MrModest · May 26, 2025 10:16 · MrModest · May 26, 2025
diff --git a/locals.hcl b/locals.hcl
 locals {
    stack_name = "immich"
 }
diff --git a/main.hcl b/main.hcl
 resource "docker_compose" "stack_immich" {
    name = var.stack_name

    network {
        name = var.reverse_proxy_network
        external = true
    }

    services = [
        docker_compose_service.server,
        docker_compose_service.machine_learning
        docker_compose_service.redis,
        docker_compose_service.database,
    ]
 }

 resource "docker_compose_service" "server" {
    image = "ghcr.io/immich-app/immich-server"
    imageTag = var.app_version
    container_name = "${var.stack_name}-server"
    hostname = "${var.stack_name}-server"
    user = "${var.puid}:${var.pgid}"
    restart = "unless-stopped"

    envs = {
        TZ = var.timezone
        REDIS_HOSTNAME = docker_compose_service.redis.hostname
    }

    volume {
        container_path = "/usr/src/app/upload"
        host_path = var.volumes.library
    }

    volume {
        container_path = "/usr/src/app/external"
        host_path = var.volumes.external_library
    }

    requires {
        service = docker_compose_service.database
        condition = "service_healthy"
    }

    requires {
        service = docker_compose_service.redis
        condition = "service_healthy"
    }
 }

 resource "docker_compose_service" "machine-learning" {
    image = "ghcr.io/immich-app/immich-machine-learning"
    imageTag = var.app_version
    container_name = "${var.stack_name}-machine-learning"
    hostname = "${var.stack_name}-machine-learning"
    user = "${var.puid}:${var.pgid}"
    restart = "unless-stopped"

    envs = {
        TZ = var.timezone
        MPLCONFIGDIR = "/usr/src/app/matplotlib"
    }

    resources = {
        limits = {
            cpus = "2"
        }
    }

    volume {
        container_path = "/cache"
        host_path = var.volumes.ml_cache
    }

    volume {
        container_path = "/usr/src/app/matplotlib"
        host_path = var.volumes.matplotlib
    }
 }

 resource "docker_compose_service" "redis" {
  image           = "docker.io/redis"
  imageTag        = var.redis_version
  container_name  = "${var.stack_name}-redis"
  hostname        = "${var.stack_name}-redis"
  user            = "${var.puid}:${var.pgid}"
  restart         = "unless-stopped"

  volume {
    container_path = "/data"
    host_path      = var.volumes.redis_data
  }

  healthcheck {
    test     = ["CMD-SHELL", "redis-cli ping || exit 1"]
    interval = "10s"
    timeout  = "5s"
    retries  = 5
  }
 }

 resource "docker_compose_service" "database" {
  image           = "docker.io/tensorchord/pgvecto-rs"
  imageTag        = var.postgres_version
  container_name  = "${var.stack_name}_postgres"
  user            = var.app_user
  restart         = "unless-stopped"

  envs = {
    POSTGRES_PASSWORD     = var.db_password
    POSTGRES_USER         = var.db_username
    POSTGRES_DB           = var.db_name
    POSTGRES_INITDB_ARGS  = "--data-checksums"
  }

  volume {
    container_path = "/var/lib/postgresql/data"
    host_path      = var.volumes.db_data
  }

  healthcheck = {
    test = [
      "CMD-SHELL",
      <<-EOT
        pg_isready --dbname="$$POSTGRES_DB" --username="$$POSTGRES_USER" || exit 1;
        Chksum="$$(
          psql --dbname="$$POSTGRES_DB" --username="$$POSTGRES_USER" \
            --tuples-only --no-align \
            --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database'"
        )";
        echo "checksum failure count is $$Chksum";
        [ "$$Chksum" = "0" ] || exit 1
      EOT
    ]
    interval        = "5m"
    start_interval  = "30s"
    start_period    = "5m"
  }

  command = [
    "postgres",
    "-c", "shared_preload_libraries=vectors.so",
    "-c", "search_path=\"$$user\", public, vectors",
    "-c", "logging_collector=on",
    "-c", "max_wal_size=2GB",
    "-c", "shared_buffers=512MB",
    "-c", "wal_compression=on"
  ]
 }
diff --git a/outputs.hcl b/outputs.hcl
 output "server_port" {
    type = number
 }
diff --git a/variables.hcl b/variables.hcl
 variable "app_version" {
  type    = string
  default = "latest"
 }

