k3s/helm-k3s
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Akshun Aggarwal
2025-07-04 19:51:51 +05:30
commit 42895beb8c
72 changed files with 2584 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
clusters/default/apps/immich/Chart.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: v2
name: immich
description: A Helm chart for Immich
type: application
version: 0.1.0
appVersion: "1.135.3"

53
clusters/default/apps/immich/Values.yaml Normal file
View File

@@ -0,0 +1,53 @@
name: immich
namespace: prod
image:
app:
repository: ghcr.io/immich-app/immich-server
tag: v1.135.3
ml:
repository: ghcr.io/immich-app/immich-machine-learning
tag: v1.135.3
hwAccl:
enabled: true
type: nvidia
nodeAffinity:
key: gpu
value: nvidia
env:
TZ: Asia/Kolkata
DB_USERNAME: postgres
DB_DATABASE_NAME: immich
persistence:
modelCache:
enabled: true
existingClaim: true
claimName: longhorn-immich-cache
pictures:
enabled: true
existingClaim: true
claimName: immich-pictures-pvc
db:
enabled: true
nfs:
server: 10.0.0.10
path: /home/akshun/immich-data
secret:
name: immich-postgres-secret
dbPasswordKey: password
service:
app:
type: LoadBalancer
port: 2283
ml:
type: LoadBalancer
port: 3333

43
clusters/default/apps/immich/templates/immich-db.yaml Normal file
View File

@@ -0,0 +1,43 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: "{{ .Values.name }}-db"
namespace: {{ .Values.namespace }}
spec:
selector:
matchLabels:
app: "{{ .Values.name }}-db"
template:
metadata:
labels:
app: "{{ .Values.name }}-db"
spec:
containers:
- name: redis
image: docker.io/valkey/valkey:8-bookworm@sha256:fec42f399876eb6faf9e008570597741c87ff7662a54185593e74b09ce83d177
env:
- name: REDIS_HOSTNAME
value: "{{ .Values.name }}-redis-service"
- name: immich-psql
image: ghcr.io/immich-app/postgres:14-vectorchord0.3.0-pgvectors0.2.0
env:
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.secret.dbPasswordKey }}
- name: POSTGRES_USER
value: "{{ .Values.env.DB_USERNAME }}"
- name: POSTGRES_DB
value: "{{ .Values.env.DB_DATABASE_NAME }}"
- name: POSTGRES_INITDB_ARGS
value: "--data-checksums"
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: immich
volumes:
- name: immich
nfs:
server: {{ .Values.persistence.db.nfs.server }}
path: {{ .Values.persistence.db.nfs.path }}

32
clusters/default/apps/immich/templates/immich-pv.yaml Normal file
View File

@@ -0,0 +1,32 @@
---
{{- if .Values.persistence.pictures.enabled }}
{{- if not .Values.persistence.pictures.existingClaim }}
{{- if eq .Values.persistence.pictures.type "smb" }}
apiVersion: v1
kind: PersistentVolume
metadata:
annotations:
pv.kubernetes.io/provisioned-by: smb.csi.k8s.io
name: "{{ .Values.name }}-pictures-pv"
namespace: {{ .Values.namespace }}
spec:
capacity:
storage: {{ .Values.persistence.pictures.size }}
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: "{{ .Values.name }}-pictures-pv"
mountOptions:
- dir_mode=0777
- file_mode=0777
csi:
driver: smb.csi.k8s.io
volumeHandle: "{{ .Values.persistence.pictures.smb.server }}#pictures#immich"
volumeAttributes:
source: "//{{ .Values.persistence.pictures.smb.server }}/pictures"
nodeStageSecretRef:
name: {{ .Values.persistence.pictures.smb.secretName }}
namespace: {{ .Values.namespace }}
{{- end }}
{{- end }}
{{- end }}

37
clusters/default/apps/immich/templates/immich-pvc.yaml Normal file
View File

@@ -0,0 +1,37 @@
---
{{- if .Values.persistence.modelCache.enabled }}
{{- if not .Values.persistence.modelCache.existingClaim }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: "longhorn-{{ .Values.name }}-cache"
namespace: {{ .Values.namespace }}
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.persistence.modelCache.size }}
{{- end }}
{{- end }}
---
{{- if .Values.persistence.pictures.enabled }}
{{- if not .Values.persistence.pictures.existingClaim }}
{{- if eq .Values.persistence.pictures.type "smb" }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: "{{ .Values.name }}-pictures-pvc"
namespace: {{ .Values.namespace }}
spec:
storageClassName: "{{ .Values.name }}-pictures-pv"
accessModes:
- ReadWriteMany
resources:
requests:
storage: {{ .Values.persistence.pictures.size }}
{{- end }}
{{- end }}
{{- end }}

