244 lines
6.6 KiB
YAML
244 lines
6.6 KiB
YAML
immich:
|
|
controllers:
|
|
main:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: ghcr.io/immich-app/immich-server
|
|
tag: v2.4.1
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: TZ
|
|
value: US/Central
|
|
- name: IMMICH_TELEMETRY_INCLUDE
|
|
value: all
|
|
- name: IMMICH_CONFIG_FILE
|
|
value: /config/immich.json
|
|
- name: REDIS_HOSTNAME
|
|
value: redis-replication-immich-master
|
|
- name: DB_VECTOR_EXTENSION
|
|
value: vectorchord
|
|
- name: DB_HOSTNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: immich-postgresql-18-cluster-app
|
|
key: host
|
|
- name: DB_DATABASE_NAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: immich-postgresql-18-cluster-app
|
|
key: dbname
|
|
- name: DB_PORT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: immich-postgresql-18-cluster-app
|
|
key: port
|
|
- name: DB_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: immich-postgresql-18-cluster-app
|
|
key: user
|
|
- name: DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: immich-postgresql-18-cluster-app
|
|
key: password
|
|
probes:
|
|
liveness:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
httpGet:
|
|
path: /api/server/ping
|
|
port: 2283
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
readiness:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
httpGet:
|
|
path: /api/server/ping
|
|
port: 2283
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
startup:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
httpGet:
|
|
path: /api/server/ping
|
|
port: 2283
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 1
|
|
failureThreshold: 30
|
|
resources:
|
|
limits:
|
|
gpu.intel.com/i915: 1
|
|
requests:
|
|
gpu.intel.com/i915: 1
|
|
cpu: 10m
|
|
memory: 512Mi
|
|
service:
|
|
main:
|
|
controller: main
|
|
ports:
|
|
http:
|
|
port: 2283
|
|
targetPort: 2283
|
|
protocol: TCP
|
|
metrics-api:
|
|
port: 8081
|
|
targetPort: 8081
|
|
protocol: TCP
|
|
metrics-ms:
|
|
port: 8082
|
|
targetPort: 8082
|
|
protocol: TCP
|
|
serviceMonitor:
|
|
main:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: immich
|
|
app.kubernetes.io/instance: immich
|
|
serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}'
|
|
endpoints:
|
|
- port: metrics-api
|
|
interval: 3m
|
|
scrapeTimeout: 1m
|
|
path: /metrics
|
|
- port: metrics-ms
|
|
interval: 3m
|
|
scrapeTimeout: 1m
|
|
path: /metrics
|
|
route:
|
|
main:
|
|
kind: HTTPRoute
|
|
parentRefs:
|
|
- group: gateway.networking.k8s.io
|
|
kind: Gateway
|
|
name: traefik-gateway
|
|
namespace: traefik
|
|
hostnames:
|
|
- immich.alexlebens.net
|
|
rules:
|
|
- backendRefs:
|
|
- group: ''
|
|
kind: Service
|
|
name: immich
|
|
port: 2283
|
|
weight: 100
|
|
matches:
|
|
- path:
|
|
type: PathPrefix
|
|
value: /
|
|
persistence:
|
|
config:
|
|
enabled: true
|
|
type: secret
|
|
name: immich-config-secret
|
|
advancedMounts:
|
|
main:
|
|
main:
|
|
- path: /config/immich.json
|
|
readOnly: true
|
|
mountPropagation: None
|
|
subPath: immich.json
|
|
data:
|
|
forceRename: immich
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 50Gi
|
|
retain: true
|
|
advancedMounts:
|
|
main:
|
|
main:
|
|
- path: /usr/src/app/upload
|
|
readOnly: false
|
|
postgres-18-cluster:
|
|
mode: recovery
|
|
cluster:
|
|
image:
|
|
repository: ghcr.io/tensorchord/cloudnative-vectorchord
|
|
tag: 18.0-0.5.3
|
|
postgresql:
|
|
parameters:
|
|
shared_buffers: 256MB
|
|
shared_preload_libraries:
|
|
- "vchord.so"
|
|
initdb:
|
|
postInitSQL:
|
|
- CREATE EXTENSION IF NOT EXISTS "vector";
|
|
- CREATE EXTENSION IF NOT EXISTS "vchord" CASCADE;
|
|
- CREATE EXTENSION IF NOT EXISTS "cube" CASCADE;
|
|
- CREATE EXTENSION IF NOT EXISTS "earthdistance" CASCADE;
|
|
recovery:
|
|
method: objectStore
|
|
objectStore:
|
|
index: 1
|
|
backup:
|
|
objectStore:
|
|
- name: garage-local
|
|
index: 1
|
|
destinationBucket: postgres-backups
|
|
externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
|
isWALArchiver: true
|
|
# - name: garage-remote
|
|
# index: 1
|
|
# destinationBucket: postgres-backups
|
|
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
|
# retentionPolicy: "90d"
|
|
# data:
|
|
# compression: bzip2
|
|
# - name: external
|
|
# index: 1
|
|
# endpointURL: https://nyc3.digitaloceanspaces.com
|
|
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
|
|
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
|
# isWALArchiver: false
|
|
scheduledBackups:
|
|
- name: live-backup
|
|
suspend: false
|
|
immediate: true
|
|
schedule: "0 0 0 * * *"
|
|
backupName: garage-local
|
|
# - name: weekly-backup
|
|
# suspend: true
|
|
# immediate: true
|
|
# schedule: "0 0 4 * * SAT"
|
|
# backupName: garage-remote
|
|
# - name: daily-backup
|
|
# suspend: true
|
|
# immediate: true
|
|
# schedule: "0 0 0 * * *"
|
|
# backupName: external
|
|
|
|
redis-replication:
|
|
existingSecret:
|
|
enabled: false
|
|
redisReplication:
|
|
clusterSize: 3
|
|
redisSentinel:
|
|
enabled: true
|
|
clusterSize: 3
|
|
volsync-target-data:
|
|
pvcTarget: immich
|
|
local:
|
|
restic:
|
|
cacheCapacity: 10Gi
|
|
remote:
|
|
restic:
|
|
cacheCapacity: 10Gi
|
|
external:
|
|
restic:
|
|
cacheCapacity: 10Gi
|