diff --git a/stable/immich/5.0.0/CHANGELOG.md b/stable/immich/5.0.0/CHANGELOG.md new file mode 100644 index 00000000000..6af912aeb63 --- /dev/null +++ b/stable/immich/5.0.0/CHANGELOG.md @@ -0,0 +1,99 @@ +**Important:** +*for the complete changelog, please refer to the website* + + + + +## [immich-5.0.0](https://github.com/truecharts/charts/compare/immich-4.0.29...immich-5.0.0) (2023-01-15) + +### Chore + +- update immich to v1.41.1_64 (minor) ([#6355](https://github.com/truecharts/charts/issues/6355)) + - update container image tccr.io/truecharts/immich-proxy to v1.41.1_64 + + + + +## [immich-4.0.29](https://github.com/truecharts/charts/compare/immich-4.0.28...immich-4.0.29) (2023-01-13) + +### Chore + +- update container image tccr.io/truecharts/immich-server to v1.41.1_64 + + + + +## [immich-4.0.28](https://github.com/truecharts/charts/compare/immich-4.0.27...immich-4.0.28) (2023-01-11) + +### Chore + +- update container image tccr.io/truecharts/immich-web to v1.41.1_64 + - update container image tccr.io/truecharts/immich-server to v1.41.0_64 + + + + +## [immich-4.0.27](https://github.com/truecharts/charts/compare/immich-4.0.26...immich-4.0.27) (2023-01-10) + +### Chore + +- update container image tccr.io/truecharts/immich-proxy to v1.41.0_64 + + + + +## [immich-4.0.26](https://github.com/truecharts/charts/compare/immich-4.0.25...immich-4.0.26) (2023-01-07) + +### Chore + +- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121)) + + + + +## [immich-4.0.25](https://github.com/truecharts/charts/compare/immich-4.0.24...immich-4.0.25) (2023-01-03) + +### Chore + +- update container image tccr.io/truecharts/immich-web to v1.40.1_63 + - update container image tccr.io/truecharts/immich-server to v1.40.1_63 + + ### Fix + +- encode all keys in secret + + + + +## [immich-4.0.24](https://github.com/truecharts/charts/compare/immich-4.0.23...immich-4.0.24) (2023-01-01) + +### Chore + +- update container image tccr.io/truecharts/immich-proxy to v1.40.1_63 + + + + +## [immich-4.0.23](https://github.com/truecharts/charts/compare/immich-4.0.22...immich-4.0.23) (2022-12-30) + +### Chore + +- update container image tccr.io/truecharts/immich-ml to v1.40.1_63 + + + + +## [immich-4.0.22](https://github.com/truecharts/charts/compare/immich-4.0.21...immich-4.0.22) (2022-12-27) + +### Chore + +- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856)) + + + + +## [immich-4.0.21](https://github.com/truecharts/charts/compare/immich-4.0.20...immich-4.0.21) (2022-12-27) + +### Chore + +- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848)) diff --git a/stable/immich/5.0.0/Chart.yaml b/stable/immich/5.0.0/Chart.yaml new file mode 100644 index 00000000000..a95ee823ef0 --- /dev/null +++ b/stable/immich/5.0.0/Chart.yaml @@ -0,0 +1,34 @@ +apiVersion: v2 +appVersion: "1.41.1_64" +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 11.1.2 + - condition: postgresql.enabled + name: postgresql + repository: https://charts.truecharts.org/ + version: 11.0.18 + - condition: redis.enabled + name: redis + repository: https://charts.truecharts.org + version: 5.0.24 +description: High performance self-hosted photo and video backup solution. +home: https://truecharts.org/charts/stable/immich +icon: https://truecharts.org/img/hotlink-ok/chart-icons/immich.png +keywords: + - photos +kubeVersion: ">=1.16.0-0" +maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: immich +sources: + - https://github.com/truecharts/charts/tree/master/charts/stable/immich + - https://github.com/immich-app/immich +version: 5.0.0 +annotations: + truecharts.org/catagories: | + - media + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/stable/immich/5.0.0/README.md b/stable/immich/5.0.0/README.md new file mode 100644 index 00000000000..701942c352f --- /dev/null +++ b/stable/immich/5.0.0/README.md @@ -0,0 +1,27 @@ +# README + +## General Info + +TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE. +However only installations using the TrueNAS SCALE Apps system are supported. + +For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! + +*All Rights Reserved - The TrueCharts Project* diff --git a/stable/immich/5.0.0/app-changelog.md b/stable/immich/5.0.0/app-changelog.md new file mode 100644 index 00000000000..9be2174d311 --- /dev/null +++ b/stable/immich/5.0.0/app-changelog.md @@ -0,0 +1,10 @@ + + +## [immich-5.0.0](https://github.com/truecharts/charts/compare/immich-4.0.29...immich-5.0.0) (2023-01-15) + +### Chore + +- update immich to v1.41.1_64 (minor) ([#6355](https://github.com/truecharts/charts/issues/6355)) + - update container image tccr.io/truecharts/immich-proxy to v1.41.1_64 + + \ No newline at end of file diff --git a/stable/immich/5.0.0/app-readme.md b/stable/immich/5.0.0/app-readme.md new file mode 100644 index 00000000000..faabed80fd7 --- /dev/null +++ b/stable/immich/5.0.0/app-readme.md @@ -0,0 +1,8 @@ +High performance self-hosted photo and video backup solution. + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/immich](https://truecharts.org/charts/stable/immich) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! diff --git a/stable/immich/5.0.0/charts/common-11.1.2.tgz b/stable/immich/5.0.0/charts/common-11.1.2.tgz new file mode 100644 index 00000000000..da62080e8a5 Binary files /dev/null and b/stable/immich/5.0.0/charts/common-11.1.2.tgz differ diff --git a/stable/immich/5.0.0/charts/postgresql-11.0.18.tgz b/stable/immich/5.0.0/charts/postgresql-11.0.18.tgz new file mode 100644 index 00000000000..cdad3657e1f Binary files /dev/null and b/stable/immich/5.0.0/charts/postgresql-11.0.18.tgz differ diff --git a/stable/immich/5.0.0/charts/redis-5.0.24.tgz b/stable/immich/5.0.0/charts/redis-5.0.24.tgz new file mode 100644 index 00000000000..6512b89fa8a Binary files /dev/null and b/stable/immich/5.0.0/charts/redis-5.0.24.tgz differ diff --git a/stable/immich/5.0.0/ix_values.yaml b/stable/immich/5.0.0/ix_values.yaml new file mode 100644 index 00000000000..8f63de91f26 --- /dev/null +++ b/stable/immich/5.0.0/ix_values.yaml @@ -0,0 +1,89 @@ +image: + repository: tccr.io/truecharts/immich-server + tag: 1.41.1_64@sha256:e28a36ee635c6151f2c4de50aa7fee7d2eddd3b9d112bc6ea1551cb073bc8fbe + pullPolicy: IfNotPresent + +mlImage: + repository: tccr.io/truecharts/immich-ml + tag: 1.41.1_64@sha256:5b5acd62edd988e6eeb346bb496e559544996020ed75fc04309305344edb0032 + pullPolicy: IfNotPresent + +webImage: + repository: tccr.io/truecharts/immich-web + tag: 1.41.1_64@sha256:6ae7c91f77702abbea207180980dba795693bc448dc093ca3ae9b5f68b06630d + pullPolicy: IfNotPresent + +proxyImage: + repository: tccr.io/truecharts/immich-proxy + tag: 1.41.1_64@sha256:8f5c90ffdf09cc6952376988aee4449555a161458e3686a9b3ff1468df9dbf0f + pullPolicy: IfNotPresent + +command: + - /bin/sh + - ./start-server.sh + +securityContext: + readOnlyRootFilesystem: false + runAsNonRoot: false + +podSecurityContext: + runAsUser: 0 + runAsGroup: 0 + +immich: + enable_ml: true + public_login_page_message: Immich + disable_reverse_geocoding: false + reverse_geocoding_precision: 3 + # simple | verbose + log_level: simple + mapbox_enable: false + mapbox_key: "" + +envFrom: + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-server-config' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-common-config' + - secretRef: + name: '{{ include "tc.common.names.fullname" . }}-immich-secret' + +probes: + liveness: + path: /server-info/ping + type: HTTP + port: 3001 + readiness: + path: /server-info/ping + type: HTTP + port: 3001 + startup: + path: /server-info/ping + type: HTTP + port: 3001 + +service: + main: + ports: + main: + port: 10323 + protocol: HTTP + targetPort: 8080 + +persistence: + uploads: + enabled: true + mountPath: /usr/src/app/upload + +postgresql: + enabled: true + existingSecret: dbcreds + postgresqlUsername: immich + postgresqlDatabase: immich + +redis: + enabled: true + existingSecret: rediscreds + +portal: + enabled: true diff --git a/stable/immich/5.0.0/questions.yaml b/stable/immich/5.0.0/questions.yaml new file mode 100644 index 00000000000..d8c100103f3 --- /dev/null +++ b/stable/immich/5.0.0/questions.yaml @@ -0,0 +1,1881 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: General Settings + description: General Deployment Settings + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: VPN + description: VPN + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Documentation + description: Documentation +portals: + open: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: global + label: Global Settings + group: "General Settings" + schema: + type: dict + hidden: true + attrs: + - variable: isSCALE + label: Flag this is SCALE + schema: + type: boolean + default: true + hidden: true + - variable: controller + group: "General Settings" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: replicas + description: Number of desired pod replicas + label: Desired Replicas + schema: + type: int + required: true + default: 1 + - variable: customextraargs + group: "General Settings" + label: "Extra Args" + description: "Do not click this unless you know what you are doing" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: extraArgs + label: Extra Args + schema: + type: list + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + - variable: immich + group: App Configuration + label: Immich Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: public_login_page_message + label: Public Login Page Message + description: Custom message on the login page, should be written in HTML form. + schema: + type: string + default: "" + - variable: disable_reverse_geocoding + label: Disable Reverse Geocoding + schema: + type: boolean + default: false + - variable: reverse_geocoding_precision + label: Reverse Geocoding Precision + description: Reverse geocoding is done locally which has a small impact on memory usage. (Valid options 0 - 3) + schema: + type: int + show_if: [["disable_reverse_geocoding", "=", "false"]] + default: 3 + - variable: mapbox_enable + label: Enable MapBox + schema: + type: boolean + default: false + - variable: mapbox_key + label: