search

nsg / immich-distribution

Experimental Immich distribution inside a snap
MIT License
19 stars 0 forks source link

Installation question #218

Open envas opened 1 day ago

envas commented 1 day ago

Question

I would like to install the immich-distribution on an existing server, which is already running a productive Postgres database, used as storage for other applications. I would also like to exclude the local HAproxy installation, because the existing HAproxy instance is running on a separate server between the firewall and my production servers, so there is no need for local installation.

Is there any way how to configure the immich-distribution for my environment?

envas commented 1 day ago

I have the impression that this installation is only suitable for freshly installed Linux, and is probably developed and tested as such. I tried to disable HAproxy and Postgres services. With HAproxy it somehow works, with Postgres it does not.

What did I do?

  1. I edited the services files and changed the option Restart=on-failure to Restart=no.

    sudo vi /etc/systemd/system/snap.immich-distribution.postgres.service
sudo vi /etc/systemd/system/snap.immich-distribution.haproxy.service

  2. I disabled immich-distribution HAproxy and Postgres services

systemctl disable snap.immich-distribution.haproxy.service
systemctl disable snap.immich-distribution.postgres.service

After rebooting, they really were not active.

  1. I created a new database immich in an existing Postgres instance and updated the password for the user postgres (why the hell does the immich database owner have to be the same as the system user postgres!)
sudo snap set immich-distribution database-password=<password>

Immich still doesn't boot, I see the following message in the system log

Stopped Service for snap application immich-distribution.postgres.
Started Service for snap application immich-distribution.postgres.
...
LOG: starting PostgreSQL 15.2 on x86_64-pc-linux-gnu,
LOG: could not bind IPv4 address "127.0.0.1": Address already in use

even though Postgres is disabled in snap services

$> snap services
Service                                      Startup   Current   Notes
immich-distribution.acme                     enabled   inactive  timer-activated
immich-distribution.backup-service           enabled   inactive  timer-activated
immich-distribution.haproxy                  disabled  active    -
immich-distribution.immich-machine-learning  enabled   active    -
immich-distribution.immich-server            enabled   inactive  -
immich-distribution.manager                  enabled   active    -
immich-distribution.postgres                 disabled  inactive  -
immich-distribution.redis-server             enabled   active    -
immich-distribution.sync-service             enabled   active    -

This means that immich-distribution is constantly somehow restarting it's own Postgres service.

I am giving up on this, I don't see any difference between a Docker installation and immich-distribution. In both cases I am forced to install something I don't want and can't install on my servers. Too bad, because Immich software is very impressive.

nsg commented 11 hours ago

Yeah, I guess the official OCI images published by the upstream Immich project is probably closer to what you need. This gives you more control on what to run. I make a lot of assumptions in my package (like that I have control over the database with specific plugins like pgvector), I try to make the upgrades automatic and non-breaking, I can't do that if I need to coordinate with external components like an external database.

I think snapd will overwrite the unit-files whenever if feels like it (probably during updates/refresh). It's possible that an systemd override survives. If possible use the snap stop ... command, but that would not work for my package because I restart services on update/refresh.

Personally, I run my package inside a LXD container to create a little isolation between different applications. It's a little redundant that I run several databases in the same physical server, but it's easy. I do not need to make sure that immich, mastodon and synapse expect different things/plugins/config/...

If you choose to use the OCI images, but prefer some other runtime I suggest Podman. This is my go-to option, and it integrates well with systemd (it even have a built in command to generate unit-files). Of course, you can probably run the images with systemd-nspawn with a little thinker, I think.

For manual installations check out this script. I have no experience with it. No idea how easy (or hard) it is to update later on. I also think there are nix flakes and probably an arch package of well.

I hope this helps, sorry that immich-distribution is not that flexible.

envas commented 10 hours ago

Thank you for your prompt reply. I have tested the script you refer to and can confirm that it works. However, I had to install a lot of components to create a build environment (node, perl) on my server, which is not acceptable on a production machine. Also, you need the latest node (>=20.0) and python3 (>=3.10) releases, which is not supported out of the box on my Rocky Linux. Obviously there is no 'binary' package for a quick 'install and go' installation. Docker/Podman or snap are the easiest ways to run immich. I am thinking about creating a dedicated VM just for the photo library and running your immich distribution there.

Thanks for your work.

envas commented 10 hours ago

BTW, there is an interesting option to deploy Immich with podman and ansible, described here. Simple ansible playbook works like a charm.