jokester/ansible-playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e74fffd5fcaa7e44a0dbafc28b901395e6c92a02
ansible-playbooks/roles/immich/defaults/main.yml
T
Clément Désiles 30dfb9ee8b feat(immich): support read-only external libraries 
Add immich_external_libraries variable to mount host paths into the
server container, intended for use with Immich's External Libraries
feature. Mounts are read-only; the in-container mount_path must be
used when registering the library in the Immich UI.
2026-05-30 23:39:17 +02:00

59 lines
2.3 KiB
YAML
Raw Blame History

---
# Immich version to deploy
immich_version: release
# Storage location (@see https://docs.immich.app/install/environment-variables/)
immich_upload_location: "{{ podman_projects_dir }}/immich/data/upload"
# External libraries (read-only host paths exposed to the server container)
# Use the in-container `mount_path` when registering the library in the Immich UI.
# Example:
# immich_external_libraries:
# - name: clement-photos
# host_path: /mnt/andromeda/clement-photos
# mount_path: /mnt/external/clement-photos
immich_external_libraries: []
# PostgreSQL configuration (REQUIRED password - must be set explicitly)
immich_postgres_db_name: immich
immich_postgres_user: immich
# immich_postgres_password: "" # Intentionally undefined - role will fail if not set
# immich_postgres_host: "" # Must be set in inventory (e.g., "{{ podman_gw_gateway }}" to reach host postgres)
immich_postgres_port: 5432
# Valkey configuration (REQUIRED password - must be set explicitly)
immich_valkey_user: immich
# immich_valkey_password: "" # Intentionally undefined - role will fail if not set
# immich_valkey_host: "" # Must be set in inventory (e.g., "{{ podman_gw_gateway }}" to reach host valkey)
immich_valkey_port: 6379
immich_valkey_db: 0 # Dedicated database number for isolation (0-15)
# Valkey ACL configuration
# Based on: https://github.com/immich-app/immich/discussions/19727#discussioncomment-13668749
immich_valkey_acl:
username: "{{ immich_valkey_user }}"
password: "{{ immich_valkey_password }}"
keypattern: "immich_bull* immich_channel*" # BullMQ patterns used by Immich
commands: "&* -@dangerous +@read +@write +@pubsub +select +auth +ping +info +eval +evalsha"
# &* = all channels (required for pub/sub)
# -@dangerous = deny dangerous commands (FLUSHDB, FLUSHALL, KEYS, etc)
# +@read +@write = allow read/write command groups
# +@pubsub = allow pub/sub commands
# +select = allow SELECT (database switching)
# +auth +ping +info = connection management
# +eval +evalsha = Lua scripting (required by BullMQ)
# Network configuration
immich_port: 2283
# Container images
immich_server_image: ghcr.io/immich-app/immich-server
immich_ml_image: ghcr.io/immich-app/immich-machine-learning
# Timezone
immich_timezone: UTC
# Nginx reverse proxy configuration
immich_nginx_enabled: false
immich_nginx_hostname: photos.nas.local
Reference in New Issue View Git Blame Copy Permalink