Erich Blume
1d9d8867fb
Mirror of argocd/manifests/databases/immich-pg.yaml on ringtail: - Same VectorChord image (PG17 + VectorChord 0.5.0) - Same extensions (vector, vchord, cube, earthdistance) via postInitSQL - Same managed borgmatic role with pg_read_all_data - 10 GiB local-path storage (matches minikube source) - shared_preload_libraries: vchord.so - Empty initdb today; bootstrap block will be rewritten when immich-pg-data-migration picks its import method. ArgoCD app databases-ringtail targets ringtail/databases. ExternalSecret reuses the onepassword-blumeops ClusterSecretStore that already exists on ringtail via external-secrets-ringtail. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
68 lines
1.9 KiB
YAML
68 lines
1.9 KiB
YAML
# PostgreSQL Cluster for Immich on ringtail k3s.
|
|
#
|
|
# Mirror of argocd/manifests/databases/immich-pg.yaml (minikube), with
|
|
# ringtail-specific tweaks (storageClass: local-path). The bootstrap
|
|
# section may be rewritten when [[immich-pg-data-migration]] picks an
|
|
# import method — both pg_dump/restore and CNPG externalCluster
|
|
# basebackup require touching this block.
|
|
#
|
|
# Uses VectorChord (successor to pgvecto.rs) for AI-powered vector
|
|
# search. See: https://github.com/immich-app/immich/discussions/9060
|
|
apiVersion: postgresql.cnpg.io/v1
|
|
kind: Cluster
|
|
metadata:
|
|
name: immich-pg
|
|
namespace: databases
|
|
spec:
|
|
instances: 1
|
|
# VectorChord image for PostgreSQL 17 with VectorChord 0.5.0
|
|
imageName: ghcr.io/tensorchord/cloudnative-vectorchord:17-0.5.0
|
|
|
|
storage:
|
|
size: 10Gi
|
|
storageClass: local-path
|
|
|
|
# Bootstrap creates initial database and owner.
|
|
# Empty initdb today; replaced by the chosen data-migration method
|
|
# in immich-pg-data-migration.
|
|
bootstrap:
|
|
initdb:
|
|
database: immich
|
|
owner: immich
|
|
postInitSQL:
|
|
- CREATE EXTENSION IF NOT EXISTS vector;
|
|
- CREATE EXTENSION IF NOT EXISTS vchord CASCADE;
|
|
- CREATE EXTENSION IF NOT EXISTS cube CASCADE;
|
|
- CREATE EXTENSION IF NOT EXISTS earthdistance CASCADE;
|
|
|
|
# Managed roles
|
|
managed:
|
|
roles:
|
|
- name: borgmatic
|
|
login: true
|
|
connectionLimit: -1
|
|
ensure: present
|
|
inherit: true
|
|
inRoles:
|
|
- pg_read_all_data
|
|
passwordSecret:
|
|
name: immich-pg-borgmatic
|
|
|
|
resources:
|
|
requests:
|
|
memory: "256Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1Gi"
|
|
cpu: "500m"
|
|
|
|
postgresql:
|
|
shared_preload_libraries:
|
|
- "vchord.so"
|
|
parameters:
|
|
max_connections: "50"
|
|
shared_buffers: "128MB"
|
|
password_encryption: "scram-sha-256"
|
|
pg_hba:
|
|
- host all all 0.0.0.0/0 scram-sha-256
|
|
- host all all ::/0 scram-sha-256
|