MaxBox Key + schema: + type: string + private: true + show_if: [["maxbox_enable", "=", "false"]] + default: "" + - variable: log_level + label: Log Level + schema: + type: string + default: simple + enum: + - value: simple + description: simple + - value: verbose + description: verbose + - variable: enable_ml + label: Enable Machine Learning Container + schema: + type: boolean + default: true + - variable: TZ + label: Timezone + group: "General Settings" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + - variable: envList + label: Extra Environment Variables + description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..." + group: "General Settings" + schema: + type: list + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: service + group: Networking and Services + label: Configure Service(s) + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Service + description: The Primary service on which the healthcheck runs, often the webUI + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 10323 + required: true + - variable: serviceexpert + group: Networking and Services + label: Show Expert Config + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + group: Networking and Services + label: Host-Networking (Complicated) + schema: + type: boolean + default: false + - variable: externalInterfaces + description: Add External Interfaces + label: Add external Interfaces + group: Networking + schema: + type: list + items: + - variable: interfaceConfiguration + description: Interface Configuration + label: Interface Configuration + schema: + type: dict + $ref: + - "normalize/interfaceConfiguration" + attrs: + - variable: hostInterface + description: Please Specify Host Interface + label: Host Interface + schema: + type: string + required: true + $ref: + - "definitions/interface" + - variable: ipam + description: Define how IP Address will be managed + label: IP Address Management + schema: + type: dict + required: true + attrs: + - variable: type + description: Specify type for IPAM + label: IPAM Type + schema: + type: string + required: true + enum: + - value: dhcp + description: Use DHCP + - value: static + description: Use Static IP + show_subquestions_if: static + subquestions: + - variable: staticIPConfigurations + label: Static IP Addresses + schema: + type: list + items: + - variable: staticIP + label: Static IP + schema: + type: ipaddr + cidr: true + - variable: staticRoutes + label: Static Routes + schema: + type: list + items: + - variable: staticRouteConfiguration + label: Static Route Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: destination + label: Destination + schema: + type: ipaddr + cidr: true + required: true + - variable: gateway + label: Gateway + schema: + type: ipaddr + cidr: false + required: true + - variable: serviceList + label: Add Manual Custom Services + group: Networking and Services + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: Custom Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the service + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: (Advanced) The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: portsList + label: Additional Service Ports + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: Custom ports + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Port + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Port Name + schema: + type: string + default: "" + - variable: protocol + label: Port Type + schema: + type: string + default: TCP + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: targetPort + label: Target Port + description: This port exposes the container port on the service + schema: + type: int + required: true + - variable: port + label: Container Port + schema: + type: int + required: true + - variable: persistence + label: Integrated Persistent Storage + description: Integrated Persistent Storage + group: Storage and Persistence + schema: + additional_attrs: true + type: dict + attrs: + - variable: uploads + label: App Uploads Storage + description: Stores the Application Uploads. + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: pvc + enum: + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: emptyDir + description: emptyDir + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size quotum of Storage (Do NOT REDUCE after installation) + description: This value can ONLY be INCREASED after the installation + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: persistenceList + label: Additional App Storage + group: Storage and Persistence + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: Custom Storage + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the storage + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Type of Storage + description: Sets the persistence type, Anything other than PVC could break rollback! + schema: + type: string + default: hostPath + enum: + - value: pvc + description: PVC + - value: hostPath + description: Host Path + - value: emptyDir + description: emptyDir + - value: nfs + description: NFS Share + - variable: server + label: NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: Path on NFS Server + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissions + label: Automatic Permissions + description: Automatically set permissions on install + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: false + - variable: readOnly + label: Read Only + schema: + type: boolean + default: false + - variable: hostPath + label: Host Path + description: Path inside the container the storage is mounted + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: Mount Path + description: Path inside the container the storage is mounted + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: EmptyDir Medium + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: Default + - value: Memory + description: Memory + - variable: size + label: Size Quotum of Storage + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: 256Gi + - variable: ingress + label: "" + group: Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: Main Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: Select TrueNAS SCALE Certificate + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: (Advanced) Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: ingressClassName + label: (Advanced/Optional) IngressClass Name + schema: + type: string + default: "" + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: ingressList + label: Add Manual Custom Ingresses + group: Ingress + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: Custom Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: service + label: Linked Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Service Name + schema: + type: string + default: "" + - variable: port + label: Service Port + schema: + type: int + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: Select TrueNAS SCALE Certificate + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: security + label: Container Security Settings + group: Security and Permissions + schema: + type: dict + additional_attrs: true + attrs: + - variable: editsecurity + label: Change PUID / UMASK values + description: By enabling this you override default set values. + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: PUID + label: Process User ID - PUID + description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps + schema: + type: int + default: 568 + - variable: UMASK + label: UMASK + description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps + schema: + type: string + default: "002" + - variable: advancedSecurity + label: Show Advanced Security Settings + group: Security and Permissions + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: Privileged mode + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: ReadOnly Root Filesystem + schema: + type: boolean + default: false + - variable: allowPrivilegeEscalation + label: Allow Privilege Escalation + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: runAsNonRoot + schema: + type: boolean + default: false + - variable: podSecurityContext + group: Security and Permissions + label: Pod Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: runAsUser + description: The UserID of the user running the application + schema: + type: int + default: 0 + - variable: runAsGroup + label: runAsGroup + description: The groupID this App of the user running the application + schema: + type: int + default: 0 + - variable: fsGroup + label: fsGroup + description: The group that should own ALL storage. + schema: + type: int + default: 568 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: OnRootMismatch + enum: + - value: OnRootMismatch + description: OnRootMismatch + - value: Always + description: Always + - variable: supplementalGroups + label: Supplemental Groups + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: Supplemental Group + schema: + type: int + - variable: resources + group: Resources and Devices + label: "Resource Limits" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: Advanced Limit Resource Consumption + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 4000m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: RAM + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 8Gi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + hidden: true + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 10m + hidden: true + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 50Mi + hidden: true + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: deviceList + label: Mount USB Devices + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: Device + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Storage + schema: + type: boolean + default: true + - variable: type + label: (Advanced) Type of Storage + description: Sets the persistence type + schema: + type: string + default: hostPath + hidden: true + - variable: readOnly + label: readOnly + schema: + type: boolean + default: false + - variable: hostPath + label: Host Device Path + description: