job "[[ .instance ]]" { [[ $c := merge .immich . ]] [[ template "common/job_start" $c ]] [[ $c := merge .immich.server .immich . -]] group "immich" { network { mode = "bridge" } [[ template "common/volumes" $c ]] service { name = "[[ .instance ]][[ .consul.suffix ]]" port = 3001 [[ template "common/connect" $c ]] check { type = "http" path = "/api/server-info/ping" expose = true [[ template "common/check_settings" $c ]] check_restart { limit = 10 grace = "300s" } } tags = [ [[ template "common/traefik_tags" $c ]] [[- $s := merge $c.share $c ]] [[ template "common/traefik_tags" $s ]] ] } [[ template "common/task.wait_for" $c ]] [[ template "common/task.pgpooler" $c ]] # The main immich API server task "server" { driver = "[[ $c.nomad.driver ]]" leader = true # Run as an unprivileged user user = 3001 config { image = "[[ $c.image ]]" readonly_rootfs = true command = "start.sh" args = ["immich"] pids_limit = 100 } [[ template "common/vault.policies" $c ]] env { REDIS_HOSTNAME = "127.0.0.1" IMMICH_MEDIA_LOCATION = "/data" } [[ template "common/file_env" $c ]] template { data =<<_EOT DB_URL=postgres:// [[- if ne $c.postgres.pooler.engine "none" -]] [[ .instance ]]:{{ env "NOMAD_ALLOC_ID" }}@127.0.0.1:[[ $c.postgres.pooler.port ]]/[[ $c.postgres.database ]] [[- else -]] [[ $c.postgres.user ]]:[[ $c.postgres.password ]]@[[ $c.postgres.host ]]:[[ $c.postgres.port ]]/[[ $c.postgres.database ]] [[- end ]] _EOT destination = "secrets/.db.env" perms = 400 env = true } volume_mount { volume = "data" destination = "/data" } [[ template "common/resources" $c ]] } [[ $c := merge .immich.microservices .immich . ]] # microservices is tha task worker, doing all the processing async task "microservices" { driver = "[[ $c.nomad.driver ]]" # Run as an unpriviliged user user = 3001 config { image = "[[ $c.image ]]" readonly_rootfs = true command = "start.sh" args = ["microservices"] pids_limit = 100 } [[ template "common/vault.policies" $c ]] env { REDIS_HOSTNAME = "127.0.0.1" IMMICH_MEDIA_LOCATION = "/data" } [[ template "common/file_env" $c ]] template { data =<<_EOT DB_URL=postgres:// [[- if ne $c.postgres.pooler.engine "none" -]] [[ .instance ]]:{{ env "NOMAD_ALLOC_ID" }}@127.0.0.1:6432/[[ $c.postgres.database ]] [[- else -]] [[ $c.postgres.user ]]:[[ $c.postgres.password ]]@[[ $c.postgres.host ]]:[[ $c.postgres.port ]]/[[ $c.postgres.database ]] [[- end ]] _EOT destination = "secrets/.db.env" perms = 400 env = true } volume_mount { volume = "data" destination = "/data" } [[ template "common/resources" $c ]] } [[ template "common/task.redis" $c ]] } [[- if .immich.machine_learning.enabled ]] [[- $c := merge .immich.machine_learning .immich . ]] # Used for face recognition, tags etc. group "machine-learning" { network { mode = "bridge" } [[ template "common/volumes" $c ]] service { name = "[[ .instance ]]-ml[[ .consul.suffix ]]" port = 3003 [[ template "common/connect" $c ]] } [[ $c := merge .immich.machine_learning .immich . ]] task "machine-learning" { driver = "[[ $c.nomad.driver ]]" user = 3001 config { image = "[[ $c.image ]]" readonly_rootfs = true pids_limit = 200 } env { TMPDIR = "/local" MPLCONFIGDIR = "/local" MACHINE_LEARNING_HOST = "127.0.0.1" } [[ template "common/file_env" $c ]] volume_mount { volume = "ml" destination = "/cache" } [[ template "common/resources" $c ]] } } [[- end ]] }