ADD: added photoprism and immich manifest

k3s/apps/gitea/gitea.yaml

@@ -0,0 +1,185 @@
+# Namespace
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: gitea
+
+# PV + PVC: Gitea (NFS)
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: gitea-pv
+spec:
+  storageClassName: nfs
+  capacity:
+    storage: 30Gi
+  accessModes:
+    - ReadWriteMany
+  persistentVolumeReclaimPolicy: Retain
+  nfs:
+    server: 192.168.178.132
+    path: /slowData/gitea/repos
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: gitea-pvc
+  namespace: gitea
+spec:
+  storageClassName: nfs
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 30Gi
+
+# PV + PVC: PostgreSQL (NFS)
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: postgres-pv
+spec:
+  storageClassName: nfs
+  capacity:
+    storage: 10Gi
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  nfs:
+    server: 192.168.178.132
+    path: /slowData/gitea/postgres
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: postgres-pvc
+  namespace: gitea
+spec:
+  storageClassName: nfs
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi
+
+# Deployment: PostgreSQL
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: postgres
+  namespace: gitea
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: postgres
+  template:
+    metadata:
+      labels:
+        app: postgres
+    spec:
+      containers:
+        - name: postgres
+          image: postgres:13
+          env:
+            - name: POSTGRES_DB
+              value: gitea
+            - name: POSTGRES_USER
+              value: gitea
+            - name: POSTGRES_PASSWORD
+              value: giteapassword
+          ports:
+            - containerPort: 5432
+          volumeMounts:
+            - name: postgres-storage
+              mountPath: /var/lib/postgresql/data
+      volumes:
+        - name: postgres-storage
+          persistentVolumeClaim:
+            claimName: postgres-pvc
+
+# Service: PostgreSQL
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgres
+  namespace: gitea
+spec:
+  selector:
+    app: postgres
+  ports:
+    - protocol: TCP
+      port: 5432
+      targetPort: 5432
+
+# Deployment: Gitea
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gitea
+  namespace: gitea
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gitea
+  template:
+    metadata:
+      labels:
+        app: gitea
+    spec:
+      containers:
+        - name: gitea
+          image: gitea/gitea:latest
+          env:
+            - name: USER_UID
+              value: "1000"
+            - name: USER_GID
+              value: "1000"
+            - name: GITEA__database__DB_TYPE
+              value: postgres
+            - name: GITEA__database__HOST
+              value: postgres:5432
+            - name: GITEA__database__NAME
+              value: gitea
+            - name: GITEA__database__USER
+              value: gitea
+            - name: GITEA__database__PASSWD
+              value: giteapassword
+          ports:
+            - containerPort: 3000   # HTTP
+            - containerPort: 22     # SSH
+          volumeMounts:
+            - name: gitea-storage
+              mountPath: /data
+      volumes:
+        - name: gitea-storage
+          persistentVolumeClaim:
+            claimName: gitea-pvc
+
+# Service: Gitea (inkl. SSH)
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: gitea
+  namespace: gitea
+spec:
+  selector:
+    app: gitea
+  type: NodePort  # Alternativ: LoadBalancer für Clouds
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+      targetPort: 3000
+    - name: ssh
+      protocol: TCP
+      port: 22
+      targetPort: 22

k3s/apps/photo/icloudpd/icloudpd.yaml

@@ -15,7 +15,8 @@ spec:
     spec:
       containers:
         - name: icloudpd
-          image: r3d454/dockericloudpd:latest
+          image: r3d454/iclouddownloader:latest
+#          image: r3d454/dockericloudpd:latest
           env:
             - name: apple_id
               value: "Henry-Winkel@web.de"

k3s/apps/photo/immich/immich-configmap.yaml

@@ -0,0 +1,23 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: immich-env
+  namespace: photoprism
+  labels:
+    app: immich
+data:
+  DB_DATABASE_NAME: "immich"
+  DB_HOSTNAME: "immich-database"
+  DB_USERNAME: "immich"
+  IMMICH_MACHINE_LEARNING_URL: "http://immich-machine-learning:3003"
+#  REDIS_HOSTNAME: "redis-server.redis-server.svc.cluster.local"
+  REDIS_HOSTNAME: "redis-server"
+  REDIS_PORT: "6379"
+  REDIS_DBINDEX: "0"
+  REDIS_PASSWORD: ""
+  DISABLE_REVERSE_GEOCODING: "false"
+  REVERSE_GEOCODING_PRECISION: "2"
+  PUBLIC_LOGIN_PAGE_MESSAGE: ""
+  PUID: "0"
+  PGID: "0"
+  DB_PASSWORD: "password"

