any.software.immich-podman: add role

2026-02-15 22:59:33 +01:00 · 2026-02-15 22:59:33 +01:00 · 073127fcc0
parent c4c5ab0e2a
commit 073127fcc0
9 changed files with 123 additions and 0 deletions
--- a/plays/emma.yml
+++ b/plays/emma.yml
@ -229,3 +229,27 @@
    - role: any.software.recipya-podman
      vars:
        data_dir: '/data/recipya/data'
+
+- name: Set up Immich
+  hosts: emma
+  tags: immich
+  roles:
+    - role: any.common.btrfs-subvolumes
+      vars:
+        subvolumes:
+          - filesystem_uuid: "{{ btrfs_nvme.uuid }}"
+            filesystem_path: "{{ btrfs_nvme.path }}"
+            name: "/@rootfs/data/immich/postgres"
+          - filesystem_uuid: "{{ btrfs_raid.uuid }}"
+            filesystem_path: "{{ btrfs_raid.path }}"
+            name: "/photos/immich-upload"
+      become: true
+    - role: any.software.immich-podman
+      vars:
+        immich_postgres_dir: '/data/immich/postgres'
+        immich_upload_dir: '/mnt/data1/photos/immich-upload'
+        immich_libraries:
+          - path: '/mnt/data1/photos/jef'
+            name: 'jef'
+          - path: '/mnt/data1/photos/lambroek'
+            name: 'lambroek'
--- a/roles/any.software.immich-podman/files/immich-redis.container
+++ b/roles/any.software.immich-podman/files/immich-redis.container
@ -0,0 +1,8 @@
+# vim: ft=systemd
+[Container]
+HealthCmd=redis-cli ping || exit 1
+Image=docker.io/valkey/valkey:9@sha256:546304417feac0874c3dd576e0952c6bb8f06bb4093ea0c9ca303c73cf458f63
+Pod=immich.pod
+
+[Service]
+Restart=always
--- a/roles/any.software.immich-podman/files/immich.Caddyfile
+++ b/roles/any.software.immich-podman/files/immich.Caddyfile
@ -0,0 +1,5 @@
+photos.roosens.me {
+    reverse_proxy localhost:8024 {
+        header_down +X-Robots-Tag "none"
+    }
+}
--- a/roles/any.software.immich-podman/files/immich.pod
+++ b/roles/any.software.immich-podman/files/immich.pod
@ -0,0 +1,3 @@
+# vim: ft=systemd
+[Pod]
+PublishPort=127.0.0.1:8024:2283
--- a/roles/any.software.immich-podman/handlers/main.yml
+++ b/roles/any.software.immich-podman/handlers/main.yml
@ -0,0 +1,8 @@
+---
+- name: 'restart immich'
+  ansible.builtin.systemd_service:
+    name: 'immich-server'
+    state: 'restarted'
+
+    scope: 'user'
+    daemon_reload: true
--- a/roles/any.software.immich-podman/meta/main.yml
+++ b/roles/any.software.immich-podman/meta/main.yml
@ -0,0 +1,4 @@
+---
+dependencies:
+  - role: any.tools.caddy
+    become: true
--- a/roles/any.software.immich-podman/tasks/main.yml
+++ b/roles/any.software.immich-podman/tasks/main.yml
@ -0,0 +1,33 @@
+- name: Ensure Quadlet files are present
+  ansible.builtin.template:
+    src: "{{ item }}.j2"
+    dest: "/home/debian/.config/containers/systemd/{{ item }}"
+    mode: '0755'
+    owner: 'debian'
+    group: 'debian'
+  loop:
+    - 'immich-app.container'
+    - 'immich-postgres.container'
+  # notify: 'restart immich'
+
+- name: Ensure Quadlet files are present
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "/home/debian/.config/containers/systemd/{{ item }}"
+    mode: '0755'
+    owner: 'debian'
+    group: 'debian'
+  loop:
+    - 'immich-redis.container'
+    - 'immich.pod'
+  # notify: 'restart immich'
+
+- name: Ensure Caddyfile is present
+  ansible.builtin.copy:
+    src: 'immich.Caddyfile'
+    dest: '/etc/caddy/immich.Caddyfile'
+    owner: root
+    group: root
+    mode: '0644'
+  become: true
+  # notify: 'reload caddy'
--- a/roles/any.software.immich-podman/templates/immich-app.container.j2
+++ b/roles/any.software.immich-podman/templates/immich-app.container.j2
@ -0,0 +1,21 @@
+# vim: ft=systemd
+[Unit]
+Requires=immich-redis.service immich-postgres.service
+After=immich-redis.service immich-postgres.service
+
+[Container]
+Environment=IMMICH_VERSION=v2.5.6 DB_HOSTNAME=localhost DB_DATABASE_NAME=immich DB_USERNAME=immich DB_PASSWORD=immich REDIS_HOSTNAME=localhost
+Image=ghcr.io/immich-app/immich-server:v2.5.6
+Pod=immich.pod
+
+Volume={{ immich_upload_dir }}:/data
+Volume=/etc/localtime:/etc/localtime:ro
+
+{% for library in immich_libraries %}
+Volume={{ library.path }}:/mnt/libraries/{{ library.name }}
+{% endfor %}
+
+User=0
+
+[Service]
+Restart=always
--- a/roles/any.software.immich-podman/templates/immich-postgres.container.j2
+++ b/roles/any.software.immich-podman/templates/immich-postgres.container.j2
@ -0,0 +1,17 @@
+# vim: ft=systemd
+[Container]
+Environment=POSTGRES_PASSWORD=immich POSTGRES_USER=immich POSTGRES_DB=immich POSTGRES_INITDB_ARGS=--data-checksums
+Image=ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
+Pod=immich.pod
+ShmSize=128mb
+
+Notify=healthy
+Volume={{ immich_postgres_dir }}:/var/lib/postgresql/data
+
+Environment=POSTGRES_USER=immich POSTGRES_PASSWORD=immich POSTGRES_DB=immich
+HealthCmd=["pg_isready","-U","immich"]
+HealthInterval=10s
+HealthStartPeriod=30s
+
+[Service]
+Restart=always