diff --git a/hosts/caddy/default.nix b/hosts/caddy/default.nix index b1c574f..2bb3f99 100644 --- a/hosts/caddy/default.nix +++ b/hosts/caddy/default.nix @@ -55,6 +55,12 @@ in }; }; + immich.proxy = { + enable = true; + domain = p.domains.public; + host = p.hosts.immich; + }; + media-mgr = { proxy = { enable = true; diff --git a/hosts/default.nix b/hosts/default.nix index f5625c8..46daa8c 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -222,4 +222,15 @@ in # specialArgs = { }; }; + immich = nixpkgs.lib.nixosSystem { + pkgs = pkgs "x86_64-linux"; + modules = [ + myModules + proxmoxModule + ./immich + agenix.nixosModules.default + ]; + # specialArgs = { }; + }; + } diff --git a/hosts/deployments.nix b/hosts/deployments.nix index 5affee5..799e38d 100644 --- a/hosts/deployments.nix +++ b/hosts/deployments.nix @@ -33,6 +33,7 @@ in "nextcloud" "portainer" "vaultwarden" + "immich" ]; }; @@ -134,6 +135,15 @@ in ]; }; + immich.deployment = { + targetHost = hosts.immich; + tags = [ + "lxc" + "bacco" + "immich" + ]; + }; + deadbeef.deployment = { allowLocalDeployment = true; targetHost = null; diff --git a/hosts/immich/default.nix b/hosts/immich/default.nix new file mode 100644 index 0000000..c05842d --- /dev/null +++ b/hosts/immich/default.nix @@ -0,0 +1,32 @@ +{ + config, + pkgs, + lib, + ... +}: +{ + + my = { + utils = { + commons.enable = true; + lxc-standard.enable = true; + }; + + services.immich = { + enable = true; + mediaDir = "/mnt/immich"; + }; + + networking.nas-samba-share = { + enable = true; + allowUsers = [ config.services.immich.user ]; + }; + + virtualisation.proxmox.enable = true; + }; + + # Extra packages + environment.systemPackages = with pkgs; [ ]; + + system.stateVersion = "24.11"; +} diff --git a/hosts/parameters.nix b/hosts/parameters.nix index 9c28db9..c3f4481 100644 --- a/hosts/parameters.nix +++ b/hosts/parameters.nix @@ -17,6 +17,7 @@ shadowsocks = "shadowsocks.internal"; mpd = "192.168.1.7"; librechat = "librechat.internal"; + immich = "immich.internal"; }; domains = { public = "pasetto.me"; diff --git a/modules/services/default.nix b/modules/services/default.nix index 717b808..d655e72 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -2,6 +2,7 @@ imports = [ ./authentik.nix ./dashy.nix + ./immich.nix ./media-mgr.nix ./nextcloud.nix ./plex.nix diff --git a/modules/services/immich.nix b/modules/services/immich.nix new file mode 100644 index 0000000..28ca2c5 --- /dev/null +++ b/modules/services/immich.nix @@ -0,0 +1,86 @@ +{ + lib, + config, + pkgs, + ... +}: +let + cfg = config.my.services.immich; +in +{ + + options.my.services.immich = { + enable = lib.mkEnableOption "Enable Immich photo albums module"; + + mediaDir = lib.mkOption { + type = lib.types.path; + default = "/var/lib/immich/media"; + description = "Directory with Immich will store media files"; + }; + + settings = lib.mkOption { + type = lib.types.attrsOf lib.types.any; + default = { }; + description = '' + Settings for Immich + ''; + }; + + proxy = { + enable = lib.mkEnableOption "Set the proxy entry for this service"; + + domain = lib.mkOption { + default = "example.com"; + type = lib.types.str; + description = '' + The domain where Caddy is reachable + ''; + }; + + subdomain = lib.mkOption { + default = "photos"; + type = lib.types.str; + description = '' + The subdomain where Immich is reachable + ''; + }; + + host = lib.mkOption { + default = "localhost"; + type = lib.types.str; + description = '' + host name where the service is running + ''; + }; + + }; + }; + + config = lib.mkMerge [ + (lib.mkIf cfg.enable { + + services.immich = { + enable = true; + host = "0.0.0.0"; + openFirewall = true; + redis.enable = true; + mediaLocation = cfg.mediaDir; + machine-learning.enable = true; + database = { + enable = true; + createDB = true; + }; + }; + + }) + + (lib.mkIf cfg.proxy.enable { + services.caddy = with cfg.proxy; { + virtualHosts."${subdomain}.${domain}".extraConfig = '' + reverse_proxy http://${host}:${toString config.services.immich.port} + import cloudflare_${domain} + ''; + }; + }) + ]; +}