wild-cloud/wild-directory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reorganized for new stable/waypoint versioning design.

Browse Source
This commit is contained in:
Paul Payne
2026-05-24 18:28:47 +00:00
parent 945d2225a2
commit bc7a168851
352 changed files with 1264 additions and 294 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
immich/versions/1/README.md Normal file
View File

@@ -0,0 +1,41 @@
# Immich
Immich is a self-hosted photo and video backup solution that allows you to store, manage, and share your media files securely. It provides a mobile-first experience similar to Google Photos.
## Dependencies
- **PostgreSQL** - Database for storing metadata and search indexes
- **Redis** - Used for caching and background job queuing
## Components
Immich runs two services:
- **Server** - Main API and web server
- **Machine Learning** - Handles facial recognition and smart search
## Configuration
Key settings configured through your instance's `config.yaml`:
- **domain** - Where Immich will be accessible (default: `immich.{your-cloud-domain}`)
- **storage** - Persistent volume for photos and videos (default: `250Gi`)
- **cacheStorage** - Persistent volume for ML cache (default: `10Gi`)
- **timezone** - Server timezone (default: `UTC`)
## Access
After deployment, Immich will be available at:
- `https://immich.{your-cloud-domain}`
## First-Time Setup
1. Add and deploy the app:
```bash
wild app add immich
wild app deploy immich
```
2. Create your account through the web interface
3. Download the Immich mobile app and connect it to your server for automatic photo backup

68
immich/versions/1/db-init-job.yaml Normal file
View File

@@ -0,0 +1,68 @@
apiVersion: batch/v1
kind: Job
metadata:
name: immich-db-init
spec:
template:
spec:
containers:
- name: db-init
image: postgres:17
command: ["/bin/bash", "-c"]
args:
- |
PGPASSWORD=${POSTGRES_ADMIN_PASSWORD} psql -h ${DB_HOSTNAME} -U postgres <<EOF
DO \$\$
BEGIN
IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = '${DB_USERNAME}') THEN
CREATE USER ${DB_USERNAME} WITH ENCRYPTED PASSWORD '${DB_PASSWORD}';
ELSE
ALTER USER ${DB_USERNAME} WITH ENCRYPTED PASSWORD '${DB_PASSWORD}';
END IF;
END
\$\$;
SELECT 'CREATE DATABASE ${DB_DATABASE_NAME}' WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '${DB_DATABASE_NAME}')\gexec
ALTER DATABASE ${DB_DATABASE_NAME} OWNER TO ${DB_USERNAME};
GRANT ALL PRIVILEGES ON DATABASE ${DB_DATABASE_NAME} TO ${DB_USERNAME};
EOF
# Connect to the immich database and enable required extensions
PGPASSWORD=${POSTGRES_ADMIN_PASSWORD} psql -h ${DB_HOSTNAME} -U postgres -d ${DB_DATABASE_NAME} <<EOF
DO \$\$
BEGIN
-- Create vector extension if it doesn't exist
IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname = 'vector') THEN
CREATE EXTENSION vector;
END IF;
-- Create cube extension if it doesn't exist
IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname = 'cube') THEN
CREATE EXTENSION cube;
END IF;
-- Create earthdistance extension if it doesn't exist (depends on cube)
IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname = 'earthdistance') THEN
CREATE EXTENSION earthdistance;
END IF;
END
\$\$;
EOF
env:
- name: POSTGRES_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: immich-secrets
key: postgres.password
- name: DB_HOSTNAME
value: "{{ .db.host }}"
- name: DB_DATABASE_NAME
value: "{{ .db.name }}"
- name: DB_USERNAME
value: "{{ .db.user }}"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: immich-secrets
key: dbPassword
restartPolicy: OnFailure

35
immich/versions/1/deployment-machine-learning.yaml Normal file
View File

@@ -0,0 +1,35 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: immich-machine-learning
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: immich-machine-learning
template:
metadata:
labels:
app: immich-machine-learning
component: machine-learning
spec:
containers:
- image: "ghcr.io/immich-app/immich-machine-learning:v1.135.3"
name: immich-machine-learning
ports:
- containerPort: 3003
protocol: TCP
env:
- name: TZ
value: "UTC"
volumeMounts:
- mountPath: /cache
name: immich-cache
readOnly: false
volumes:
- name: immich-cache
persistentVolumeClaim:
claimName: immich-cache-pvc

