diff --git a/main.tf b/main.tf index f1df7250..271a7042 100644 --- a/main.tf +++ b/main.tf @@ -61,6 +61,7 @@ variable "finance_app_gocardless_secret_id" {} variable "headscale_config" {} variable "headscale_acl" {} variable "immich_postgresql_password" {} +variable "immich_frame_api_key" {} variable "ingress_honeypotapikey" {} variable "ingress_crowdsec_api_key" {} variable "ingress_crowdsec_captcha_secret_key" {} @@ -376,6 +377,7 @@ module "kubernetes_cluster" { headscale_acl = var.headscale_acl immich_postgresql_password = var.immich_postgresql_password + immich_frame_api_key = var.immich_frame_api_key ingress_honeypotapikey = var.ingress_honeypotapikey ingress_crowdsec_api_key = var.ingress_crowdsec_api_key diff --git a/modules/kubernetes/immich/frame.tf b/modules/kubernetes/immich/frame.tf new file mode 100644 index 00000000..3f79bfac --- /dev/null +++ b/modules/kubernetes/immich/frame.tf @@ -0,0 +1,114 @@ +variable "frame_api_key" { + type = string +} + +resource "kubernetes_config_map" "mailserver_config" { + metadata { + name = "config" + namespace = "immich" + + labels = { + app = "frame-config" + } + annotations = { + "reloader.stakater.com/match" = "true" + } + } + + data = { + # Actual mail settings + "Settings.yml" = <<-EOF + General: + Layout: single + Interval: 10 + ImageZoom: false + ShowAlbumName: false + Accounts: + - ImmichServerUrl: http://immich.viktorbarzin.me + ApiKey: ${var.frame_api_key} + Albums: + - 1aa98849-bbd5-452b-aac0-310b210a8597 # china + EOF + } +} + + +resource "kubernetes_deployment" "immich-frame" { + metadata { + name = "immich-frame" + namespace = "immich" + annotations = { + "reloader.stakater.com/search" = "true" + } + } + + spec { + replicas = 1 + selector { + match_labels = { + app = "immich-frame" + } + } + strategy { + type = "Recreate" + } + template { + metadata { + labels = { + app = "immich-frame" + } + } + spec { + container { + image = "ghcr.io/immichframe/immichframe:latest" + name = "immich-frame" + port { + container_port = 8080 + protocol = "TCP" + name = "http" + } + volume_mount { + name = "config" + mount_path = "/app/Config" + read_only = true + } + } + volume { + name = "config" + config_map { + name = "config" + } + } + } + } + } +} + + +resource "kubernetes_service" "immich-frame" { + metadata { + name = "immich-frame" + namespace = "immich" + labels = { + "app" = "immich-frame" + } + } + + spec { + selector = { + app = "immich-frame" + } + port { + port = 80 + target_port = 8080 + } + } +} + +module "ingress" { + source = "../ingress_factory" + namespace = "immich" + name = "highlights-immich" + tls_secret_name = var.tls_secret_name + service_name = "immich-frame" +} diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf index 59a23ea7..37cc556b 100644 --- a/modules/kubernetes/main.tf +++ b/modules/kubernetes/main.tf @@ -48,6 +48,7 @@ variable "finance_app_gocardless_secret_id" {} variable "headscale_config" {} variable "headscale_acl" {} variable "immich_postgresql_password" {} +variable "immich_frame_api_key" {} variable "ingress_honeypotapikey" {} variable "ingress_crowdsec_api_key" {} variable "ingress_crowdsec_captcha_secret_key" {} @@ -414,6 +415,7 @@ module "immich" { source = "./immich" tls_secret_name = var.tls_secret_name postgresql_password = var.immich_postgresql_password + frame_api_key = var.immich_frame_api_key homepage_token = var.homepage_credentials["immich"]["token"] } diff --git a/terraform.tfstate b/terraform.tfstate index bda65e85..62aac263 100644 Binary files a/terraform.tfstate and b/terraform.tfstate differ diff --git a/terraform.tfvars b/terraform.tfvars index 45c446bb..ce0f8500 100644 Binary files a/terraform.tfvars and b/terraform.tfvars differ