From 0f5577ca7076406706717e3575261b1074e5b2d1 Mon Sep 17 00:00:00 2001 From: Michele Cereda Date: Sat, 17 Aug 2024 14:34:56 +0200 Subject: [PATCH] chore(immich): add kb article and container files --- containers/immich/.env | 21 +++++ containers/immich/.env.upstream | 21 +++++ containers/immich/.gitignore | 2 + containers/immich/docker-compose.upstream.yml | 76 ++++++++++++++++ containers/immich/docker-compose.yml | 86 +++++++++++++++++++ containers/immich/hwaccel.ml.upstream.yml | 43 ++++++++++ containers/immich/hwaccel.ml.yml | 37 ++++++++ .../immich/hwaccel.transcoding.upstream.yml | 55 ++++++++++++ containers/immich/hwaccel.transcoding.yml | 49 +++++++++++ knowledge base/immich.md | 65 ++++++++++++++ knowledge base/self-hosting.md | 38 ++++---- knowledge base/watchtower.md | 72 ++++++++++++++++ 12 files changed, 547 insertions(+), 18 deletions(-) create mode 100644 containers/immich/.env create mode 100644 containers/immich/.env.upstream create mode 100644 containers/immich/.gitignore create mode 100644 containers/immich/docker-compose.upstream.yml create mode 100644 containers/immich/docker-compose.yml create mode 100644 containers/immich/hwaccel.ml.upstream.yml create mode 100644 containers/immich/hwaccel.ml.yml create mode 100644 containers/immich/hwaccel.transcoding.upstream.yml create mode 100644 containers/immich/hwaccel.transcoding.yml create mode 100644 knowledge base/immich.md create mode 100644 knowledge base/watchtower.md diff --git a/containers/immich/.env b/containers/immich/.env new file mode 100644 index 0000000..9ad3af3 --- /dev/null +++ b/containers/immich/.env @@ -0,0 +1,21 @@ +# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables + +# The location where your uploaded files are stored +UPLOAD_LOCATION=./library +# The location where your database files are stored +DB_DATA_LOCATION=./postgres + +# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List +# TZ=Etc/UTC + +# The Immich version to use. You can pin this to a specific version like "v1.71.0" +IMMICH_VERSION=release + +# Connection secret for postgres. You should change it to a random password +# Please use only the characters `A-Za-z0-9`, without special characters or spaces +DB_PASSWORD=postgres + +# The values below this line do not need to be changed +################################################################################### +DB_USERNAME=postgres +DB_DATABASE_NAME=immich diff --git a/containers/immich/.env.upstream b/containers/immich/.env.upstream new file mode 100644 index 0000000..9ad3af3 --- /dev/null +++ b/containers/immich/.env.upstream @@ -0,0 +1,21 @@ +# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables + +# The location where your uploaded files are stored +UPLOAD_LOCATION=./library +# The location where your database files are stored +DB_DATA_LOCATION=./postgres + +# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List +# TZ=Etc/UTC + +# The Immich version to use. You can pin this to a specific version like "v1.71.0" +IMMICH_VERSION=release + +# Connection secret for postgres. You should change it to a random password +# Please use only the characters `A-Za-z0-9`, without special characters or spaces +DB_PASSWORD=postgres + +# The values below this line do not need to be changed +################################################################################### +DB_USERNAME=postgres +DB_DATABASE_NAME=immich diff --git a/containers/immich/.gitignore b/containers/immich/.gitignore new file mode 100644 index 0000000..517529d --- /dev/null +++ b/containers/immich/.gitignore @@ -0,0 +1,2 @@ +/library/ +/postgres/ diff --git a/containers/immich/docker-compose.upstream.yml b/containers/immich/docker-compose.upstream.yml new file mode 100644 index 0000000..927a95f --- /dev/null +++ b/containers/immich/docker-compose.upstream.yml @@ -0,0 +1,76 @@ +# +# WARNING: Make sure to use the docker-compose.yml of the current release: +# +# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml +# +# The compose file on main may not be compatible with the latest release. +# + +name: immich + +services: + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + # extends: + # file: hwaccel.transcoding.yml + # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding + volumes: + # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file + - ${UPLOAD_LOCATION}:/usr/src/app/upload + - /etc/localtime:/etc/localtime:ro + env_file: + - .env + ports: + - 2283:3001 + depends_on: + - redis + - database + restart: always + healthcheck: + disable: false + + immich-machine-learning: + container_name: immich_machine_learning + # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag. + # Example tag: ${IMMICH_VERSION:-release}-cuda + image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} + # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration + # file: hwaccel.ml.yml + # service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable + volumes: + - model-cache:/cache + env_file: + - .env + restart: always + healthcheck: + disable: false + + redis: + container_name: immich_redis + image: docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e + healthcheck: + test: redis-cli ping || exit 1 + restart: always + + database: + container_name: immich_postgres + image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_INITDB_ARGS: '--data-checksums' + volumes: + # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file + - ${DB_DATA_LOCATION}:/var/lib/postgresql/data + healthcheck: + test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1 + interval: 5m + start_interval: 30s + start_period: 5m + command: ["postgres", "-c", "shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"] + restart: always + +volumes: + model-cache: diff --git a/containers/immich/docker-compose.yml b/containers/immich/docker-compose.yml new file mode 100644 index 0000000..74fb856 --- /dev/null +++ b/containers/immich/docker-compose.yml @@ -0,0 +1,86 @@ +--- + +### +# Edit variables via .env file +### + +name: immich +services: + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + extends: + file: hwaccel.transcoding.yml + service: vaapi + volumes: + - ${UPLOAD_LOCATION}:/usr/src/app/upload + - /etc/localtime:/etc/localtime:ro + env_file: + - .env + ports: + - 2283:3001 + depends_on: + - redis + - database + restart: unless-stopped + healthcheck: + disable: false + + immich-machine-learning: + container_name: immich_machine_learning-openvino + image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} + extends: + file: hwaccel.ml.yml + service: openvino + volumes: + - model-cache:/cache + env_file: + - .env + restart: unless-stopped + healthcheck: + disable: false + + redis: + container_name: immich_redis + image: docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e + healthcheck: + test: redis-cli ping || exit 1 + restart: unless-stopped + + database: + container_name: immich_postgres + image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_INITDB_ARGS: '--data-checksums' + volumes: + - ${DB_DATA_LOCATION}:/var/lib/postgresql/data + healthcheck: + test: >- + pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; + Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; + echo "checksum failure count is $$Chksum"; + [ "$$Chksum" = '0' ] || exit 1 + interval: 5m + start_interval: 30s + start_period: 5m + command: + - postgres + - -c + - shared_preload_libraries=vectors.so + - -c + - 'search_path="$$user", public, vectors' + - -c + - logging_collector=on + - -c + - max_wal_size=2GB + - -c + - shared_buffers=512MB + - -c + - wal_compression=on + restart: unless-stopped + +volumes: + model-cache: diff --git a/containers/immich/hwaccel.ml.upstream.yml b/containers/immich/hwaccel.ml.upstream.yml new file mode 100644 index 0000000..d9455d2 --- /dev/null +++ b/containers/immich/hwaccel.ml.upstream.yml @@ -0,0 +1,43 @@ +# Configurations for hardware-accelerated machine learning + +# If using Unraid or another platform that doesn't allow multiple Compose files, +# you can inline the config for a backend by copying its contents +# into the immich-machine-learning service in the docker-compose.yml file. + +# See https://immich.app/docs/features/ml-hardware-acceleration for info on usage. + +services: + armnn: + devices: + - /dev/mali0:/dev/mali0 + volumes: + - /lib/firmware/mali_csffw.bin:/lib/firmware/mali_csffw.bin:ro # Mali firmware for your chipset (not always required depending on the driver) + - /usr/lib/libmali.so:/usr/lib/libmali.so:ro # Mali driver for your chipset (always required) + + cpu: {} + + cuda: + deploy: + resources: + reservations: + devices: + - driver: nvidia + count: 1 + capabilities: + - gpu + + openvino: + device_cgroup_rules: + - 'c 189:* rmw' + devices: + - /dev/dri:/dev/dri + volumes: + - /dev/bus/usb:/dev/bus/usb + + openvino-wsl: + devices: + - /dev/dri:/dev/dri + - /dev/dxg:/dev/dxg + volumes: + - /dev/bus/usb:/dev/bus/usb + - /usr/lib/wsl:/usr/lib/wsl diff --git a/containers/immich/hwaccel.ml.yml b/containers/immich/hwaccel.ml.yml new file mode 100644 index 0000000..91141dc --- /dev/null +++ b/containers/immich/hwaccel.ml.yml @@ -0,0 +1,37 @@ +--- + +services: + armnn: + devices: + - /dev/mali0:/dev/mali0 + volumes: + - /lib/firmware/mali_csffw.bin:/lib/firmware/mali_csffw.bin:ro # Mali firmware for your chipset (not always required depending on the driver) + - /usr/lib/libmali.so:/usr/lib/libmali.so:ro # Mali driver for your chipset (always required) + + cpu: {} + + cuda: + deploy: + resources: + reservations: + devices: + - driver: nvidia + count: 1 + capabilities: + - gpu + + openvino: + device_cgroup_rules: + - 'c 189:* rmw' + devices: + - /dev/dri:/dev/dri + volumes: + - /dev/bus/usb:/dev/bus/usb + + openvino-wsl: + devices: + - /dev/dri:/dev/dri + - /dev/dxg:/dev/dxg + volumes: + - /dev/bus/usb:/dev/bus/usb + - /usr/lib/wsl:/usr/lib/wsl diff --git a/containers/immich/hwaccel.transcoding.upstream.yml b/containers/immich/hwaccel.transcoding.upstream.yml new file mode 100644 index 0000000..bd4e2a4 --- /dev/null +++ b/containers/immich/hwaccel.transcoding.upstream.yml @@ -0,0 +1,55 @@ +# Configurations for hardware-accelerated transcoding + +# If using Unraid or another platform that doesn't allow multiple Compose files, +# you can inline the config for a backend by copying its contents +# into the immich-microservices service in the docker-compose.yml file. + +# See https://immich.app/docs/features/hardware-transcoding for more info on using hardware transcoding. + +services: + cpu: {} + + nvenc: + deploy: + resources: + reservations: + devices: + - driver: nvidia + count: 1 + capabilities: + - gpu + - compute + - video + + quicksync: + devices: + - /dev/dri:/dev/dri + + rkmpp: + security_opt: # enables full access to /sys and /proc, still far better than privileged: true + - systempaths=unconfined + - apparmor=unconfined + group_add: + - video + devices: + - /dev/rga:/dev/rga + - /dev/dri:/dev/dri + - /dev/dma_heap:/dev/dma_heap + - /dev/mpp_service:/dev/mpp_service + #- /dev/mali0:/dev/mali0 # only required to enable OpenCL-accelerated HDR -> SDR tonemapping + volumes: + #- /etc/OpenCL:/etc/OpenCL:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping + #- /usr/lib/aarch64-linux-gnu/libmali.so.1:/usr/lib/aarch64-linux-gnu/libmali.so.1:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping + + vaapi: + devices: + - /dev/dri:/dev/dri + + vaapi-wsl: # use this for VAAPI if you're running Immich in WSL2 + devices: + - /dev/dri:/dev/dri + volumes: + - /usr/lib/wsl:/usr/lib/wsl + environment: + - LD_LIBRARY_PATH=/usr/lib/wsl/lib + - LIBVA_DRIVER_NAME=d3d12 diff --git a/containers/immich/hwaccel.transcoding.yml b/containers/immich/hwaccel.transcoding.yml new file mode 100644 index 0000000..9f2e1dc --- /dev/null +++ b/containers/immich/hwaccel.transcoding.yml @@ -0,0 +1,49 @@ +--- + +services: + cpu: {} + + nvenc: + deploy: + resources: + reservations: + devices: + - driver: nvidia + count: 1 + capabilities: + - gpu + - compute + - video + + quicksync: + devices: + - /dev/dri:/dev/dri + + rkmpp: + security_opt: # enables full access to /sys and /proc, still far better than privileged: true + - systempaths=unconfined + - apparmor=unconfined + group_add: + - video + devices: + - /dev/rga:/dev/rga + - /dev/dri:/dev/dri + - /dev/dma_heap:/dev/dma_heap + - /dev/mpp_service:/dev/mpp_service + #- /dev/mali0:/dev/mali0 # only required to enable OpenCL-accelerated HDR -> SDR tonemapping + volumes: + #- /etc/OpenCL:/etc/OpenCL:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping + #- /usr/lib/aarch64-linux-gnu/libmali.so.1:/usr/lib/aarch64-linux-gnu/libmali.so.1:ro # only required to enable OpenCL-accelerated HDR -> SDR tonemapping + + vaapi: + devices: + - /dev/dri:/dev/dri + + vaapi-wsl: # use this for VAAPI if you're running Immich in WSL2 + devices: + - /dev/dri:/dev/dri + volumes: + - /usr/lib/wsl:/usr/lib/wsl + environment: + - LD_LIBRARY_PATH=/usr/lib/wsl/lib + - LIBVA_DRIVER_NAME=d3d12 diff --git a/knowledge base/immich.md b/knowledge base/immich.md new file mode 100644 index 0000000..cd9ab66 --- /dev/null +++ b/knowledge base/immich.md @@ -0,0 +1,65 @@ +# Immich + +Self-hosted photo and video management solution. + +1. [TL;DR](#tldr) +1. [Further readings](#further-readings) + +## TL;DR + +
+ Setup + +```sh +curl -O 'https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml' \ +&& curl -o '.env' 'https://github.com/immich-app/immich/releases/latest/download/example.env' \ +&& curl -O 'https://github.com/immich-app/immich/releases/latest/download/hwaccel.transcoding.yml' \ +&& curl -O 'https://github.com/immich-app/immich/releases/latest/download/hwaccel.ml.yml' \ +&& docker compose up -d \ +&& xdg-open 'http://localhost:2283' +``` + +The composition uses `.env` for configuration.