k3s/apps/photo/immich/immich-db-deployment.yaml

@@ -0,0 +1,46 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: immich-database
+  namespace: photoprism
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: immich-database
+  template:
+    metadata:
+      labels:
+        app: immich-database
+    spec:
+      containers:
+        - name: immich-postgres
+          image: "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0"
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 5432
+          env:
+            - name: POSTGRES_USER
+              valueFrom:
+                configMapKeyRef:
+                  name: immich-env
+                  key: DB_USERNAME
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                configMapKeyRef:
+                  name: immich-env
+                  key: DB_PASSWORD
+            - name: POSTGRES_DB
+              valueFrom:
+                configMapKeyRef:
+                  name: immich-env
+                  key: DB_DATABASE_NAME
+          volumeMounts:
+            - name: pgdata
+              mountPath: /var/lib/postgresql/data
+              subPath: postgres
+          resources: {}
+      volumes:
+        - name: pgdata
+          persistentVolumeClaim:
+            claimName: immich-db-pvc

k3s/apps/photo/immich/immich-db-pv.yaml

@@ -0,0 +1,17 @@
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: immich-db-pv
+  namespace: photoprism
+  labels:
+    app: immich-postgresql
+spec:
+  capacity:
+    storage: 20Gi  # Adjust the storage size as needed
+  storageClassName: nfs
+  accessModes:
+    - ReadWriteMany
+  nfs:
+    path: /slowData/immichDB  # Static path on the NFS server
+    server: 192.168.178.132               # Your NFS server's IP
+  persistentVolumeReclaimPolicy: Retain

k3s/apps/photo/immich/immich-db-pvc.yaml

@@ -0,0 +1,15 @@
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: immich-db-pvc
+  namespace: photoprism
+  labels:
+    app: immich
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 20Gi  # Match or be less than the PV's capacity
+  volumeName: immich-db-pv  # Bind explicitly to the PV created above
+  storageClassName: nfs

k3s/apps/photo/immich/immich-db-service.yaml

@@ -0,0 +1,15 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: immich-database
+  namespace: photoprism
+  labels:
+    app: immich-database
+spec:
+  type: ClusterIP
+  selector:
+    app: immich-database
+  ports:
+    - name: tcp-postgresql
+      port: 5432
+      targetPort: 5432

k3s/apps/photo/immich/immich-library-pv.yaml

@@ -0,0 +1,16 @@
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: immich-library-pv
+  namespace: immich
+  labels:
+    app: immich
+spec:
+  capacity:
+    storage: 50Gi  # Adjust the storage size as needed
+  storageClassName: nfs
+  accessModes:
+    - ReadWriteMany
+  nfs:
+    path: /fastData/immichLibrary  # Static path on the NFS server
+    server: 192.168.178.132

k3s/apps/photo/immich/immich-library-pvc.yaml

@@ -0,0 +1,15 @@
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: immich-library-pvc
+  namespace: photoprism
+  labels:
+    app: immich
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 50Gi  # Match or be less than the PV's capacity
+  volumeName: immich-library-pv  # Bind explicitly to the PV created above
+  storageClassName: nfs

k3s/apps/photo/immich/immich-ml-deployment.yaml

@@ -0,0 +1,65 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: immich-machine-learning
+  namespace: photoprism
+  labels:
+    app: immich-machine-learning
+spec:
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: immich-machine-learning
+  template:
+    metadata:
+      labels:
+        app: immich-machine-learning
+    spec:
+      securityContext:
+        fsGroup: 0
+      serviceAccountName: default
+      automountServiceAccountToken: true
+      dnsPolicy: ClusterFirst
+      enableServiceLinks: true
+      containers:
+        - name: immich-machine-learning
+          image: "ghcr.io/immich-app/immich-machine-learning:release"
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 3003
+          env:
+            - name: DB_PASSWORD
+              valueFrom:
+                configMapKeyRef:
+                  name: immich-env
+                  key: DB_PASSWORD
+            - name: TRANSFORMERS_CACHE
+              value: /cache
+          envFrom:
+            - configMapRef:
+                name: immich-env
+                optional: false
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /ping
+              port: 3003
+            initialDelaySeconds: 0
+            periodSeconds: 10
+            timeoutSeconds: 1
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /ping
+              port: 3003
+            initialDelaySeconds: 0
+            periodSeconds: 10
+            timeoutSeconds: 1
+          volumeMounts:
+            - name: cache
+              mountPath: /cache
+          resources: {}
+      volumes:
+        - name: cache
+          emptyDir: {}