61
immich/versions/1/deployment-microservices.yaml Normal file
View File

@@ -0,0 +1,61 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: immich-microservices
spec:
replicas: 1
selector:
matchLabels:
app: immich-microservices
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app: immich-microservices
component: microservices
spec:
containers:
- image: "ghcr.io/immich-app/immich-server:v1.135.3"
name: immich-microservices
env:
- name: REDIS_HOSTNAME
value: "{{ .redis.host }}"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: immich-secrets
key: redis.password
- name: DB_HOSTNAME
value: "{{ .db.host }}"
- name: DB_USERNAME
value: "{{ .db.user }}"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: immich-secrets
key: dbPassword
- name: TZ
value: "UTC"
- name: IMMICH_WORKERS_EXCLUDE
value: api
volumeMounts:
- mountPath: /usr/src/app/upload
name: immich-storage
readOnly: false
volumes:
- name: immich-storage
persistentVolumeClaim:
claimName: immich-pvc
affinity:
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app: immich
component: server
topologyKey: kubernetes.io/hostname

56
immich/versions/1/deployment-server.yaml Normal file
View File

@@ -0,0 +1,56 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: immich-server
spec:
replicas: 1
selector:
matchLabels:
app: immich-server
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app: immich-server
component: server
spec:
containers:
- image: "ghcr.io/immich-app/immich-server:v1.135.3"
name: immich-server
ports:
- containerPort: 2283
protocol: TCP
env:
- name: REDIS_HOSTNAME
value: "{{ .redis.host }}"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: immich-secrets
key: redis.password
- name: DB_HOSTNAME
value: "{{ .db.host }}"
- name: DB_USERNAME
value: "{{ .db.user }}"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: immich-secrets
key: dbPassword
- name: TZ
value: "UTC"
- name: IMMICH_WORKERS_EXCLUDE
value: microservices
volumeMounts:
- mountPath: /usr/src/app/upload
name: immich-storage
readOnly: false
volumes:
- name: immich-storage
persistentVolumeClaim:
claimName: immich-pvc

24
immich/versions/1/ingress.yaml Normal file
View File

@@ -0,0 +1,24 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: immich-public
annotations:
external-dns.alpha.kubernetes.io/target: "{{ .externalDnsDomain }}"
external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
spec:
rules:
- host: "{{ .domain }}"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: immich-server
port:
number: 3001
tls:
- secretName: wildcard-wild-cloud-tls
hosts:
- "{{ .domain }}"

18
immich/versions/1/kustomization.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: immich
labels:
- includeSelectors: true
pairs:
app: immich
managedBy: kustomize
partOf: wild-cloud
resources:
- deployment-server.yaml
- deployment-machine-learning.yaml
- deployment-microservices.yaml
- ingress.yaml
- namespace.yaml
- pvc.yaml
- service.yaml
- db-init-job.yaml

22
immich/versions/1/manifest.yaml Normal file
View File

@@ -0,0 +1,22 @@
version: 1.135.3-1
requires:
- name: redis
- name: postgres
defaultConfig:
namespace: immich
externalDnsDomain: '{{ .cloud.domain }}'
storage: 250Gi
cacheStorage: 10Gi
domain: immich.{{ .cloud.domain }}
tlsSecretName: wildcard-wild-cloud-tls
db:
host: '{{ .apps.postgres.host }}'
name: immich
user: immich
redis:
host: '{{ .apps.redis.host }}'
defaultSecrets:
- key: dbPassword
requiredSecrets:
- redis.password
- postgres.password

4
immich/versions/1/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: "{{ .namespace }}"

24
immich/versions/1/pvc.yaml Normal file
View File

@@ -0,0 +1,24 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: immich-pvc
spec:
storageClassName: longhorn
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .storage }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: immich-cache-pvc
spec:
storageClassName: longhorn
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .cacheStorage }}

33
immich/versions/1/service.yaml Normal file
View File

@@ -0,0 +1,33 @@
---
apiVersion: v1
kind: Service
metadata:
name: immich-server
namespace: immich
labels:
app: immich-server
spec:
ports:
- port: 3001
targetPort: 2283
selector:
app: immich
component: server
managedBy: kustomize
partOf: wild-cloud
---
apiVersion: v1
kind: Service
metadata:
name: immich-machine-learning
namespace: immich
labels:
app: immich-machine-learning
spec:
ports:
- port: 3003
selector:
app: immich
component: machine-learning
managedBy: kustomize
partOf: wild-cloud