+Refer the [Environment Variables] documentation page for the available environment variables. +
+ + + + + +## Further readings + +- [Website] +- [Main repository] +- [Environment Variables] + + + + + + + +[environment variables]: https://immich.app/docs/install/environment-variables +[main repository]: https://github.com/immich-app/immich +[website]: https://immich.app/ + + diff --git a/knowledge base/self-hosting.md b/knowledge base/self-hosting.md index f331860..d5ea62a 100644 --- a/knowledge base/self-hosting.md +++ b/knowledge base/self-hosting.md @@ -9,24 +9,25 @@ The _art_ of hosting and managing applications on one's own servers instead of c ## Software -| Name | Description | Alternatives | -| ---------------- | -------------------------- | ----------------------------------------- | -| [AWX] | Task runner | [CTFreak], [Rundeck], [Semaphore], [Zuul] | -| [Baikal] | CalDAV and CardDAV server | [Radicale] | -| [CTFreak] | Task runner | [AWX], [Rundeck], [Semaphore], [Zuul] | -| [Gitea] | Git server | [Gitlab], [Gogs] | -| [Gitlab] | Git server | [Gitea], [Gogs] | -| [Gogs] | Git server | [Gitea], [Gitlab] | -| [Home Assistant] | Home automation platform | | -| [NextCloud] | File sharing platform | [OwnCloud] | -| [OpenMediaVault] | NAS solution | [TrueNAS] | -| [Paperless-ngx] | Document management system | | -| [PhotoPrism] | Google Photos replacement | | -| [Rundeck] | Task runner | [AWX], [CTFreak], [Semaphore], [Zuul] | -| [Semaphore] | Task runner | [AWX], [CTFreak], [Rundeck], [Zuul] | -| [Uptime Kuma] | Status page | [Gatus], [Statping-ng], [Vigil] | -| [Zuul] | Task runner | [AWX], [CTFreak], [Rundeck], [Semaphore] | -| [Wallabag] | Web page saver | Pocket | +| Name | Description | Alternatives | +| ---------------- | ----------------------------------- | ----------------------------------------- | +| [AWX] | Task runner | [CTFreak], [Rundeck], [Semaphore], [Zuul] | +| [Baikal] | CalDAV and CardDAV server | [Radicale] | +| [CTFreak] | Task runner | [AWX], [Rundeck], [Semaphore], [Zuul] | +| [Gitea] | Git server | [Gitlab], [Gogs] | +| [Gitlab] | Git server | [Gitea], [Gogs] | +| [Gogs] | Git server | [Gitea], [Gitlab] | +| [Home Assistant] | Home automation platform | | +| [Immich] | Photo and video management solution | Google Photo | +| [NextCloud] | File sharing platform | [OwnCloud] | +| [OpenMediaVault] | NAS solution | [TrueNAS] | +| [Paperless-ngx] | Document management system | | +| [PhotoPrism] | Google Photos replacement | | +| [Rundeck] | Task runner | [AWX], [CTFreak], [Semaphore], [Zuul] | +| [Semaphore] | Task runner | [AWX], [CTFreak], [Rundeck], [Zuul] | +| [Uptime Kuma] | Status page | [Gatus], [Statping-ng], [Vigil] | +| [Wallabag] | Web page saver | Pocket | +| [Zuul] | Task runner | [AWX], [CTFreak], [Rundeck], [Semaphore] | ## Further readings @@ -45,6 +46,7 @@ The _art_ of hosting and managing applications on one's own servers instead of c [baikal]: baikal.md [gitea]: gitea.md [gitlab]: gitlab/README.md +[immich]: immich.md [nextcloud]: nextcloud.md [openmediavault]: openmediavault.md [paperless-ngx]: paperless-ngx.md diff --git a/knowledge base/watchtower.md b/knowledge base/watchtower.md new file mode 100644 index 0000000..615671e --- /dev/null +++ b/knowledge base/watchtower.md @@ -0,0 +1,72 @@ +# Watchtower + +Container-based solution for automating Docker container base image updates. + +> Intended to be used in homelabs, media centers, local dev environments, and such.
+> **Not** recommend in commercial or production environments. + +1. [TL;DR](#tldr) +1. [Further readings](#further-readings) + 1. [Sources](#sources) + +## TL;DR + +
+ Setup + +```sh +docker run -d --name 'watchtower' -v '/var/run/docker.sock:/var/run/docker.sock' 'containrrr/watchtower' +``` + +Docker compose: + +```yaml +services: + watchtower: + image: containrrr/watchtower + volumes: + - /var/run/docker.sock:/var/run/docker.sock +``` + +
+ + + + + +## Further readings + +- [Website] +- [Main repository] + +### Sources + + + + + + + +[main repository]: https://github.com/containrrr/watchtower/ +[website]: https://containrrr.dev/watchtower/ + +