{ config, pkgs, ... }: let container_name = "immich"; compose_file = "podman/immich/compose.yaml"; config_dir = "/mnt/config/immich"; data_dir = "/mnt/data/immich"; in { config = { environment.etc."${compose_file}".text = /* yaml */ '' services: immich-server: image: ghcr.io/immich-app/immich-server:$IMMICH_VERSION container_name: immich-server networks: immich_frontend: immich_backend: volumes: - $UPLOAD_LOCATION:/data - /etc/localtime:/etc/localtime:ro # --- immich devices --- # labels: - traefik.enable=true - traefik.docker.network=immich_frontend - traefik.http.services.immich.loadbalancer.server.port=2283 - traefik.http.services.immich.loadbalancer.server.scheme=http - traefik.http.routers.immich-https.entrypoints=websecure - traefik.http.routers.immich-https.rule=Host(`immich.$DOMAIN_NAME`) - traefik.http.routers.immich-https.tls=true - traefik.http.routers.immich-https.tls.certresolver=cloudflare env_file: - .env depends_on: - immich-redis - immich-database restart: always healthcheck: disable: false immich-machine-learning: container_name: immich-machine-learning image: ghcr.io/immich-app/immich-machine-learning:$IMMICH_VERSION networks: immich_backend: volumes: - ${config_dir}/models:/cache env_file: - .env restart: always healthcheck: disable: false immich-redis: container_name: immich-redis image: docker.io/valkey/valkey:8-bookworm@sha256:a137a2b60aca1a75130022d6bb96af423fefae4eb55faf395732db3544803280 networks: immich_backend: healthcheck: test: redis-cli ping || exit 1 restart: always immich-database: container_name: immich-database image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:32324a2f41df5de9efe1af166b7008c3f55646f8d0e00d9550c16c9822366b4a networks: immich_backend: shm_size: 128mb volumes: # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file - $DB_DATA_LOCATION:/var/lib/postgresql/data environment: POSTGRES_PASSWORD: $DB_PASSWORD POSTGRES_USER: $DB_USERNAME POSTGRES_DB: $DB_DATABASE_NAME POSTGRES_INITDB_ARGS: '--data-checksums' restart: always healthcheck: disable: false networks: immich_backend: external: true immich_frontend: external: true ''; systemd.services."${container_name}" = { description = "Podman container : ${container_name}"; after = [ "network.target" "traefik.service" "pi-hole.service" ]; requires = [ "traefik.service" ]; wantedBy = [ "multi-user.target" ]; path = [ pkgs.podman pkgs.coreutils ]; serviceConfig = { User = "numbus-admin"; Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ]; Type = "exec"; TimeoutStartSec = "900"; ExecStartPre = [ "${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % 400))'" "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull" ]; ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans"; ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down"; Restart = "on-failure"; RestartSec = "5m"; StartLimitBurst = "3"; }; }; systemd.services."update-${container_name}" = { description = "Update ${container_name} container"; serviceConfig = { Type = "oneshot"; ExecStart = "${pkgs.systemd}/bin/systemctl restart ${container_name}.service"; }; }; systemd.timers."update-${container_name}" = { timerConfig = { OnCalendar = "02:00"; RandomizedDelaySec = "60m"; Unit = "update-${container_name}.service"; }; wantedBy = [ "timers.target" ]; }; }; }