds/immich" }}postgres://{{ .Data.username }}:{{ urlquery .Data.password }}@localhost:5432/immich{{ end }}
|
||||
LANG=fr_FR.utf8
|
||||
NODE_OPTIONS=--max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}
|
||||
TZ=Europe/Paris
|
||||
|
@ -204,6 +215,15 @@ _EOT
|
|||
}
|
||||
|
||||
|
||||
template {
|
||||
data = <<_EOT
|
||||
DB_URL=postgres://{{ with secret "database/creds/immich" }}{{ .Data.username }}{{ end }}:{{ with secret "database/creds/immich" }}{{ .Data.password }}{{ end }}@127.0.0.1:5432/immich
|
||||
_EOT
|
||||
destination = "secrets/.db.env"
|
||||
perms = 400
|
||||
env = true
|
||||
}
|
||||
|
||||
volume_mount {
|
||||
volume = "data"
|
||||
destination = "/data"
|
||||
|
|
|
@ -4,7 +4,7 @@ job [[ .instance | toJSON ]] {
|
|||
|
||||
[[ template "common/job_start" . ]]
|
||||
|
||||
[[ $c := merge .immich.server . -]]
|
||||
[[ $c := merge .immich.server .immich . -]]
|
||||
|
||||
group "immich" {
|
||||
|
||||
|
@ -44,7 +44,7 @@ job [[ .instance | toJSON ]] {
|
|||
"[[ $c.traefik.instance ]].http.middlewares.[[ .instance ]]-prefix[[ .consul.suffix ]].stripprefix.prefixes=[[ (urlParse .immich.public_url).Path ]]",
|
||||
[[- end ]]
|
||||
|
||||
[[- $s := merge .immich.server.share . ]]
|
||||
[[- $s := merge .immich.server.share .immich.server .immich . ]]
|
||||
# We use a distinct routers for /share so we can apply different middlewares (eg, /share is public while everything else is private)
|
||||
"[[ $s.traefik.instance ]].http.routers.[[ .instance ]]-share[[ .consul.suffix ]].rule=Host(`[[ (urlParse $c.public_url).Hostname ]]`) && PathPrefix(`[[ (urlParse $c.public_url).Path ]]/share/`)",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]]-share[[ .consul.suffix ]].entrypoints=[[ join $c.traefik.entrypoints "," ]]",
|
||||
|
@ -66,10 +66,9 @@ job [[ .instance | toJSON ]] {
|
|||
]
|
||||
}
|
||||
|
||||
# Wait for external services to be ready before continuing
|
||||
[[ template "common/task.wait_for" $c ]]
|
||||
[[ template "common/task.pgbouncer" $c ]]
|
||||
|
||||
[[ $c := merge .immich.server . -]]
|
||||
# The main immich API server
|
||||
task "server" {
|
||||
driver = [[ $c.nomad.driver | toJSON ]]
|
||||
|
@ -85,11 +84,7 @@ job [[ .instance | toJSON ]] {
|
|||
pids_limit = 100
|
||||
}
|
||||
|
||||
vault {
|
||||
policies = ["[[ .instance ]][[ .consul.suffix ]]"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
[[ template "common/vault.policies" $c ]]
|
||||
|
||||
env {
|
||||
REDIS_HOSTNAME = "127.0.0.1"
|
||||
|
@ -98,6 +93,20 @@ job [[ .instance | toJSON ]] {
|
|||
|
||||
[[ template "common/file_env" $c.env ]]
|
||||
|
||||
template {
|
||||
data =<<_EOT
|
||||
DB_URL=postgres://
|
||||
[[- if eq $c.postgres.pooler.engine "pgbouncer" -]]
|
||||
[[ .instance ]]:{{ env "NOMAD_ALLOC_ID" }}@127.0.0.1:6432/[[ $c.postgres.database ]]
|
||||
[[- else -]]
|
||||
[[ $c.postgres.user ]]:[[ $c.postgres.password ]]@[[ $c.postgres.host ]]:[[ $c.postgres.port ]]/[[ $c.postgres.database ]]
|
||||
[[- end ]]
|
||||
_EOT
|
||||
destination = "secrets/.db.env"
|
||||
perms = 400
|
||||
env = true
|
||||
}
|
||||
|
||||
volume_mount {
|
||||
volume = "data"
|
||||
destination = "/data"
|
||||
|
@ -107,7 +116,7 @@ job [[ .instance | toJSON ]] {
|
|||
|
||||
}
|
||||
|
||||
[[ $c := merge .immich.microservices . ]]
|
||||
[[ $c := merge .immich.microservices .immich . ]]
|
||||
|
||||
# microservices is tha task worker, doing all the processing async
|