Path to the device on the host system + schema: + type: path + - variable: mountPath + label: Container Device Path + description: Path inside the container the device is mounted + schema: + type: string + default: "/dev/ttyACM0" + # Specify GPU configuration + - variable: scaleGPU + label: GPU Configuration + group: Resources and Devices + schema: + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + - variable: horizontalPodAutoscaler + group: Advanced + label: (Advanced) Horizontal Pod Autoscaler + schema: + type: list + default: [] + items: + - variable: hpaEntry + label: HPA Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: target + label: Target + description: Deployment name, Defaults to Main Deployment + schema: + type: string + default: "" + - variable: minReplicas + label: Minimum Replicas + schema: + type: int + default: 1 + - variable: maxReplicas + label: Maximum Replicas + schema: + type: int + default: 5 + - variable: targetCPUUtilizationPercentage + label: Target CPU Utilization Percentage + schema: + type: int + default: 80 + - variable: targetMemoryUtilizationPercentage + label: Target Memory Utilization Percentage + schema: + type: int + default: 80 + - variable: networkPolicy + group: Advanced + label: (Advanced) Network Policy + schema: + type: list + default: [] + items: + - variable: netPolicyEntry + label: Network Policy Entry + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + default: "" + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: policyType + label: Policy Type + schema: + type: string + default: "" + enum: + - value: "" + description: Default + - value: ingress + description: Ingress + - value: egress + description: Egress + - value: ingress-egress + description: Ingress and Egress + - variable: egress + label: Egress + schema: + type: list + default: [] + items: + - variable: egressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: to + label: To + schema: + type: list + default: [] + items: + - variable: toEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: ingress + label: Ingress + schema: + type: list + default: [] + items: + - variable: ingressEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: from + label: From + schema: + type: list + default: [] + items: + - variable: fromEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: ipBlock + label: IP Block + schema: + additional_attrs: true + type: dict + attrs: + - variable: cidr + label: CIDR + schema: + type: string + default: "" + - variable: except + label: Except + schema: + type: list + default: [] + items: + - variable: exceptint + label: "" + schema: + type: string + - variable: namespaceSelector + label: Namespace Selector + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: podSelector + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: matchExpressions + label: Match Expressions + schema: + type: list + default: [] + items: + - variable: expressionEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: key + label: Key + schema: + type: string + - variable: operator + label: Operator + schema: + type: string + default: TCP + enum: + - value: In + description: In + - value: NotIn + description: NotIn + - value: Exists + description: Exists + - value: DoesNotExist + description: DoesNotExist + - variable: values + label: Values + schema: + type: list + default: [] + items: + - variable: value + label: "" + schema: + type: string + - variable: ports + label: Ports + schema: + type: list + default: [] + items: + - variable: portsEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + - variable: endPort + label: End Port + schema: + type: int + - variable: protocol + label: Protocol + schema: + type: string + default: TCP + enum: + - value: TCP + description: TCP + - value: UDP + description: UDP + - value: SCTP + description: SCTP + - variable: addons + group: Addons + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: Codeserver + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: git + label: Git Settings + schema: + additional_attrs: true + type: dict + attrs: + - variable: deployKey + description: Raw SSH Private Key + label: Deploy Key + schema: + type: string + - variable: deployKeyBase64 + description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence + label: Deploy Key Base64 + schema: + type: string + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: NodePort + description: Deprecated CHANGE THIS + - value: ClusterIP + description: ClusterIP + - value: LoadBalancer + description: LoadBalancer + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: (Advanced) The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + default: 36107 + - variable: nodePort + description: Leave Empty to Disable + label: nodePort DEPRECATED + schema: + type: int + default: 36107 + - variable: envList + label: Codeserver Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: vpn + label: VPN + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + default: disabled + enum: + - value: disabled + description: