diff --git a/immich/CHANGELOG.md b/immich/CHANGELOG.md new file mode 100644 index 000000000..87593ada8 --- /dev/null +++ b/immich/CHANGELOG.md @@ -0,0 +1 @@ +- Initial version diff --git a/immich/Dockerfile b/immich/Dockerfile new file mode 100644 index 000000000..0cb4e95b5 --- /dev/null +++ b/immich/Dockerfile @@ -0,0 +1,117 @@ +#============================# +# ALEXBELGIUM'S DOCKERFILE # +#============================# +# _.------. +# _.-` ('>.-`"""-. +# '.--'` _'` _ .--.) +# -' '-.-';` ` +# ' - _.' ``'--. +# '---` .-'""` +# /` +#=== Home Assistant Addon ===# + +################# +# 1 Build Image # +################# + +ARG BUILD_VERSION +ARG BUILD_FROM +ARG BUILD_UPSTREAM="1.0" +FROM ${BUILD_FROM} + +################## +# 2 Modify Image # +################## + +# Set S6 wait time +ENV S6_CMD_WAIT_FOR_SERVICES=1 \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ + S6_SERVICES_GRACETIME=0 + +USER root + +# Install PostgreSQL +ENV DEBIAN_FRONTEND=noninteractive + +RUN \ + apt-get update && \ + apt-get install -y gnupg gnupg2 gnupg1 wget lsb-core && \ + sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list' && \ + wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && \ + printf '#!/bin/sh\nexit 0' > /usr/sbin/policy-rc.d && \ + apt-get update -y && \ + apt-get install postgresql-14 libpq-dev postgresql-common -y && \ + for file in $(grep -sril '/var/lib/postgresql/14/main' /etc); do sed -i "s=/var/lib/postgresql/14/main=/data/postgresql=g" "$file"; done + +################## +# 3 Install apps # +################## + +# Add rootfs +COPY rootfs/ / + +# Corrects permissions for s6 v3 +RUN if [ -d /etc/cont-init.d ]; then chmod -R 755 /etc/cont-init.d; fi && \ + if [ -d /etc/services.d ]; then chmod -R 755 /etc/services.d; fi && \ + if [ -f /entrypoint.sh ]; then chmod 755 /entrypoint.sh; fi + +# Modules +ARG MODULES="00-banner.sh 01-custom_script.sh 92-local_mounts.sh 92-smb_mounts.sh" + +# Automatic modules download +RUN if ! command -v bash >/dev/null 2>/dev/null; then (apt-get update && apt-get install -yqq --no-install-recommends bash || apk add --no-cache bash) >/dev/null; fi \ + && if ! command -v curl >/dev/null 2>/dev/null; then (apt-get update && apt-get install -yqq --no-install-recommends curl || apk add --no-cache curl) >/dev/null; fi \ + && apt-get update && apt-get install -yqq --no-install-recommends ca-certificates || apk add --no-cache ca-certificates >/dev/null || true \ + && mkdir -p /etc/cont-init.d \ + && for scripts in $MODULES; do echo "$scripts" && curl -f -L -s -S "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/$scripts" -o /etc/cont-init.d/"$scripts" && [ "$(sed -n '/\/bin/p;q' /etc/cont-init.d/"$scripts")" != "" ] || (echo "script failed to install $scripts" && exit 1); done \ + && chmod -R 755 /etc/cont-init.d + +# Manual apps +ENV PACKAGES="sudo redis-server yamllint pip libxml2-dev libxslt-dev libjpeg-dev zlib1g-dev build-essential" + +# Automatic apps & bashio +# hadolint ignore=SC2015 +RUN if ! command -v bash >/dev/null 2>/dev/null; then (apt-get update && apt-get install -yqq --no-install-recommends bash || apk add --no-cache bash) >/dev/null; fi \ + && if ! command -v curl >/dev/null 2>/dev/null; then (apt-get update && apt-get install -yqq --no-install-recommends curl || apk add --no-cache curl) >/dev/null; fi \ + && curl -f -L -s -S "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/automatic_packages.sh" --output /automatic_packages.sh \ + && chmod 777 /automatic_packages.sh \ + && eval /./automatic_packages.sh "${PACKAGES:-}" \ + && rm /automatic_packages.sh + +################ +# 4 Entrypoint # +################ + +RUN chmod 777 /entrypoint.sh +ENTRYPOINT [ "/usr/bin/env" ] +CMD [ "/entrypoint.sh" ] + +############ +# 5 Labels # +############ + +ARG BUILD_ARCH +ARG BUILD_DATE +ARG BUILD_DESCRIPTION +ARG BUILD_NAME +ARG BUILD_REF +ARG BUILD_REPOSITORY +ARG BUILD_VERSION +LABEL \ + io.hass.name="${BUILD_NAME}" \ + io.hass.description="${BUILD_DESCRIPTION}" \ + io.hass.arch="${BUILD_ARCH}" \ + io.hass.type="addon" \ + io.hass.version=${BUILD_VERSION} \ + maintainer="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.title="${BUILD_NAME}" \ + org.opencontainers.image.description="${BUILD_DESCRIPTION}" \ + org.opencontainers.image.vendor="Home Assistant Add-ons" \ + org.opencontainers.image.authors="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.licenses="MIT" \ + org.opencontainers.image.url="https://github.com/alexbelgium" \ + org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \ + org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \ + org.opencontainers.image.created=${BUILD_DATE} \ + org.opencontainers.image.revision=${BUILD_REF} \ + org.opencontainers.image.version=${BUILD_VERSION} diff --git a/immich/README.md b/immich/README.md new file mode 100644 index 000000000..6328e3c59 --- /dev/null +++ b/immich/README.md @@ -0,0 +1,64 @@ +# Home assistant add-on: immich + +[![Donate][donation-badge]](https://www.buymeacoffee.com/alexbelgium) + +![Version](https://img.shields.io/badge/dynamic/json?label=Version&query=%24.version&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fimmich%2Fconfig.json) +![Ingress](https://img.shields.io/badge/dynamic/json?label=Ingress&query=%24.ingress&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fimmich%2Fconfig.json) +![Arch](https://img.shields.io/badge/dynamic/json?color=success&label=Arch&query=%24.arch&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fimmich%2Fconfig.json) + +[![Codacy Badge](https://app.codacy.com/project/badge/Grade/9c6cf10bdbba45ecb202d7f579b5be0e)](https://www.codacy.com/gh/alexbelgium/hassio-addons/dashboard?utm_source=github.com&utm_medium=referral&utm_content=alexbelgium/hassio-addons&utm_campaign=Badge_Grade) +[![GitHub Super-Linter](https://github.com/alexbelgium/hassio-addons/workflows/Lint%20Code%20Base/badge.svg)](https://github.com/marketplace/actions/super-linter) +[![Builder](https://github.com/alexbelgium/hassio-addons/workflows/Builder/badge.svg)](https://github.com/alexbelgium/hassio-addons/actions/workflows/builder.yaml) + +[donation-badge]: https://img.shields.io/badge/Buy%20me%20a%20coffee-%23d32f2f?logo=buy-me-a-coffee&style=flat&logoColor=white + +_Thanks to everyone having starred my repo! To star it click on the image below, then it will be on top right. Thanks!_ + +[![Stargazers repo roster for @alexbelgium/hassio-addons](https://git-lister.onrender.com/api/stars/alexbelgium/hassio-addons?limit=30)](https://github.com/alexbelgium/hassio-addons/stargazers) + +## About + +Web based files browser. +This addon is based on the [docker image](https://hub.docker.com/r/hurlenko/immich) from hurlenko. + +## Configuration + +Postgresql can be either internal or external + +```yaml + "PGID": "int", + "PUID": "int", + "TZ": "str?", + "cifspassword": "str?", + "cifsusername": "str?", + "data_location": "str", + "localdisks": "str?", + "networkdisks": "str?", + "DB_HOSTNAME": "str?", + "DB_USERNAME": "str?", + "DB_PORT": "int?", + "DB_PASSWORD": "str?", + "DB_DATABASE_NAME": "str?", + "JWT_SECRET": "str?" +``` + +## Installation + +The installation of this add-on is pretty straightforward and not different in +comparison to installing any other Hass.io add-on. + +1. [Add my Hass.io add-ons repository][repository] to your Hass.io instance. +1. Install this add-on. +1. Click the `Save` button to store your configuration. +1. Start the add-on. +1. Check the logs of the add-on to see if everything went well. +1. Carefully configure the add-on to your preferences, see the official documentation for for that. + +## Support + +Create an issue on github, or ask on the [home assistant thread](https://community.home-assistant.io/t/home-assistant-addon-immich/282108/3) + +[repository]: https://github.com/alexbelgium/hassio-addons +[aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg +[amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg +[armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg diff --git a/immich/apparmor.txt b/immich/apparmor.txt new file mode 100644 index 000000000..ad2c9285c --- /dev/null +++ b/immich/apparmor.txt @@ -0,0 +1,65 @@ +#include + +profile db21ed7f_qbittorrent flags=(attach_disconnected,mediate_deleted) { + #include + + capability, + file, + signal, + mount, + umount, + remount, + network udp, + network tcp, + network dgram, + network stream, + network inet, + network inet6, + network netlink raw, + network unix dgram, + + capability setgid, + capability setuid, + capability sys_admin, + capability dac_read_search, + # capability dac_override, + # capability sys_rawio, + +# S6-Overlay + /init ix, + /run/{s6,s6-rc*,service}/** ix, + /package/** ix, + /command/** ix, + /run/{,**} rwk, + /dev/tty rw, + /bin/** ix, + /usr/bin/** ix, + /usr/lib/bashio/** ix, + /etc/s6/** rix, + /run/s6/** rix, + /etc/services.d/** rwix, + /etc/cont-init.d/** rwix, + /etc/cont-finish.d/** rwix, + /init rix, + /var/run/** mrwkl, + /var/run/ mrwkl, + /dev/i2c-1 mrwkl, + # Files required + /dev/sda1 mrwkl, + /dev/sdb1 mrwkl, + /dev/nvme0 mrwkl, + /dev/nvme1 mrwkl, + /dev/mmcblk0p1 mrwkl, + /dev/* mrwkl, + /tmp/** mrkwl, + + # Data access + /data/** rw, + + # suppress ptrace denials when using 'docker ps' or using 'ps' inside a container + ptrace (trace,read) peer=docker-default, + + # docker daemon confinement requires explict allow rule for signal + signal (receive) set=(kill,term) peer=/usr/bin/docker, + +} diff --git a/immich/build.json b/immich/build.json new file mode 100644 index 000000000..370843a81 --- /dev/null +++ b/immich/build.json @@ -0,0 +1,9 @@ +{ + "build_from": { + "aarch64": "martabal/immich:latest", + "amd64": "martabal/immich:latest" + }, + "codenotary": { + "signer": "alexandrep.github@gmail.com" + } +} \ No newline at end of file diff --git a/immich/config.json b/immich/config.json new file mode 100644 index 000000000..2e9e144a6 --- /dev/null +++ b/immich/config.json @@ -0,0 +1,99 @@ +{ + "arch": [ + "aarch64", + "amd64", + "armv7" + ], + "codenotary": "alexandrep.github@gmail.com", + "description": "Self-hosted photo and video backup solution directly from your mobile phone", + "devices": [ + "/dev/sda", + "/dev/sdb", + "/dev/sdc", + "/dev/sdd", + "/dev/sde", + "/dev/sdf", + "/dev/sdg", + "/dev/nvme", + "/dev/nvme0n1p1", + "/dev/nvme0n1p2", + "/dev/mmcblk", + "/dev/sda1", + "/dev/sdb1", + "/dev/sdc1", + "/dev/sdd1", + "/dev/sde1", + "/dev/sdf1", + "/dev/sdg1", + "/dev/sda2", + "/dev/sdb2", + "/dev/sdc2", + "/dev/sdd2", + "/dev/sde2", + "/dev/sdf2", + "/dev/sdg2", + "/dev/sda3", + "/dev/sdb3", + "/dev/sda4", + "/dev/sdb4", + "/dev/nvme0", + "/dev/nvme1", + "/dev/nvme2" + ], + "environment": { + "REDIS_HOSTNAME": "localhost", + "REDIS_PORT": "6379" + }, + "image": "ghcr.io/alexbelgium/immich-{arch}", + "map": [ + "media:rw", + "config:rw", + "addons:rw", + "backup:rw", + "share:rw", + "ssl:rw" + ], + "name": "Immich", + "options": { + "PGID": 1000, + "PUID": 1000, + "JWT_SECRET": "jt+OVWY6WqKJXw3xF5qOxN5L5/f4u2jlIlCQgWS3E4w=", + "TZ": "Europe/Paris", + "data_location": "/share/immich" + }, + "panel_icon": "mdi:file-search", + "ports": { + "8080/tcp": 8181 + }, + "ports_description": { + "8080/tcp": "Web UI port" + }, + "privileged": [ + "SYS_ADMIN", + "DAC_READ_SEARCH" + ], + "services": [ + "mysql:want" + ], + "schema": { + "PGID": "int", + "PUID": "int", + "TZ": "str?", + "cifspassword": "str?", + "cifsusername": "str?", + "database": "list(internal|external_postgresql)?", + "data_location": "str", + "localdisks": "str?", + "networkdisks": "str?", + "DB_HOSTNAME": "str?", + "DB_USERNAME": "str?", + "DB_PORT": "int?", + "DB_PASSWORD": "str?", + "DB_DATABASE_NAME": "str?", + "JWT_SECRET": "str" + }, + "slug": "immich", + "url": "https://github.com/alexbelgium/hassio-addons", + "version": "1.0", + "webui": "http://[HOST]:[PORT:8080]" +} diff --git a/immich/icon.png b/immich/icon.png new file mode 100644 index 000000000..05cd46e86 Binary files /dev/null and b/immich/icon.png differ diff --git a/immich/logo.png b/immich/logo.png new file mode 100644 index 000000000..05cd46e86 Binary files /dev/null and b/immich/logo.png differ diff --git a/immich/rootfs/entrypoint.sh b/immich/rootfs/entrypoint.sh new file mode 100644 index 000000000..68c3fec4d --- /dev/null +++ b/immich/rootfs/entrypoint.sh @@ -0,0 +1,16 @@ +#!/bin/bash +echo "Starting..." + +#################### +# Starting scripts # +#################### + +for SCRIPTS in /etc/cont-init.d/*; do + [ -e "$SCRIPTS" ] || continue + echo "$SCRIPTS: executing" + chown "$(id -u)":"$(id -g)" "$SCRIPTS" + chmod a+x "$SCRIPTS" + # Change shebang if no s6 supervision + sed -i 's|/usr/bin/with-contenv bashio|/usr/bin/env bashio|g' "$SCRIPTS" + /."$SCRIPTS" || echo "$SCRIPTS: exiting $?" +done diff --git a/immich/rootfs/etc/cont-init.d/20-folders.sh b/immich/rootfs/etc/cont-init.d/20-folders.sh new file mode 100644 index 000000000..bfb910b2a --- /dev/null +++ b/immich/rootfs/etc/cont-init.d/20-folders.sh @@ -0,0 +1,21 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash + +################# +# DATA_LOCATION # +################# + +PUID="$(bashio::config 'PUID')" +PGID="$(bashio::config 'PGID')" + +bashio::log.info "Setting data location" +DATA_LOCATION="$(bashio::config 'data_location')" + +echo "... check $DATA_LOCATION folder exists" +mkdir -p "$DATA_LOCATION" + +echo "... setting permissions" +chown -R "$PUID":"$PGID" "$DATA_LOCATION" + +echo "... correcting official script" +for file in $(grep -sril '/photos' /etc); do sed -i "s|/photos|$DATA_LOCATION|g" "$file"; done diff --git a/immich/rootfs/etc/cont-init.d/99-run.sh b/immich/rootfs/etc/cont-init.d/99-run.sh new file mode 100644 index 000000000..ac18ef668 --- /dev/null +++ b/immich/rootfs/etc/cont-init.d/99-run.sh @@ -0,0 +1,111 @@ +#!