From 208814f0cdd6dc4f1e5a61f8c7c1685788337940 Mon Sep 17 00:00:00 2001 From: Ryan Horiguchi Date: Sun, 29 Sep 2024 05:32:33 +0200 Subject: [PATCH] Add immich --- .../devices/headless/router/adguardhome.nix | 1 + .../devices/headless/server/backup.nix | 1 + .../devices/headless/server/default.nix | 1 + .../devices/headless/server/immich.nix | 41 +++++++++++++++++++ modules/default/immich.nix | 18 ++++++++ modules/default/monitoring.nix | 26 +++++++++++- 6 files changed, 86 insertions(+), 2 deletions(-) create mode 100644 configuration/devices/headless/server/immich.nix create mode 100644 modules/default/immich.nix diff --git a/configuration/devices/headless/router/adguardhome.nix b/configuration/devices/headless/router/adguardhome.nix index d410fa5f..d333b16f 100644 --- a/configuration/devices/headless/router/adguardhome.nix +++ b/configuration/devices/headless/router/adguardhome.nix @@ -129,6 +129,7 @@ in { "esphome.00a.ch" "grafana.00a.ch" "home-assistant.00a.ch" + "immich.00a.ch" "monitoring.00a.ch" "prowlarr.00a.ch" "sonarr.00a.ch" diff --git a/configuration/devices/headless/server/backup.nix b/configuration/devices/headless/server/backup.nix index 522e9d30..3b7f203e 100644 --- a/configuration/devices/headless/server/backup.nix +++ b/configuration/devices/headless/server/backup.nix @@ -20,6 +20,7 @@ in { config.services.deluge.config.torrentfiles_location config.services.grafana.dataDir + config.services.immich.mediaLocation config.services.loki.dataDir config.services.plex.dataDir config.services.prowlarr.dataDir diff --git a/configuration/devices/headless/server/default.nix b/configuration/devices/headless/server/default.nix index b4d91f9f..0038dde2 100644 --- a/configuration/devices/headless/server/default.nix +++ b/configuration/devices/headless/server/default.nix @@ -5,6 +5,7 @@ ./backup.nix ./fancontrol.nix ./home-assistant + ./immich.nix ./libvirtd ./log-management.nix ./monitoring.nix diff --git a/configuration/devices/headless/server/immich.nix b/configuration/devices/headless/server/immich.nix new file mode 100644 index 00000000..58f8e8e2 --- /dev/null +++ b/configuration/devices/headless/server/immich.nix @@ -0,0 +1,41 @@ +{ config, secrets, ... }: { + services = { + infomaniak = { + enable = true; + + username = secrets.infomaniak.username; + password = secrets.infomaniak.password; + hostnames = [ "immich.00a.ch" ]; + }; + + nginx = { + enable = true; + + virtualHosts."immich.00a.ch" = { + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.services.immich.port}"; + proxyWebsockets = true; + + extraConfig = '' + proxy_buffering off; + + client_max_body_size 50000M; + ''; + }; + }; + }; + + immich = { + enable = true; + + host = "127.0.0.1"; + group = if config.services.resilio.enable then "rslsync" else "immich"; + }; + }; + + # TODO remove when https://github.com/NixOS/nixpkgs/issues/344738 fixed + users.groups.immich = { }; +} diff --git a/modules/default/immich.nix b/modules/default/immich.nix new file mode 100644 index 00000000..0cf3b75b --- /dev/null +++ b/modules/default/immich.nix @@ -0,0 +1,18 @@ +# TODO remove when merged https://nixpk.gs/pr-tracker.html?pr=324127 + +let + src = let + owner = "NixOS"; + repo = "nixpkgs"; + rev = "9d834dc4ecd42965a4357a96813780f587664d56"; + sha256 = "sha256:17kjrr1x4n5zmrlcmad89slz7s9nv0ghn8c9iasx282chpawp46k"; + in builtins.fetchTarball { + name = "nixpkgs"; + url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz"; + inherit sha256; + }; +in { + imports = [ "${src}/nixos/modules/services/web-apps/immich.nix" ]; + + nixpkgs.overlays = [ (_: super: { immich = super.callPackage "${src}/pkgs/by-name/im/immich/package.nix" { }; }) ]; +} diff --git a/modules/default/monitoring.nix b/modules/default/monitoring.nix index 88056ad5..d4b5d9b3 100644 --- a/modules/default/monitoring.nix +++ b/modules/default/monitoring.nix @@ -86,6 +86,8 @@ in { promtail.configuration.server.register_instrumentation = true; + immich.environment.IMMICH_METRICS = "true"; + netdata = { enable = true; @@ -205,6 +207,13 @@ in { hosts = [ (import ./wireguard-network/ips.nix).${config.services.wireguard-network.serverHostname} ]; }; }; + } // { + "go.d/redis.conf" = pkgs.writers.writeYAML "redis.conf" { + jobs = lib.optional config.services.immich.enable { + name = "Immich"; + address = "unix://@${config.services.redis.servers.immich.unixSocket}"; + }; + }; } // { "go.d/smartctl.conf" = pkgs.writers.writeYAML "smartctl.conf" { jobs = [{ name = "local"; }]; }; } // { @@ -225,7 +234,16 @@ in { } ++ lib.optional config.services.grafana.enable { name = "Grafana"; url = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}/metrics"; - } ++ lib.optional config.services.loki.enable { + } ++ lib.optionals config.services.immich.enable [ + { + name = "Immich server"; + url = "http://127.0.0.1:8081/metrics"; + } + { + name = "Immich microservice"; + url = "http://127.0.0.1:8082/metrics"; + } + ] ++ lib.optional config.services.loki.enable { name = "Loki"; url = "http://127.0.0.1:${toString config.services.loki.configuration.server.http_listen_port}/metrics"; } ++ lib.optional config.services.promtail.enable { @@ -273,8 +291,12 @@ in { }; users.users.${config.services.netdata.user}.extraGroups = + # Redis collector + # this has to be user since redis will use the configured user as group + lib.optional config.services.immich.enable config.services.immich.user + # Web server collector - lib.optional config.services.nginx.enable config.services.nginx.group + ++ lib.optional config.services.nginx.enable config.services.nginx.group # X.509 certificate collector ++ (let acmeGroups = lib.unique (map (acme: acme.group) (lib.attrValues config.security.acme.certs));