3 files changed, 60 insertions, 0 deletions

diff --git a/configuration.nix b/configuration.nix
index 3ea4a3a..47ebf0d 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -10,6 +10,8 @@
     ./disko.nix
     ./impermanence.nix
     ./router.nix
+    ./immich.nix
+    ./postgresql.nix
   ];
 
   hardware.graphics.extraPackages = with pkgs; [
diff --git a/immich.nix b/immich.nix
new file mode 100644
index 0000000..1bac19b
--- /dev/null
+++ b/immich.nix
@@ -0,0 +1,30 @@
+{ config, ... }:
+let
+  storageDir = "/media/draupner/immich-media";
+in
+{
+  services.immich = {
+    enable = true;
+    mediaLocation = storageDir;
+    accelerationDevices = [ "/dev/dri/renderD128" ];
+    database = {
+      enableVectors = false;
+      enableVectorChord = true;
+    };
+    # settings.server.externalDomain = "immich.0m.nu";
+  };
+
+  systemd.tmpfiles.rules = [ "d ${storageDir} 750 immich immich" ];
+
+  services.nginx = {
+    enable = true;
+    virtualHosts."immich.oden.m" = {
+      locations."/" = {
+        proxyPass = "http://localhost:${toString config.services.immich.port}";
+      };
+    };
+  };
+  networking.firewall.allowedTCPPorts = [ 80 ];
+
+  # services.immich-public-proxy = { };
+}
diff --git a/postgresql.nix b/postgresql.nix
new file mode 100644
index 0000000..b11c832
--- /dev/null
+++ b/postgresql.nix
@@ -0,0 +1,28 @@
+{ config, ... }:
+let
+  dataDir = "/media/draupner/postgresql/${config.services.postgresql.package.psqlSchema}";
+in
+{
+  services.postgresql = {
+    enable = true;
+    enableJIT = true;
+    inherit dataDir;
+    ensureUsers = [
+      {
+        name = "mathias";
+        ensureClauses.superuser = true;
+        ensureClauses.login = true;
+      }
+    ];
+    authentication = ''
+      local all postgres peer
+      local all all      peer map=m
+    '';
+    identMap = ''
+      m mathias all
+      m /^(.*)$ \1
+    '';
+  };
+
+  systemd.tmpfiles.rules = [ "d ${dataDir} 750 postgres postgres" ];
+}