From 0cc93f01489f39e83cc4fcfc13cc5bec6bc6b53a Mon Sep 17 00:00:00 2001 From: Thomas Kleinendorst Date: Sun, 29 Dec 2024 15:21:17 +0100 Subject: [PATCH] Add Immich to roles --- playbook.yml | 1 + roles/immich/tasks/main.yml | 22 ++++++++++++++++++++++ roles/immich/templates/.env.j2 | 21 +++++++++++++++++++++ roles/immich/vars/main/defaults.yml | 4 ++++ roles/immich/vars/main/vault.yml | 9 +++++++++ 5 files changed, 57 insertions(+) create mode 100644 roles/immich/tasks/main.yml create mode 100644 roles/immich/templates/.env.j2 create mode 100644 roles/immich/vars/main/defaults.yml create mode 100644 roles/immich/vars/main/vault.yml diff --git a/playbook.yml b/playbook.yml index 10e256c..4fb396e 100644 --- a/playbook.yml +++ b/playbook.yml @@ -25,6 +25,7 @@ - role: wedding - role: changedetection - role: monitoring + - role: immich vars: # devsec.hardening.ssh_hardening vars: ssh_client_port: 22 # Default, but duplicated here for documentation purpose. Not changed because its only accessible via LAN. diff --git a/roles/immich/tasks/main.yml b/roles/immich/tasks/main.yml new file mode 100644 index 0000000..b5fc24e --- /dev/null +++ b/roles/immich/tasks/main.yml @@ -0,0 +1,22 @@ +--- +- name: Create the compose project directory + ansible.builtin.file: + path: "/home/{{ ansible_user_id }}/immich" + state: directory + owner: "{{ ansible_user_id }}" + mode: '0744' +- name: Download the Immich Dockerfile + ansible.builtin.get_url: + url: https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml + dest: "/home/{{ ansible_user_id }}/immich/docker-compose.yml" + mode: '0755' +- name: Create the .env file + ansible.builtin.template: + src: .env.j2 + dest: "/home/{{ ansible_user_id }}/immich/.env" + owner: "{{ ansible_user_id }}" + mode: '0644' +- name: Create and start services + become: true + community.docker.docker_compose_v2: + project_src: "/home/{{ ansible_user_id }}/immich/" diff --git a/roles/immich/templates/.env.j2 b/roles/immich/templates/.env.j2 new file mode 100644 index 0000000..25947df --- /dev/null +++ b/roles/immich/templates/.env.j2 @@ -0,0 +1,21 @@ +# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables + +# The location where your uploaded files are stored +UPLOAD_LOCATION={{ immich_upload_location }} +# The location where your database files are stored +DB_DATA_LOCATION={{ immich_database_location }} + +# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List +TZ=Europe/Amsterdam + +# The Immich version to use. You can pin this to a specific version like "v1.71.0" +IMMICH_VERSION={{ immich_version }} + +# Connection secret for postgres. You should change it to a random password +# Please use only the characters `A-Za-z0-9`, without special characters or spaces +DB_PASSWORD={{ immich_db_password }} + +# The values below this line do not need to be changed +################################################################################### +DB_USERNAME=postgres +DB_DATABASE_NAME=immich diff --git a/roles/immich/vars/main/defaults.yml b/roles/immich/vars/main/defaults.yml new file mode 100644 index 0000000..8815fb7 --- /dev/null +++ b/roles/immich/vars/main/defaults.yml @@ -0,0 +1,4 @@ +--- +immich_version: v1.123.0 +immich_upload_location: '/bulk/immich_uploads' +immich_database_location: '/bulk/immich_database' diff --git a/roles/immich/vars/main/vault.yml b/roles/immich/vars/main/vault.yml new file mode 100644 index 0000000..d035cef --- /dev/null +++ b/roles/immich/vars/main/vault.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.1;AES256 +33353064353838383033313436653938346564646230663664623161616137656435616537366134 +3265343666363365633732666338656435373366383137630a393934623635373738333733646239 +36303033626164663539363438313837663166346363663834616335386537643263343366333264 +3365636133663036350a616230626362366134633437373164383966613131346137653138396464 +64313866353438373338633232363763323430643036633431346263373335346536326330613331 +62366137356530356138616636393337663661373865343436353938663039663462353263656365 +65643837663065623364646538636465366134616462316262646431633338383830356236343463 +35663739353062306261