||||
task "microservices" {
|
||||
|
@ -123,11 +132,7 @@ job [[ .instance | toJSON ]] {
|
|||
pids_limit = 100
|
||||
}
|
||||
|
||||
vault {
|
||||
policies = ["[[ .instance ]][[ .consul.suffix ]]"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
[[ template "common/vault.policies" $c ]]
|
||||
|
||||
env {
|
||||
REDIS_HOSTNAME = "127.0.0.1"
|
||||
|
@ -136,6 +141,20 @@ job [[ .instance | toJSON ]] {
|
|||
|
||||
[[ template "common/file_env" $c.env ]]
|
||||
|
||||
template {
|
||||
data =<<_EOT
|
||||
DB_URL=postgres://
|
||||
[[- if eq $c.postgres.pooler.engine "pgbouncer" -]]
|
||||
[[ .instance ]]:{{ env "NOMAD_ALLOC_ID" }}@127.0.0.1:6432/[[ $c.postgres.database ]]
|
||||
[[- else -]]
|
||||
[[ $c.postgres.user ]]:[[ $c.postgres.password ]]@[[ $c.postgres.host ]]:[[ $c.postgres.port ]]/[[ $c.postgres.database ]]
|
||||
[[- end ]]
|
||||
_EOT
|
||||
destination = "secrets/.db.env"
|
||||
perms = 400
|
||||
env = true
|
||||
}
|
||||
|
||||
volume_mount {
|
||||
volume = "data"
|
||||
destination = "/data"
|
||||
|
@ -149,7 +168,7 @@ job [[ .instance | toJSON ]] {
|
|||
|
||||
[[- if .immich.machine_learning.enabled ]]
|
||||
|
||||
[[- $c := merge .immich.machine_learning . ]]
|
||||
[[- $c := merge .immich.machine_learning .immich . ]]
|
||||
# Used for face recognition, tags etc.
|
||||
group "machine-learning" {
|
||||
|
||||
|
@ -165,7 +184,7 @@ job [[ .instance | toJSON ]] {
|
|||
[[ template "common/connect" $c ]]
|
||||
}
|
||||
|
||||
[[ $c := merge .immich.machine_learning . ]]
|
||||
[[ $c := merge .immich.machine_learning .immich . ]]
|
||||
task "machine-learning" {
|
||||
driver = [[ $c.nomad.driver | toJSON ]]
|
||||
user = 3001
|
||||
|
|
|
@ -8,6 +8,11 @@ immich:
|
|||
# Immich version
|
||||
version: v1.92.1
|
||||
|
||||
postgres:
|
||||
database: '[[ .instance ]]'
|
||||
user: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}'
|
||||
password: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}'
|
||||
|
||||
# API server settings
|
||||
server:
|
||||
|
||||
|
@ -16,9 +21,13 @@ immich:
|
|||
|
||||
# Additional env to set ni the container
|
||||
env:
|
||||
DB_URL: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}postgres://{{ .Data.username }}:{{ urlquery .Data.password }}@localhost:5432/[[ .instance ]]{{ end }}'
|
||||
#DB_URL: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}postgres://{{ .Data.username }}:{{ urlquery .Data.password }}@localhost:5432/[[ .instance ]]{{ end }}'
|
||||
NODE_OPTIONS: --max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}
|
||||
|
||||
vault:
|
||||
policies:
|
||||
- '[[ .instance ]][[ .consul.suffix ]]'
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
cpu: 300
|
||||
|
@ -86,9 +95,13 @@ immich:
|
|||
|
||||
# Env vars to set in the container
|
||||
env:
|
||||
DB_URL: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}postgres://{{ .Data.username }}:{{ urlquery .Data.password }}@localhost:5432/[[ .instance ]]{{ end }}'
|
||||
#DB_URL: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]" }}postgres://{{ .Data.username }}:{{ urlquery .Data.password }}@localhost:5432/[[ .instance ]]{{ end }}'
|
||||
NODE_OPTIONS: --max-old-space-size={{ env "NOMAD_MEMORY_LIMIT" }}
|
||||
|
||||
vault:
|
||||
policies:
|
||||
- '[[ .instance ]][[ .consul.suffix ]]'
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
cpu: 500
|
||||
|
|
Loading…
Reference in New Issue