From 65495ba8636444250ef8a5b221219df76f3684bf Mon Sep 17 00:00:00 2001 From: Bastian de Byl Date: Wed, 8 Jan 2025 15:09:31 -0500 Subject: [PATCH] noticket - updates to photos/immich --- .../podman/tasks/containers/home/photos.yml | 36 +++++++++---------- ansible/roles/podman/tasks/main.yml | 4 +-- .../sites/photos.bdebyl.net.https.conf.j2 | 8 +++-- 3 files changed, 25 insertions(+), 23 deletions(-) diff --git a/ansible/roles/podman/tasks/containers/home/photos.yml b/ansible/roles/podman/tasks/containers/home/photos.yml index 3059968..c8b3b5a 100644 --- a/ansible/roles/podman/tasks/containers/home/photos.yml +++ b/ansible/roles/podman/tasks/containers/home/photos.yml @@ -37,14 +37,14 @@ - import_tasks: podman/podman-check.yml vars: - container_name: immich_machine_learning + container_name: immich-machine-learning container_image: "{{ ml_image }}" - name: create immich-ml container become: true become_user: "{{ podman_user }}" containers.podman.podman_container: - name: immich_machine_learning + name: immich-machine-learning image: "{{ ml_image }}" restart_policy: on-failure:3 log_driver: journald @@ -53,42 +53,42 @@ volumes: - "{{ photos_path }}/mlcache:/cache" -- name: create systemd startup job for immich_machine_learning +- name: create systemd startup job for immich-machine-learning include_tasks: podman/systemd-generate.yml vars: - container_name: immich_machine_learning + container_name: immich-machine-learning - import_tasks: podman/podman-check.yml vars: - container_name: immich_redis + container_name: immich-redis container_image: "{{ redis_image }}" - name: create immich-redis container become: true become_user: "{{ podman_user }}" containers.podman.podman_container: - name: immich_redis + name: immich-redis image: "{{ redis_image }}" restart_policy: on-failure:3 log_driver: journald network: - shared -- name: create systemd startup job for immich_redis +- name: create systemd startup job for immich-redis include_tasks: podman/systemd-generate.yml vars: - container_name: immich_redis + container_name: immich-redis - import_tasks: podman/podman-check.yml vars: - container_name: immich_postgres + container_name: immich-postgres container_image: "{{ db_image }}" - name: create immich-db container become: true become_user: "{{ podman_user }}" containers.podman.podman_container: - name: immich_postgres + name: immich-postgres image: "{{ db_image }}" restart_policy: on-failure:3 log_driver: journald @@ -102,29 +102,29 @@ volumes: - "{{ photos_path }}/psql:/var/lib/postgresql/data" -- name: create systemd startup job for immich_postgres +- name: create systemd startup job for immich-postgres include_tasks: podman/systemd-generate.yml vars: - container_name: immich_postgres + container_name: immich-postgres - import_tasks: podman/podman-check.yml vars: - container_name: immich_server + container_name: immich-server container_image: "{{ image }}" - name: create immich container become: true become_user: "{{ podman_user }}" containers.podman.podman_container: - name: immich_server + name: immich-server image: "{{ image }}" restart_policy: on-failure:3 log_driver: journald network: - shared env: - REDIS_HOSTNAME: immich_redis - DB_HOSTNAME: immich_postgres + REDIS_HOSTNAME: immich-redis + DB_HOSTNAME: immich-postgres DB_DATABASE_NAME: photos DB_USERNAME: photos DB_PASSWORD: "{{ photos_db_pass }}" @@ -135,7 +135,7 @@ ports: - "8088:8088" -- name: create systemd startup job for immich_server +- name: create systemd startup job for immich-server include_tasks: podman/systemd-generate.yml vars: - container_name: immich_server + container_name: immich-server diff --git a/ansible/roles/podman/tasks/main.yml b/ansible/roles/podman/tasks/main.yml index 0fb5979..a2f8fc7 100644 --- a/ansible/roles/podman/tasks/main.yml +++ b/ansible/roles/podman/tasks/main.yml @@ -47,9 +47,9 @@ - import_tasks: containers/home/photos.yml vars: db_image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 - ml_image: ghcr.io/immich-app/immich-machine-learning:v1.123.0 + ml_image: ghcr.io/immich-app/immich-machine-learning:v1.124.1 redis_image: docker.io/redis:6.2-alpine@sha256:eaba718fecd1196d88533de7ba49bf903ad33664a92debb24660a922ecd9cac8 - image: ghcr.io/immich-app/immich-server:v1.123.0 + image: ghcr.io/immich-app/immich-server:v1.124.1 tags: photos - import_tasks: containers/home/cloud.yml diff --git a/ansible/roles/podman/templates/nginx/sites/photos.bdebyl.net.https.conf.j2 b/ansible/roles/podman/templates/nginx/sites/photos.bdebyl.net.https.conf.j2 index 720523f..75b263d 100644 --- a/ansible/roles/podman/templates/nginx/sites/photos.bdebyl.net.https.conf.j2 +++ b/ansible/roles/podman/templates/nginx/sites/photos.bdebyl.net.https.conf.j2 @@ -27,13 +27,15 @@ server { ssl_stapling_verify on; location / { - add_header Referrer-Policy "same-origin" always; - # add_header Strict-Transport-Security "max-age=630720000; includeSubDomains" always; - add_header X-Content-Type-Options "nosniff" always; + # add_header Strict-Transport-Security "max-age=630720000; includeSubDomains" always; + add_header Referrer-Policy "same-origin" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Access-Control-Allow-Origin '*' always; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; proxy_buffering off; proxy_http_version 1.1;