hyl.st / helm
nix config
fork atom

feat: run immich

Anish Lakhwara f4e53de4 cfa7dfac

options
unified split
Changed files
+28 -18
dns
dnsconfig.js
hosts
box
default.nix
helix
default.nix
profiles
immich
default.nix
+2 -1
dns/dnsconfig.js
··· 40 A('bin', '69.61.2.203', TTL(300)), 41 A('ci', '69.61.2.203', TTL(300)), 42 A('write', '69.61.2.203', TTL(300)), 43 - // vultr -> nulled: lituus 44 A('@', '45.77.48.108', TTL(300)), 45 A('jitsi', '45.77.48.108', TTL(300)), 46 A('chat', '45.77.48.108', TTL(300)),
··· 40 A('bin', '69.61.2.203', TTL(300)), 41 A('ci', '69.61.2.203', TTL(300)), 42 A('write', '69.61.2.203', TTL(300)), 43 + A('photos', '69.61.2.203', TTL(300)), 44 + // vultr: lituus 45 A('@', '45.77.48.108', TTL(300)), 46 A('jitsi', '45.77.48.108', TTL(300)), 47 A('chat', '45.77.48.108', TTL(300)),
+2
hosts/box/default.nix
··· 50 # "/home/anish/usr/nonfiction" # syncthing 51 "/home/anish/usr/finance" # beancount 52 "/mnt/two/postgres" # sealight postgres backups TODO remove once moved to capsul 53 ]; 54 # seafile 55 };
··· 50 # "/home/anish/usr/nonfiction" # syncthing 51 "/home/anish/usr/finance" # beancount 52 "/mnt/two/postgres" # sealight postgres backups TODO remove once moved to capsul 53 + "/mnt/two/photos" 54 + "/mnt/two/music" 55 ]; 56 # seafile 57 };
+13 -13
hosts/helix/default.nix
··· 31 }; 32 33 # Reverse proxy for immich 34 - services.nginx.virtualHosts."photos.sealight.xyz" = { 35 - enableACME = true; 36 - forceSSL = true; 37 38 - locations."/" = { 39 - extraConfig = '' 40 - proxy_pass http://10.0.69.4:8567; 41 - proxy_set_header Host $host; 42 - proxy_set_header X-Real-IP $remote_addr; 43 - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 44 - proxy_set_header X-Forwarded-Proto $scheme; 45 - ''; 46 - }; 47 - }; 48 49 services.postgresql.package = pkgs.postgresql_15; 50 services.postgresqlBackup = {
··· 31 }; 32 33 # Reverse proxy for immich 34 + # services.nginx.virtualHosts."photos.sealight.xyz" = { 35 + # enableACME = true; 36 + # forceSSL = true; 37 38 + # locations."/" = { 39 + # extraConfig = '' 40 + # proxy_pass http://10.0.69.4:8567; 41 + # proxy_set_header Host $host; 42 + # proxy_set_header X-Real-IP $remote_addr; 43 + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 44 + # proxy_set_header X-Forwarded-Proto $scheme; 45 + # ''; 46 + # }; 47 + # }; 48 49 services.postgresql.package = pkgs.postgresql_15; 50 services.postgresqlBackup = {
+11 -4
hosts/profiles/immich/default.nix
··· 1 - { ... }: 2 { 3 services.immich = { 4 enable = true; ··· 7 }; 8 host = "0.0.0.0"; 9 port = 8567; 10 - mediaLocation = "/data/photos"; 11 - externalDomain = "https://photos.sealight.xyz"; 12 }; 13 services.nginx.virtualHosts."photos.mossnet.lan" = { 14 enableACME = false; 15 forceSSL = false; 16 17 locations."/" = { 18 extraConfig = '' 19 - proxy_pass http://127.0.0.1:8567/; 20 ''; 21 }; 22 };
··· 1 + { pkgs, config, ... }: 2 { 3 services.immich = { 4 enable = true; ··· 7 }; 8 host = "0.0.0.0"; 9 port = 8567; 10 + mediaLocation = "/mnt/two/photos"; 11 + openFirewall = true; 12 + settings.server.externalDomain = "https://photos.sealight.xyz"; 13 }; 14 services.nginx.virtualHosts."photos.mossnet.lan" = { 15 enableACME = false; 16 forceSSL = false; 17 18 locations."/" = { 19 + proxyPass = "http://127.0.0.1:${toString config.services.immich.port}"; 20 + proxyWebsockets = true; 21 + recommendedProxySettings = true; 22 extraConfig = '' 23 + client_max_body_size 50000M; 24 + proxy_read_timeout 600s; 25 + proxy_send_timeout 600s; 26 + send_timeout 600s; 27 ''; 28 }; 29 };