Skip to content

Instantly share code, notes, and snippets.

@madmo

madmo/immich.nix

Last active November 28, 2023 19:56
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save madmo/b5eaae26121f9eb42f9ab4ef3662402f to your computer and use it in GitHub Desktop.
Save madmo/b5eaae26121f9eb42f9ab4ef3662402f to your computer and use it in GitHub Desktop.
Download ZIP
nixos config file to run immich containers (based on compose2nix output)
Raw
immich.nix
let
# The location where your uploaded files are stored
immich.upload_location="/srv/immich";
# Connection secrets for postgres and typesense. You should change these to random passwords
immich.typesense_api_key="";
immich.db_password="";
in
{ pkgs, lib, ... }:
{
# Runtime
virtualisation.podman = {
enable = true;
autoPrune.enable = true;
dockerCompat = true;
defaultNetwork.settings = {
# Required for container networking to be able to use names.
dns_enabled = true;
};
};
virtualisation.oci-containers.backend = "podman";
# Containers
virtualisation.oci-containers.containers."immich_machine_learning" = {
image = "ghcr.io/immich-app/immich-machine-learning:release";
environment = {
DB_DATABASE_NAME = "immich";
DB_HOSTNAME = "immich_postgres";
DB_PASSWORD = "${immich.db_password}";
DB_USERNAME = "postgres";
IMMICH_VERSION = "release";
REDIS_HOSTNAME = "immich_redis";
TYPESENSE_API_KEY = "${immich.typesense_api_key}";
UPLOAD_LOCATION = "${immich.upload_location}";
};
volumes = [
"model-cache:/cache:rw"
];
log-driver = "journald";
extraOptions = [
"--network-alias=immich-machine-learning"
"--network=immich-default"
];
};
systemd.services."podman-immich_machine_learning" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-immich-default.service"
];
requires = [
"podman-network-immich-default.service"
];
partOf = [
"podman-compose-immich-root.target"
];
wantedBy = [
"podman-compose-immich-root.target"
];
};
virtualisation.oci-containers.containers."immich_microservices" = {
image = "ghcr.io/immich-app/immich-server:release";
cmd = [ "start.sh" "microservices" ];
environment = {
DB_DATABASE_NAME = "immich";
DB_HOSTNAME = "immich_postgres";
DB_PASSWORD = "${immich.db_password}";
DB_USERNAME = "postgres";
IMMICH_VERSION = "release";
REDIS_HOSTNAME = "immich_redis";
TYPESENSE_API_KEY = "${immich.typesense_api_key}";
UPLOAD_LOCATION = "${immich.upload_location}";
};
volumes = [
"/etc/localtime:/etc/localtime:ro"
"${immich.upload_location}:/usr/src/app/upload:rw"
];
dependsOn = [
"immich_postgres"
"immich_redis"
"immich_typesense"
];
log-driver = "journald";
extraOptions = [
"--network-alias=immich-microservices"
"--network=immich-default"
];
};
systemd.services."podman-immich_microservices" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-immich-default.service"
];
requires = [
"podman-network-immich-default.service"
];
partOf = [
"podman-compose-immich-root.target"
];
wantedBy = [
"podman-compose-immich-root.target"
];
};
virtualisation.oci-containers.containers."immich_postgres" = {
image = "postgres:14-alpine@sha256:50d9be76e9a90da4c781554955e0ffc79d9d5c4226838e64b36aacc97cbc35ad";
environment = {
DB_DATABASE_NAME = "immich";
DB_HOSTNAME = "immich_postgres";
DB_PASSWORD = "${immich.db_password}";
DB_USERNAME = "postgres";
IMMICH_VERSION = "release";
POSTGRES_DB = "immich";
POSTGRES_PASSWORD = "${immich.db_password}";
POSTGRES_USER = "postgres";
REDIS_HOSTNAME = "immich_redis";
TYPESENSE_API_KEY = "${immich.typesense_api_key}";
UPLOAD_LOCATION = "${immich.upload_location}";
};
volumes = [
"pgdata:/var/lib/postgresql/data:rw"
];
log-driver = "journald";
extraOptions = [
"--network-alias=database"
"--network=immich-default"
];
};
systemd.services."podman-immich_postgres" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-immich-default.service"
];
requires = [
"podman-network-immich-default.service"
];
partOf = [
"podman-compose-immich-root.target"
];
wantedBy = [
"podman-compose-immich-root.target"
];
};
virtualisation.oci-containers.containers."immich_redis" = {
image = "redis:6.2-alpine@sha256:80cc8518800438c684a53ed829c621c94afd1087aaeb59b0d4343ed3e7bcf6c5";
log-driver = "journald";
extraOptions = [
"--network-alias=redis"
"--network=immich-default"
];
};
systemd.services."podman-immich_redis" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-immich-default.service"
];
requires = [
"podman-network-immich-default.service"
];
partOf = [
"podman-compose-immich-root.target"
];
wantedBy = [
"podman-compose-immich-root.target"
];
};
virtualisation.oci-containers.containers."immich_server" = {
image = "ghcr.io/immich-app/immich-server:release";
cmd = [ "start.sh" "immich" ];
environment = {
DB_DATABASE_NAME = "immich";
DB_HOSTNAME = "immich_postgres";
DB_PASSWORD = "${immich.db_password}";
DB_USERNAME = "postgres";
IMMICH_VERSION = "release";
REDIS_HOSTNAME = "immich_redis";
TYPESENSE_API_KEY = "${immich.typesense_api_key}";
UPLOAD_LOCATION = "${immich.upload_location}";
};
volumes = [
"/etc/localtime:/etc/localtime:ro"
"${immich.upload_location}:/usr/src/app/upload:rw"
];
ports = [
"2283:3001/tcp"
];
dependsOn = [
"immich_postgres"
"immich_redis"
"immich_typesense"
];
log-driver = "journald";
extraOptions = [
"--network-alias=immich-server"
"--network=immich-default"
];
};
systemd.services."podman-immich_server" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-immich-default.service"
];
requires = [
"podman-network-immich-default.service"
];
partOf = [
"podman-compose-immich-root.target"
];
wantedBy = [
"podman-compose-immich-root.target"
];
};
virtualisation.oci-containers.containers."immich_typesense" = {
image = "typesense/typesense:0.24.1@sha256:9bcff2b829f12074426ca044b56160ca9d777a0c488303469143dd9f8259d4dd";
environment = {
GLOG_minloglevel = "1";
TYPESENSE_API_KEY = "${immich.typesense_api_key}";
TYPESENSE_DATA_DIR = "/data";
};
volumes = [
"tsdata:/data:rw"
];
log-driver = "journald";
extraOptions = [
"--network-alias=typesense"
"--network=immich-default"
];
};
systemd.services."podman-immich_typesense" = {
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-immich-default.service"
];
requires = [
"podman-network-immich-default.service"
];
partOf = [
"podman-compose-immich-root.target"
];
wantedBy = [
"podman-compose-immich-root.target"
];
};
# Networks
systemd.services."podman-network-immich-default" = {
path = [ pkgs.podman ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStop = "${pkgs.podman}/bin/podman network rm -f immich-default";
};
script = ''
podman network inspect immich-default || podman network create immich-default --opt isolate=true
'';
partOf = [ "podman-compose-immich-root.target" ];
wantedBy = [ "podman-compose-immich-root.target" ];
};
# Root service
# When started, this will automatically create all resources and start
# the containers. When stopped, this will teardown all resources.
systemd.targets."podman-compose-immich-root" = {
unitConfig = {
Description = "Root target generated by compose2nix.";
};
wantedBy = [ "multi-user.target" ];
};
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment