nomad
/
immich
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
immich/immich.nomad.hcl

189 lines
4.2 KiB
HCL
Raw Permalink Blame History

job "[[ .instance ]]" {
[[ $c := merge .immich . ]]
[[ template "common/job_start" $c ]]
[[ $c := merge .immich.server .immich . -]]
group "immich" {
network {
mode = "bridge"
}
[[ template "common/volumes" $c ]]
service {
name = "[[ .instance ]][[ .consul.suffix ]]"
port = 3001
[[ template "common/connect" $c ]]
check {
type = "http"
path = "/api/server-info/ping"
expose = true
interval = "[[ $c.consul.check.interval ]]"
timeout = "[[ $c.consul.check.timeout ]]"
check_restart {
limit = 10
grace = "300s"
}
}
tags = [
[[ template "common/traefik_tags" $c ]]
[[- $s := merge $c.share $c ]]
[[ template "common/traefik_tags" $s ]]
]
}
[[ template "common/task.wait_for" $c ]]
[[ template "common/task.pgpooler" $c ]]
# The main immich API server
task "server" {
driver = "[[ $c.nomad.driver ]]"
leader = true
# Run as an unprivileged user
user = 3001
config {
image = "[[ $c.image ]]"
readonly_rootfs = true
command = "start.sh"
args = ["immich"]
pids_limit = 100
}
[[ template "common/vault.policies" $c ]]
env {
REDIS_HOSTNAME = "127.0.0.1"
IMMICH_MEDIA_LOCATION = "/data"
}
[[ template "common/file_env" $c ]]
template {
data =<<_EOT
DB_URL=postgres://
[[- if ne $c.postgres.pooler.engine "none" -]]
[[ .instance ]]:{{ env "NOMAD_ALLOC_ID" }}@127.0.0.1:[[ $c.postgres.pooler.port ]]/[[ $c.postgres.database ]]
[[- else -]]
[[ $c.postgres.user ]]:[[ $c.postgres.password ]]@[[ $c.postgres.host ]]:[[ $c.postgres.port ]]/[[ $c.postgres.database ]]
[[- end ]]
_EOT
destination = "secrets/.db.env"
perms = 400
env = true
}
volume_mount {
volume = "data"
destination = "/data"
}
[[ template "common/resources" $c ]]
}
[[ $c := merge .immich.microservices .immich . ]]
# microservices is tha task worker, doing all the processing async
task "microservices" {
driver = "[[ $c.nomad.driver ]]"
# Run as an unpriviliged user
user = 3001
config {
image = "[[ $c.image ]]"
readonly_rootfs = true
command = "start.sh"
args = ["microservices"]
pids_limit = 100
}
[[ template "common/vault.policies" $c ]]
env {
REDIS_HOSTNAME = "127.0.0.1"
IMMICH_MEDIA_LOCATION = "/data"
}
[[ template "common/file_env" $c ]]
template {
data =<<_EOT
DB_URL=postgres://
[[- if ne $c.postgres.pooler.engine "none" -]]
[[ .instance ]]:{{ env "NOMAD_ALLOC_ID" }}@127.0.0.1:6432/[[ $c.postgres.database ]]
[[- else -]]
[[ $c.postgres.user ]]:[[ $c.postgres.password ]]@[[ $c.postgres.host ]]:[[ $c.postgres.port ]]/[[ $c.postgres.database ]]
[[- end ]]
_EOT
destination = "secrets/.db.env"
perms = 400
env = true
}
volume_mount {
volume = "data"
destination = "/data"
}
[[ template "common/resources" $c ]]
}
[[ template "common/task.redis" $c ]]
}
[[- if .immich.machine_learning.enabled ]]
[[- $c := merge .immich.machine_learning .immich . ]]
# Used for face recognition, tags etc.
group "machine-learning" {
network {
mode = "bridge"
}
[[ template "common/volumes" $c ]]
service {
name = "[[ .instance ]]-ml[[ .consul.suffix ]]"
port = 3003
[[ template "common/connect" $c ]]
}
[[ $c := merge .immich.machine_learning .immich . ]]
task "machine-learning" {
driver = "[[ $c.nomad.driver ]]"
user = 3001
config {
image = "[[ $c.image ]]"
readonly_rootfs = true
pids_limit = 200
}
env {
TMPDIR = "/local"
MPLCONFIGDIR = "/local"
MACHINE_LEARNING_HOST = "127.0.0.1"
}
[[ template "common/file_env" $c ]]
volume_mount {
volume = "ml"
destination = "/cache"
}
[[ template "common/resources" $c ]]
}
}
[[- end ]]
}
Reference in New Issue View Git Blame Copy Permalink