{ lib, config, pkgs, ... }: with lib; let cfg = config.nas-apps.immich; in { imports = [ ./options.nix ]; config = mkIf cfg.enable { virtualisation.oci-containers.containers."immich-machine-learning" = { image = "ghcr.io/immich-app/immich-machine-learning:pr-12826-cuda"; volumes = [ "/media/nas/ssd/nix-app-data/immich/model-cache:/cache:rw" ]; log-driver = "journald"; extraOptions = [ "--network-alias=immich-machine-learning" "--device=nvidia.com/gpu=0" ]; ports = [ "3003:3003" ]; environment = { PUID = "911"; PGID = "1000"; }; }; systemd.services."podman-immich-machine-learning" = { serviceConfig = { Restart = lib.mkOverride 500 "always"; }; partOf = [ "podman-compose-immich-root.target" ]; wantedBy = [ "podman-compose-immich-root.target" ]; }; virtualisation.oci-containers.containers."immich-postgres" = { image = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0"; environment = { "POSTGRES_INITDB_ARGS" = "--data-checksums"; PUID = "911"; PGID = "1000"; }; environmentFiles = [ config.sops.secrets."jallen-nas/immich/db-password".path config.sops.secrets."jallen-nas/immich/db-name".path config.sops.secrets."jallen-nas/immich/db-user".path ]; volumes = [ "/media/nas/ssd/nix-app-data/immich/postgres:/var/lib/postgresql/data:rw" ]; ports = [ "5433:5432" ]; cmd = [ "postgres" "-c" "shared_preload_libraries=vectors.so" "-c" "search_path=\"$user\", public, vectors" "-c" "logging_collector=on" "-c" "max_wal_size=2GB" "-c" "shared_buffers=512MB" "-c" "wal_compression=on" ]; log-driver = "journald"; extraOptions = [ "--health-cmd=pg_isready --dbname=$DB_DATABASE_NAME --username=$DB_USERNAME || exit 1; Chksum=\"$(psql --dbname=$DB_DATABASE_NAME --username=$DB_USERNAME --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')\"; echo \"checksum failure count is $Chksum\"; [ \"$Chksum\" = '0' ] || exit 1" "--health-interval=5m0s" "--health-start-period=5m0s" "--network-alias=database" ]; }; systemd.services."podman-immich-postgres" = { serviceConfig = { Restart = lib.mkOverride 500 "always"; }; partOf = [ "podman-compose-immich-root.target" ]; wantedBy = [ "podman-compose-immich-root.target" ]; }; virtualisation.oci-containers.containers."immich-redis" = { image = "docker.io/redis:6.2-alpine@sha256:2d1463258f2764328496376f5d965f20c6a67f66ea2b06dc42af351f75248792"; log-driver = "journald"; extraOptions = [ "--health-cmd=redis-cli ping || exit 1" "--network-alias=redis" ]; ports = [ "6381:6379" ]; environment = { PUID = "911"; PGID = "1000"; }; }; systemd.services."podman-immich-redis" = { serviceConfig = { Restart = lib.mkOverride 500 "always"; }; partOf = [ "podman-compose-immich-root.target" ]; wantedBy = [ "podman-compose-immich-root.target" ]; }; virtualisation.oci-containers.containers."immich-server" = { image = "ghcr.io/imagegenius/immich:latest"; volumes = [ "/media/nas/ssd/nix-app-data/immich/upload:/usr/src/app/upload:rw" "/media/nas/ssd/nix-app-data/immich/config:/config" "/media/nas/main/photos:/photos" "/media/nas/ssd/nix-app-data/immich/libraries:/libraries" "/etc/localtime:/etc/localtime:ro" ]; ports = [ "5555:8080/tcp" ]; dependsOn = [ "immich-postgres" "immich-redis" ]; log-driver = "journald"; extraOptions = [ "--network-alias=immich-server" "--device=nvidia.com/gpu=0" ]; environment = { PUID = "911"; PGID = "1000"; DB_HOSTNAME = "10.0.1.18"; DB_PORT = "5433"; REDIS_HOSTNAME = "10.0.1.18"; REDIS_PORT = "6381"; }; environmentFiles = [ config.sops.secrets."jallen-nas/immich/server-db-password".path config.sops.secrets."jallen-nas/immich/server-db-name".path config.sops.secrets."jallen-nas/immich/server-db-user".path ]; }; systemd.services."podman-immich-server" = { serviceConfig = { Restart = lib.mkOverride 500 "always"; }; partOf = [ "podman-compose-immich-root.target" ]; wantedBy = [ "podman-compose-immich-root.target" ]; }; # Root service # When started, this will automatically create all resources and start # the containers. When stopped, this will teardown all resources. systemd.targets."podman-compose-immich-root" = { unitConfig = { Description = "Root target generated by compose2nix."; }; wantedBy = [ "multi-user.target" ]; }; }; }