k3s/apps/photo/immich/immich-ml-service.yaml

@@ -0,0 +1,15 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: immich-machine-learning
+  namespace: photoprism
+  labels:
+    app: immich-machine-learning
+spec:
+  type: ClusterIP
+  selector:
+    app: immich-machine-learning
+  ports:
+    - port: 3003
+      targetPort: 3003
+      protocol: TCP

k3s/apps/photo/immich/immich-server-deployment.yaml

@@ -0,0 +1,97 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: immich-server
+  namespace: photoprism
+  labels:
+    app: immich-server
+spec:
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: immich-server
+  template:
+    metadata:
+      labels:
+        app: immich-server
+      annotations:
+        k8s.v1.cni.cncf.io/networks: |
+          [{
+            "name": "multus-iot",
+            "namespace": "default",
+            "mac": "2e:f8:57:99:6e:31",
+            "ips": ["192.168.1.192/24"]
+          }]
+    spec:
+      securityContext:
+        fsGroup: 0
+      serviceAccountName: default
+      dnsPolicy: ClusterFirst
+      initContainers:
+        - name: postgresql-isready
+          image: "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0"
+          imagePullPolicy: Always
+          env:
+            - name: POSTGRES_USER
+              valueFrom:
+                configMapKeyRef:
+                  name: immich-env
+                  key: DB_USERNAME
+            - name: POSTGRES_DB
+              valueFrom:
+                configMapKeyRef:
+                  name: immich-env
+                  key: DB_DATABASE_NAME
+          command:
+            - /bin/sh
+            - -c
+            - until pg_isready -U "${POSTGRES_USER}" -d "dbname=${POSTGRES_DB}"
+              -h immich-database -p 5432 ; do sleep 2 ; done
+      containers:
+        - name: immich-server
+          image: "ghcr.io/immich-app/immich-server:release"
+          imagePullPolicy: Always
+          securityContext:
+            runAsUser: 0
+          ports:
+            - containerPort: 3001
+          env:
+            - name: DB_PASSWORD
+              valueFrom:
+                configMapKeyRef:
+                  name: immich-env
+                  key: DB_PASSWORD
+          envFrom:
+            - configMapRef:
+                name: immich-env
+                optional: false
+          livenessProbe:
+            failureThreshold: 120
+            httpGet:
+              path: /server/ping
+              port: 2283
+            initialDelaySeconds: 10
+            periodSeconds: 120
+            timeoutSeconds: 1
+          readinessProbe:
+            failureThreshold: 120
+            httpGet:
+              path: /server/ping
+              port: 2283
+            initialDelaySeconds: 10
+            periodSeconds: 120
+            timeoutSeconds: 1
+          volumeMounts:
+            - name: library
+              mountPath: /usr/src/app/upload
+              subPath: library
+            - name: ext-library
+              mountPath: /photos
+      volumes:
+        - name: library
+          persistentVolumeClaim:
+            claimName: immich-library-pvc
+        - name: ext-library
+          persistentVolumeClaim:
+            claimName: photoprism-storage

k3s/apps/photo/immich/immich-server-service.yaml

@@ -0,0 +1,15 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: immich-server
+  namespace: photoprism
+  labels:
+    app: immich-server
+spec:
+  type: NodePort
+  selector:
+    app: immich-server
+  ports:
+    - port: 2283
+      targetPort: 2283
+      protocol: TCP

k3s/apps/photo/immich/redis-deployment.yaml

@@ -0,0 +1,45 @@
+#apiVersion: v1
+#kind: Namespace
+#metadata:
+#  name: redis-server
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis-server
+  namespace: photoprism
+  labels:
+    app: redis-server
+spec:
+  selector:
+    matchLabels:
+      app: redis-server
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: redis-server
+    spec:
+      containers:
+        - image: redis:alpine
+          name: redis-server
+          ports:
+            - containerPort: 6379
+      restartPolicy: Always
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: redis-server
+  namespace: photoprism
+  labels:
+    app: redis-server
+spec:
+  ports:
+    - port: 6379
+  selector:
+    app: redis-server