run immich-ml from ytnix and add tailscale0 to trustedInterfaces

2025-03-09 22:23:58 -04:00 · 2025-03-09 22:23:58 -04:00 · 553a07f0a9
commit 553a07f0a9
parent 59de12e892
5 changed files with 50 additions and 23 deletions
--- a/hosts/ytnix/containers.nix
+++ b/hosts/ytnix/containers.nix
@ -0,0 +1,36 @@
+{ 
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+{
+  virtualisation.oci-containers.containers = {
+    immich-ml = let
+      modelCache = "/opt/immich-ml";
+    in {
+      image = "ghcr.io/immich-app/immich-machine-learning:release";
+      autoStart = true;
+      pull = "newer";
+      ports = [ "3003:3003" ];
+      environment = {
+        REDIS_HOSTNAME = "immich-redis";
+        DB_HOSTNAME = "immich-db";
+      };
+      volumes = [ "${modelCache}:/cache" ];
+      networks = [ "immich-net" ];
+    };
+  };
+
+  systemd.services.create-immich-net = rec {
+    serviceConfig.Type = "oneshot";
+    requiredBy = with config.virtualisation.oci-containers; [
+      "${backend}-immich-ml.service"
+    ];
+    before = requiredBy;
+    script = ''
+      ${lib.getExe pkgs.podman} network exists immich-net || \
+      ${lib.getExe pkgs.podman} network create immich-net
+    '';
+  };
+}