71
clusters/default/apps/immich/templates/immich-svc.yaml Normal file
View File

@@ -0,0 +1,71 @@
---
apiVersion: v1
kind: Service
metadata:
name: "{{ .Values.name }}-service"
namespace: {{ .Values.namespace }}
spec:
{{- if eq .Values.service.app.type "LoadBalancer" }}
type: LoadBalancer
{{- else if eq .Values.service.app.type "NodePort" }}
type: NodePort
{{- end }}
selector:
app: "{{ .Values.name }}-app"
ports:
- targetPort: 2283
{{- if eq .Values.service.app.type "LoadBalancer" }}
port: {{ .Values.service.app.port }}
{{- else if eq .Values.service.app.type "NodePort" }}
nodePort: {{ .Values.service.app.nodePort }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: "{{ .Values.name }}-machine-learning-service"
namespace: {{ .Values.namespace }}
spec:
{{- if eq .Values.service.ml.type "LoadBalancer" }}
type: LoadBalancer
{{- else if eq .Values.service.ml.type "NodePort" }}
type: NodePort
{{- end }}
selector:
app: "{{ .Values.name }}-app"
ports:
- targetPort: 3003
{{- if eq .Values.service.ml.type "LoadBalancer" }}
port: {{ .Values.service.ml.port }}
{{- else if eq .Values.service.ml.type "NodePort" }}
nodePort: {{ .Values.service.ml.nodePort }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: "{{ .Values.name }}-psql-service"
namespace: {{ .Values.namespace }}
spec:
selector:
app: "{{ .Values.name }}-db"
ports:
- protocol: TCP
port: 5432
targetPort: 5432
---
apiVersion: v1
kind: Service
metadata:
name: "{{ .Values.name }}-redis-service"
namespace: {{ .Values.namespace }}
spec:
selector:
app: "{{ .Values.name }}-db"
ports:
- protocol: TCP
port: 6379
targetPort: 6379

139
clusters/default/apps/immich/templates/immich.yaml Normal file
View File

@@ -0,0 +1,139 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: "{{ .Values.name }}-app"
namespace: {{ .Values.namespace }}
spec:
replicas: 1
selector:
matchLabels:
app: "{{ .Values.name }}-app"
template:
metadata:
labels:
app: "{{ .Values.name }}-app"
spec:
{{- if .Values.hwAccl.enabled }}
{{- if eq .Values.hwAccl.type "nvidia" }}
runtimeClassName: nvidia
{{- else if eq .Values.hwAccl.type "intel" }}
supplementalGroups: {{ .Values.securityContext.supplementalGroups | toYaml | nindent 8 }}
{{- end }}
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: {{ .Values.nodeAffinity.key }}
operator: In
values:
- "{{ .Values.nodeAffinity.value }}"
{{- end }}
initContainers:
- name: wait-for-redis
image: busybox
command:
- sh
- -c
- |
until nc -z -v -w30 "{{ .Values.name }}-redis-service" 6379; do
echo "Waiting for redis database to be ready..."
sleep 2
done
- name: wait-for-psql
image: busybox
command:
- sh
- -c
- |
until nc -z -v -w30 "{{ .Values.name }}-psql-service" 5432; do
echo "Waiting for psql database to be ready"
sleep 2
done
containers:
- name: "{{ .Values.name }}-server"
image: "{{ .Values.image.app.repository }}:{{ .Values.image.app.tag }}"
env:
- name: TZ
value: "{{ .Values.env.TZ }}"
- name: REDIS_HOSTNAME
value: "{{ .Values.name }}-redis-service"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secret.name }}
key: {{ .Values.secret.dbPasswordKey }}
- name: DB_USERNAME
value: "{{ .Values.env.DB_USERNAME }}"
- name: DB_DATABASE_NAME
value: "{{ .Values.env.DB_DATABASE_NAME }}"
- name: DB_HOSTNAME
value: "{{ .Values.name }}-psql-service"
volumeMounts:
- mountPath: /usr/src/app/upload
name: pictures
- name: immich-machine-learning
{{- if .Values.hwAccl.enabled }}
{{- if eq .Values.hwAccl.type "nvidia" }}
image: "{{ .Values.image.ml.repository }}:{{ .Values.image.ml.tag }}-cuda"
{{- else if eq .Values.hwAccl.type "intel" }}
image: "{{ .Values.image.ml.repository }}:{{ .Values.image.ml.tag }}-openvino"
{{- end }}
{{- else }}
image: "{{ .Values.image.ml.repository }}:{{ .Values.image.ml.tag }}"
{{- end }}
env:
- name: REDIS_HOSTNAME
value: "{{ .Values.name }}-redis-service"
{{- if .Values.hwAccl.enabled }}
{{- if eq .Values.hwAccl.type "nvidia" }}
- name: NVIDIA_VISIBLE_DEVICES
value: "all"
{{- end }}
{{- end }}
- name: MACHINE_LEARNING_DEVICE_IDS
value: "0"
volumeMounts:
- name: model-cache
mountPath: /cache
{{- if .Values.hwAccl.enabled }}
{{- if eq .Values.hwAccl.type "intel" }}
- name: intel
mountPath: /dev/dri/
{{- end }}
{{- end }}
volumes:
{{- if .Values.persistence.pictures.enabled }}
{{- if eq .Values.persistence.pictures.type "nfs" }}
- name: pictures
nfs:
server: {{ .Values.persistence.pictures.nfs.server }}
path: {{ .Values.persistence.pictures.nfs.path }}
{{- else if eq .Values.persistence.pictures.type "smb" }}
- name: pictures
persistentVolumeClaim:
claimName: {{ .Values.name }}-pictures-pvc
{{- else if .Values.persistence.pictures.existingClaim }}
- name: pictures
persistentVolumeClaim:
claimName: {{ .Values.persistence.pictures.claimName }}
{{- end }}
{{- else }}
- name: pictures
emptyDir: {}
{{- end }}
{{- if .Values.persistence.modelCache.enabled }}
{{- if .Values.persistence.modelCache.existingClaim }}
- name: model-cache
persistentVolumeClaim:
claimName: {{ .Values.persistence.modelCache.claimName }}
{{- else }}
- name: model-cache
persistentVolumeClaim:
claimName: "longhorn-{{ .Values.name }}-cache"
{{- end }}
{{- else }}
- name: model-cache
emptyDir: {}
{{- end }}