/usr/bin/env bashio +# shellcheck shell=bash +# shellcheck disable=SC2155,SC2016 + +################################### +# Export all addon options as env # +################################### + +bashio::log.info "Setting variables" + +# For all keys in options.json +JSONSOURCE="/data/options.json" + +# Export keys as env variables +# echo "All addon options were exported as variables" +mapfile -t arr < <(jq -r 'keys[]' "${JSONSOURCE}") + +for KEYS in "${arr[@]}"; do + # export key + VALUE=$(jq ."$KEYS" "${JSONSOURCE}") + line="${KEYS}='${VALUE//[\"\']/}'" + # text + if bashio::config.false "verbose" || [[ "${KEYS}" == *"PASS"* ]]; then + bashio::log.blue "${KEYS}=******" + else + bashio::log.blue "$line" + fi + # Use locally + export "${KEYS}=${VALUE//[\"\']/}" +done + +################### +# Define database # +################### + +bashio::log.info "Defining database" +bashio::log.info "-----------------" + +case $(bashio::config 'database') in + + "external_postgresql") + + bashio::log.info "Using external postgresql" + bashio::log.info "" + + # Check if values exist + if ! bashio::config.has_value 'DB_USERNAME' && \ + ! bashio::config.has_value 'DB_HOSTNAME' && \ + ! bashio::config.has_value 'DB_PASSWORD' && \ + ! bashio::config.has_value 'DB_DATABASE_NAME' && \ + ! bashio::config.has_value 'JWT_SECRET' && \ + ! bashio::config.has_value 'DB_PORT' + then + ! bashio::exit.nok "Please make sure that the following options are set : DB_USERNAME, DB_HOSTNAME, DB_PASSWORD, DB_DATABASE_NAME, DB_PORT" + fi + + # Settings parameters + export DB_USERNAME=$(bashio::config 'DB_USERNAME') + export DB_HOSTNAME=$(bashio::config 'DB_HOSTNAME') + export DB_PASSWORD=$(bashio::config 'DB_PASSWORD') + export DB_DATABASE_NAME=$(bashio::config 'DB_DATABASE_NAME') + export DB_PORT=$(bashio::config 'DB_PORT') + export JWT_SECRET=$(bashio::config 'JWT_SECRET') + ;; + + **) + + bashio::log.info "Using internal postgresql" + bashio::log.info "" + + # Settings files & permissions + ln -s /usr/lib/postgresql/14/bin/postgres /usr/bin || true + ln -s /usr/lib/postgresql/14/bin/psql /usr/psql || true + cp -rnf /var/lib/postgresql/14/main/* /data/postgresql/ + mkdir -p /data/postgresql + chown -R postgres /data/postgresql + chmod -R 700 /data/postgresql + + # Start postgresql + /etc/init.d/postgresql start + + # Create database + echo "CREATE ROLE root WITH LOGIN SUPERUSER CREATEDB CREATEROLE PASSWORD 'securepassword'; + CREATE DATABASE immich; CREATE USER immich WITH ENCRYPTED PASSWORD 'immich'; + GRANT ALL PRIVILEGES ON DATABASE immich to immich; + \q"> setup_postgres.sql + chown postgres setup_postgres.sql + sudo -iu postgres psql < setup_postgres.sql + rm setup_postgres.sql + + # Settings parameters + export DB_USERNAME=immich + export DB_HOSTNAME=localhost + export DB_PASSWORD=immich + export DB_DATABASE_NAME=immich + export DB_PORT=5432 + export JWT_SECRET=$(bashio::config 'JWT_SECRET') + ;; + +esac + +################## +# Starting redis # +################## +exec redis-server & bashio::log.info "Starting redis" + +################ +# Starting app # +################ +bashio::log.info "Starting app" +/./usr/bin/supervisord diff --git a/immich/updater.json b/immich/updater.json new file mode 100644 index 000000000..78ac67585 --- /dev/null +++ b/immich/updater.json @@ -0,0 +1,9 @@ +{ + "github_beta": "true", + "last_update": "08-11-2022", + "repository": "alexbelgium/hassio-addons", + "slug": "immich", + "source": "github", + "upstream_repo": "immich-app/immich", + "upstream_version": "1.0" +}