 variable "puid" {
    type = string
 }

 variable "pgid" {
    type = string
 }

 variable "volumes" {
    type = object({
        library          = string
        external_library = string
    })
 }
	resource "docker_compose" "stack_immich" {
	name = var.stack_name

	network {
	name = var.reverse_proxy_network
	external = true
	}

	services = [
	docker_compose_service.server,
	docker_compose_service.machine_learning
	docker_compose_service.redis,
	docker_compose_service.database,
	]
	}

	resource "docker_compose_service" "server" {
	image = "ghcr.io/immich-app/immich-server"
	imageTag = var.app_version
	container_name = "${var.stack_name}-server"
	hostname = "${var.stack_name}-server"
	user = "${var.puid}:${var.pgid}"
	restart = "unless-stopped"

	envs = {
	TZ = var.timezone
	REDIS_HOSTNAME = docker_compose_service.redis.hostname
	}

	volume {
	container_path = "/usr/src/app/upload"
	host_path = var.volumes.library
	}

	volume {
	container_path = "/usr/src/app/external"
	host_path = var.volumes.external_library
	}

	requires {
	service = docker_compose_service.database
	condition = "service_healthy"
	}

	requires {
	service = docker_compose_service.redis
	condition = "service_healthy"
	}
	}

	resource "docker_compose_service" "machine-learning" {
	image = "ghcr.io/immich-app/immich-machine-learning"
	imageTag = var.app_version
	container_name = "${var.stack_name}-machine-learning"
	hostname = "${var.stack_name}-machine-learning"
	user = "${var.puid}:${var.pgid}"
	restart = "unless-stopped"

	envs = {
	TZ = var.timezone
	MPLCONFIGDIR = "/usr/src/app/matplotlib"
	}

	resources = {
	limits = {
	cpus = "2"
	}
	}

	volume {
	container_path = "/cache"
	host_path = var.volumes.ml_cache
	}

	volume {
	container_path = "/usr/src/app/matplotlib"
	host_path = var.volumes.matplotlib
	}
	}

	resource "docker_compose_service" "redis" {
	image = "docker.io/redis"
	imageTag = var.redis_version
	container_name = "${var.stack_name}-redis"
	hostname = "${var.stack_name}-redis"
	user = "${var.puid}:${var.pgid}"
	restart = "unless-stopped"

	volume {
	container_path = "/data"
	host_path = var.volumes.redis_data
	}

	healthcheck {
	test = ["CMD-SHELL", "redis-cli ping \|\| exit 1"]
	interval = "10s"
	timeout = "5s"
	retries = 5
	}
	}

	resource "docker_compose_service" "database" {
	image = "docker.io/tensorchord/pgvecto-rs"
	imageTag = var.postgres_version
	container_name = "${var.stack_name}_postgres"
	user = var.app_user
	restart = "unless-stopped"

	envs = {
	POSTGRES_PASSWORD = var.db_password
	POSTGRES_USER = var.db_username
	POSTGRES_DB = var.db_name
	POSTGRES_INITDB_ARGS = "--data-checksums"
	}

	volume {
	container_path = "/var/lib/postgresql/data"
	host_path = var.volumes.db_data
	}

	healthcheck = {
	test = [
	"CMD-SHELL",
	<<-EOT
	pg_isready --dbname="$$POSTGRES_DB" --username="$$POSTGRES_USER" \|\| exit 1;
	Chksum="$$(
	psql --dbname="$$POSTGRES_DB" --username="$$POSTGRES_USER" \
	--tuples-only --no-align \
	--command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database'"
	)";
	echo "checksum failure count is $$Chksum";
	[ "$$Chksum" = "0" ] \|\| exit 1
	EOT
	]
	interval = "5m"
	start_interval = "30s"
	start_period = "5m"
	}

	command = [
	"postgres",
	"-c", "shared_preload_libraries=vectors.so",
	"-c", "search_path=\"$$user\", public, vectors",
	"-c", "logging_collector=on",
	"-c", "max_wal_size=2GB",
	"-c", "shared_buffers=512MB",
	"-c", "wal_compression=on"
	]
	}
	variable "app_version" {
	type = string
	default = "latest"
	}

	variable "puid" {
	type = string
	}

	variable "pgid" {
	type = string
	}

	variable "volumes" {
	type = object({
	library = string
	external_library = string
	})
	}