Added mail notifications on failure. Needs more work on lib.nix and the services/*.nix.

2026-02-23 16:36:40 +01:00
parent f445bd8659
commit 944ffcea85
14 changed files with 460 additions and 147 deletions
@@ -3,26 +3,39 @@
 with lib;

 let
+  # Version tagging
  immichVersion = "v2.5.6";
  redisVersion = "9@sha256:546304417feac0874c3dd576e0952c6bb8f06bb4093ea0c9ca303c73cf458f63";
  databaseVersion = "14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23";
+  # Helper
  helper = import ./lib.nix { inherit config pkgs lib; };
-  cfg = config.numbus.services.immich;
+  cfg = config.numbus.services.${name};
+  # Container configuration
+  name = "immich";
 in

 helper.mkPodmanService {
  description = "Immich, Google Photos but better";
-  name = "immich";
+  inherit name;
  pod = "immich";
  defaultPort = "2283";
-  useSopsSecrets = true;
-
-  extraConfig = {
-    numbus.services.immich.secretMapping = {
-      DB_PASSWORD = "db_password";
-      DB_USERNAME = "db_username"; # Assuming you add this to schema
-    };
+  generatedSecrets = {
+    DB_NAME = "xkcdpass -n 2 -d -";
+    DB_USERNAME = "xkcdpass -n 2 -d -";
+    DB_PASSWORD = "xkcdpass -n 8 -d -";
  };
+  importedSecrets = {
+    DOMAIN_NAME = "${config.numbus.services.domain}";
+    REDIS_HOSTNAME = "immich-redis";
+    DB_HOSTNAME = "immich-database";
+    UPLOAD_LOCATION = "${cfg.dataDir}"; 
+    DB_DATA_LOCATION = "${cfg.configDir}/database";
+    TZ = "${time.timeZone}";
+  };
+  dirPermissions = [
+    "100999:users ${cfg.dataDir}"
+    "100999:users ${cfg.configDir}"
+  ];

 # Compose file good
  composeText = ''
@@ -37,7 +50,7 @@ helper.mkPodmanService {
        ports:
          - "${cfg.port}:2283/tcp"
        volumes:
-          - $UPLOAD_LOCATION:/data
+          - ${cfg.dataDir}:/data
          - /etc/localtime:/etc/localtime:ro
        env_file:
          - .env
@@ -85,16 +98,16 @@ helper.mkPodmanService {
        container_name: immich-database
        hostname: immich-database
        image: ghcr.io/immich-app/postgres:${databaseVersion}
-        user: '999:999'
+        user: '1000:1000'
        networks:
          immich:
        environment:
          POSTGRES_PASSWORD: $DB_PASSWORD
          POSTGRES_USER: $DB_USERNAME
-          POSTGRES_DB: $DB_DATABASE_NAME
+          POSTGRES_DB: $DB_NAME
          POSTGRES_INITDB_ARGS: '--data-checksums'
        volumes:
-          - $DB_DATA_LOCATION:/var/lib/postgresql/data
+          - ${cfg.configDir}/database:/var/lib/postgresql/data
        shm_size: 128mb
        healthcheck:
          disable: false