Erich Blume
8621996343
## Summary - Migrate all ArgoCD app repo URLs from `indri.tail8d86e.ts.net:2200` to `forge.ops.eblu.me:2222` - Add Immich self-hosted photo management service with: - Helm chart deployment via ArgoCD - PostgreSQL cluster with pgvecto.rs for AI vector search (immich-pg) - NFS storage on sifaka for photo library (2Ti) - Tailscale Ingress + Caddy proxy for `photos.ops.eblu.me` - Machine learning service for face/object recognition ## Deployment and Testing - [x] Update ArgoCD repo-creds-forge secret with new URL (one-time manual step) - [ ] Sync `apps` to pick up new applications - [ ] Sync all existing apps to verify new forge URL works - [ ] Sync `blumeops-pg` to deploy immich-pg cluster - [ ] Wait for immich-pg to be healthy - [ ] Create immich-db secret from auto-generated password - [ ] Sync `immich-storage` (PV, PVC, Ingress) - [ ] Sync `immich` (Helm chart) - [ ] Run `mise run provision-indri -- --tags caddy` to add photos.ops.eblu.me - [ ] Verify Immich UI is accessible 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/62
54 lines
1.5 KiB
YAML
54 lines
1.5 KiB
YAML
# PostgreSQL Cluster for Immich
|
|
# Uses VectorChord (successor to pgvecto.rs) for AI-powered vector search
|
|
# See: https://github.com/immich-app/immich/discussions/9060
|
|
# Managed by CloudNativePG operator
|
|
apiVersion: postgresql.cnpg.io/v1
|
|
kind: Cluster
|
|
metadata:
|
|
name: immich-pg
|
|
namespace: databases
|
|
spec:
|
|
instances: 1
|
|
# VectorChord image for PostgreSQL 17 with VectorChord 0.5.0
|
|
# Immich v2.4.1 requires VectorChord >=0.3 <0.6
|
|
# See: https://github.com/tensorchord/VectorChord
|
|
imageName: ghcr.io/tensorchord/cloudnative-vectorchord:17-0.5.0
|
|
|
|
storage:
|
|
size: 10Gi
|
|
storageClass: standard
|
|
|
|
# Bootstrap creates initial database and owner
|
|
bootstrap:
|
|
initdb:
|
|
database: immich
|
|
owner: immich
|
|
postInitSQL:
|
|
# Extensions required by Immich
|
|
- CREATE EXTENSION IF NOT EXISTS vector;
|
|
- CREATE EXTENSION IF NOT EXISTS vchord CASCADE;
|
|
- CREATE EXTENSION IF NOT EXISTS cube CASCADE;
|
|
- CREATE EXTENSION IF NOT EXISTS earthdistance CASCADE;
|
|
|
|
# Resource limits for minikube environment
|
|
resources:
|
|
requests:
|
|
memory: "256Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1Gi"
|
|
cpu: "500m"
|
|
|
|
# PostgreSQL configuration
|
|
postgresql:
|
|
# VectorChord requires vchord.so in shared_preload_libraries
|
|
shared_preload_libraries:
|
|
- "vchord.so"
|
|
parameters:
|
|
max_connections: "50"
|
|
shared_buffers: "128MB"
|
|
password_encryption: "scram-sha-256"
|
|
pg_hba:
|
|
# Allow connections from k8s pods
|
|
- host all all 0.0.0.0/0 scram-sha-256
|
|
- host all all ::/0 scram-sha-256
|