disabled + - value: openvpn + description: OpenVPN + - value: wireguard + description: Wireguard + - value: tailscale + description: Tailscale + - variable: openvpn + label: OpenVPN Settings + schema: + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: Authentication Username (Optional) + description: Authentication Username, Optional + schema: + type: string + default: "" + - variable: password + label: Authentication Password + description: Authentication Credentials + schema: + type: string + default: "" + required: true + - variable: tailscale + label: Tailscale Settings + schema: + type: dict + show_if: [["type", "=", "tailscale"]] + attrs: + - variable: authkey + label: Authentication Key + description: Provide an auth key to automatically authenticate the node as your user account. + schema: + type: string + private: true + default: "" + - variable: auth_once + label: Auth Once + description: Only attempt to log in if not already logged in. + schema: + type: boolean + default: true + - variable: accept_dns + label: Accept DNS + description: Accept DNS configuration from the admin console. + schema: + type: boolean + default: false + - variable: userspace + label: Userspace + description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device. + schema: + type: boolean + default: false + - variable: routes + label: Routes + description: Expose physical subnet routes to your entire Tailscale network. + schema: + type: string + default: "" + - variable: dest_ip + label: Destination IP + description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched. + schema: + type: string + default: "" + - variable: sock5_server + label: Sock5 Server + description: The address on which to listen for SOCKS5 proxying into the tailscale net. + schema: + type: string + default: "" + - variable: outbound_http_proxy_listen + label: Outbound HTTP Proxy Listen + description: The address on which to listen for HTTP proxying into the tailscale net. + schema: + type: string + default: "" + - variable: extra_args + label: Extra Args + description: Extra Args + schema: + type: string + default: "" + - variable: daemon_extra_args + label: Tailscale Daemon Extra Args + description: Tailscale Daemon Extra Args + schema: + type: string + default: "" + - variable: killSwitch + label: Enable Killswitch + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: Killswitch Excluded IPv4 networks + description: List of Killswitch Excluded IPv4 Addresses + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: IPv4 Network + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: Killswitch Excluded IPv6 networks + description: "List of Killswitch Excluded IPv6 Addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: IPv6 Network + schema: + type: string + required: true + - variable: configFile + label: VPN Config File Location + schema: + type: dict + show_if: [["type", "!=", "disabled"]] + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Type + schema: + type: string + default: hostPath + hidden: true + - variable: hostPathType + label: hostPathType + schema: + type: string + default: File + hidden: true + - variable: noMount + label: noMount + schema: + type: boolean + default: true + hidden: true + - variable: hostPath + label: Full Path to File + description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" + schema: + type: string + default: "" + - variable: envList + label: VPN Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: docs + group: Documentation + label: Please read the documentation at https://truecharts.org + description: Please read the documentation at +
https://truecharts.org + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDocs + label: I have checked the documentation + schema: + type: boolean + default: true + - variable: donateNag + group: Documentation + label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor + description: Please consider supporting TrueCharts, see +
https://truecharts.org/sponsor + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDonate + label: I have considered donating + schema: + type: boolean + default: true + hidden: true diff --git a/stable/immich/5.0.0/templates/_configmap.tpl b/stable/immich/5.0.0/templates/_configmap.tpl new file mode 100644 index 00000000000..0bc42fede82 --- /dev/null +++ b/stable/immich/5.0.0/templates/_configmap.tpl @@ -0,0 +1,51 @@ +{{/* Define the configmap */}} +{{- define "immich.config" -}} + +{{- $serverConfigName := printf "%s-server-config" (include "tc.common.names.fullname" .) -}} +{{- $commonConfigName := printf "%s-common-config" (include "tc.common.names.fullname" .) -}} +{{- $proxyConfigName := printf "%s-proxy-config" (include "tc.common.names.fullname" .) }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $serverConfigName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + DB_HOSTNAME: {{ printf "%v-%v" .Release.Name "postgresql" }} + DB_USERNAME: {{ .Values.postgresql.postgresqlUsername }} + DB_DATABASE_NAME: {{ .Values.postgresql.postgresqlDatabase }} + DB_PORT: "5432" + REDIS_HOSTNAME: {{ printf "%v-%v" .Release.Name "redis" }} + REDIS_PORT: "6379" + REDIS_DBINDEX: "0" + {{/* User Defined */}} + DISABLE_REVERSE_GEOCODING: {{ .Values.immich.disable_reverse_geocoding | quote }} + REVERSE_GEOCODING_PRECISION: {{ .Values.immich.reverse_geocoding_precision | quote }} + ENABLE_MAPBOX: {{ .Values.immich.mapbox_enable | quote }} + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $commonConfigName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + IMMICH_WEB_URL: http://localhost:3000 + IMMICH_SERVER_URL: http://localhost:3001 + IMMICH_MACHINE_LEARNING_URL: http://localhost:3003 + {{/* + It's unclear where this URL is being used, but poking in their code, seems to be used internally? + It's set to the value of IMMICH_SERVER_URL on their compose. If something doesn't work remotely, + This is the place to start looking + https://github.com/immich-app/immich/blob/b5d75e20167b92de12cc50a816da214779cb0807/web/src/api/api.ts#L55 + */}} + PUBLIC_IMMICH_SERVER_URL: http://localhost:3001 + NODE_ENV: production + {{/* User Defined */}} + {{- with .Values.immich.public_login_page_message }} + PUBLIC_LOGIN_PAGE_MESSAGE: {{ . }} + {{- end }} + LOG_LEVEL: {{ .Values.immich.log_level }} +{{- end -}} diff --git a/stable/immich/5.0.0/templates/_microservices.tpl b/stable/immich/5.0.0/templates/_microservices.tpl new file mode 100644 index 00000000000..ee6c2282898 --- /dev/null +++ b/stable/immich/5.0.0/templates/_microservices.tpl @@ -0,0 +1,56 @@ +{{/* Define the ml container */}} +{{- define "immich.microservices" -}} +image: {{ .Values.image.repository }}:{{ .Values.image.tag }} +imagePullPolicy: {{ .Values.image.pullPolicy }} +securityContext: + runAsUser: {{ .Values.podSecurityContext.runAsUser }} + runAsGroup: {{ .Values.podSecurityContext.runAsGroup }} + readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }} + runAsNonRoot: {{ .Values.securityContext.runAsNonRoot }} +command: + - /bin/sh + - ./start-microservices.sh +volumeMounts: + - name: uploads + mountPath: {{ .Values.persistence.uploads.mountPath }} +envFrom: + - secretRef: + name: '{{ include "tc.common.names.fullname" . }}-immich-secret' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-common-config' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-server-config' +readinessProbe: + exec: + command: + - /bin/sh + - -c + - | + ps -a | grep -v grep | grep -q microservices || exit 1 + initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }} +livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + ps -a | grep -v grep | grep -q microservices || exit 1 + initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }} +startupProbe: + exec: + command: + - /bin/sh + - -c + - | + ps -a | grep -v grep | grep -q microservices || exit 1 + initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }} +{{- end -}} diff --git a/stable/immich/5.0.0/templates/_ml.tpl b/stable/immich/5.0.0/templates/_ml.tpl new file mode 100644 index 00000000000..8c68981323b --- /dev/null +++ b/stable/immich/5.0.0/templates/_ml.tpl @@ -0,0 +1,60 @@ +{{/* Define the ml container */}} +{{- define "immich.ml" -}} + {{- if hasKey .Values "imageML" -}} {{/* For smooth upgrade, Remove later*/}} + {{- $img := .Values.imageML -}} + {{- $_ := set .Values "mlImage" (dict "repository" $img.repository "tag" $img.tag "pullPolicy" $img.pullPolicy) -}} + {{- end }} +image: {{ .Values.mlImage.repository }}:{{ .Values.mlImage.tag }} +imagePullPolicy: {{ .Values.mlImage.pullPolicy }} +securityContext: + runAsUser: {{ .Values.podSecurityContext.runAsUser }} + runAsGroup: {{ .Values.podSecurityContext.runAsGroup }} + readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }} + runAsNonRoot: {{ .Values.securityContext.runAsNonRoot }} +command: + - /bin/sh + - ./entrypoint.sh +volumeMounts: + - name: uploads + mountPath: {{ .Values.persistence.uploads.mountPath }} +envFrom: + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-common-config' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-server-config' + - secretRef: + name: '{{ include "tc.common.names.fullname" . }}-immich-secret' +readinessProbe: + exec: + command: + - /bin/sh + - -c + - | + grep -q main.js /proc/1/cmdline || exit 1 + initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }} +livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + grep -q main.js /proc/1/cmdline || exit 1 + initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }} +startupProbe: + exec: + command: + - /bin/sh + - -c + - | + grep -q main.js /proc/1/cmdline || exit 1 + initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }} +{{- end -}} diff --git a/stable/immich/5.0.0/templates/_proxy.tpl b/stable/immich/5.0.0/templates/_proxy.tpl new file mode 100644 index 00000000000..103939741dd --- /dev/null +++ b/stable/immich/5.0.0/templates/_proxy.tpl @@ -0,0 +1,47 @@ +{{/* Define the proxy container */}} +{{- define "immich.proxy" -}} + {{- if hasKey .Values "imageProxy" -}} {{/* For smooth upgrade, Remove later */}} + {{- $img := .Values.imageProxy -}} + {{- $_ := set .Values "proxyImage" (dict "repository" $img.repository "tag" $img.tag "pullPolicy" $img.pullPolicy) -}} + {{- end -}} + {{- if not .Values.service.main.ports.main.targetPort -}} {{/* For smooth upgrade, Remove later */}} + {{- $_ := set .Values.service.main.ports.main "targetPort" 8080 -}} + {{- end }} +image: {{ .Values.proxyImage.repository }}:{{ .Values.proxyImage.tag }} +imagePullPolicy: {{ .Values.proxyImage.pullPolicy }} +securityContext: + runAsUser: {{ .Values.podSecurityContext.runAsUser }} + runAsGroup: {{ .Values.podSecurityContext.runAsGroup }} + readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }} + runAsNonRoot: {{ .Values.securityContext.runAsNonRoot }} +envFrom: + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-common-config' +ports: + - containerPort: {{ .Values.service.main.ports.main.targetPort }} + name: main +readinessProbe: + httpGet: + path: /api/server-info/ping + port: {{ .Values.service.main.ports.main.targetPort }} + initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }} +livenessProbe: + httpGet: + path: /api/server-info/ping + port: {{ .Values.service.main.ports.main.targetPort }} + initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }} +startupProbe: + httpGet: + path: /api/server-info/ping + port: {{ .Values.service.main.ports.main.targetPort }} + initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }} +{{- end -}} diff --git a/stable/immich/5.0.0/templates/_secret.tpl b/stable/immich/5.0.0/templates/_secret.tpl new file mode 100644 index 00000000000..28b9f9053fd --- /dev/null +++ b/stable/immich/5.0.0/templates/_secret.tpl @@ -0,0 +1,25 @@ +{{/* Define the secret */}} +{{- define "immich.secret" -}} + +{{- $secretName := printf "%s-immich-secret" (include "tc.common.names.fullname" .) }} +--- +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ $secretName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + {{/* Secret Key */}} + {{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }} + JWT_SECRET: {{ index .data "JWT_SECRET" }} + {{- else }} + JWT_SECRET: {{ randAlphaNum 32 | b64enc }} + {{- end }} + DB_PASSWORD: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" | b64enc }} + REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" | b64enc }} + {{- with .Values.immich.mapbox_key }} + MAPBOX_KEY: {{ . | b64enc}} + {{- end }} +{{- end }} diff --git a/stable/immich/5.0.0/templates/_web.tpl b/stable/immich/5.0.0/templates/_web.tpl new file mode 100644 index 00000000000..9c0107ead21 --- /dev/null +++ b/stable/immich/5.0.0/templates/_web.tpl @@ -0,0 +1,44 @@ +{{/* Define the web container */}} +{{- define "immich.web" -}} + {{- if hasKey .Values "imageWeb" -}} {{/* For smooth upgrade, Remove later */}} + {{- $img := .Values.imageWeb -}} + {{- $_ := set .Values "webImage" (dict "repository" $img.repository "tag" $img.tag "pullPolicy" $img.pullPolicy) -}} + {{- end }} +image: {{ .Values.webImage.repository }}:{{ .Values.webImage.tag }} +imagePullPolicy: {{ .Values.webImage.pullPolicy }} +securityContext: + runAsUser: {{ .Values.podSecurityContext.runAsUser }} + runAsGroup: {{ .Values.podSecurityContext.runAsGroup }} + readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }} + runAsNonRoot: {{ .Values.securityContext.runAsNonRoot }} +command: + - /bin/sh + - ./entrypoint.sh +envFrom: + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-common-config' +readinessProbe: + httpGet: + path: / + port: 3000 + initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }} +livenessProbe: + httpGet: + path: / + port: 3000 + initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }} +startupProbe: + httpGet: + path: / + port: 3000 + initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }} + timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }} + periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }} + failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }} +{{- end -}} diff --git a/stable/immich/5.0.0/templates/common.yaml b/stable/immich/5.0.0/templates/common.yaml new file mode 100644 index 00000000000..31ed6b6d749 --- /dev/null +++ b/stable/immich/5.0.0/templates/common.yaml @@ -0,0 +1,18 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.common.loader.init" . }} + +{{/* Render secret */}} +{{- include "immich.secret" . }} + +{{/* Render config */}} +{{- include "immich.config" . }} + +{{- $_ := set .Values.additionalContainers "proxy" (include "immich.proxy" . | fromYaml) -}} +{{- $_ := set .Values.additionalContainers "web" (include "immich.web" . | fromYaml) -}} +{{- if .Values.immich.enable_ml -}} +{{- $_ := set .Values.additionalContainers "ml" (include "immich.ml" . | fromYaml) -}} +{{- end -}} +{{- $_ := set .Values.additionalContainers "microservices" (include "immich.microservices" . | fromYaml) -}} + +{{/* Render the templates */}} +{{ include "tc.common.loader.apply" . }} diff --git a/stable/immich/5.0.0/values.yaml b/stable/immich/5.0.0/values.yaml new file mode 100644 index 00000000000..e69de29bb2d