Update Immich docs with storage architecture and B2 backup
This commit is contained in:
@@ -1,128 +1,25 @@
|
||||
# Immich Photo Library
|
||||
---
|
||||
title: "Photos - Immich"
|
||||
weight: 5
|
||||
---
|
||||
|
||||
Immich est la solution de gestion de photos et vidéos familiale de LakeNet, offrant une alternative self-hosted à Google Photos.
|
||||
# Photos - Immich
|
||||
|
||||
## Accès
|
||||
## Overview
|
||||
|
||||
| Paramètre | Valeur |
|
||||
|-----------|--------|
|
||||
| **URL** | [photos.serval-nase.ts.net](https://photos.serval-nase.ts.net) |
|
||||
| **Go-link** | [go/photos](https://go.serval-nase.ts.net/photos) |
|
||||
| **Version** | v2.5.2 |
|
||||
| **Namespace K3s** | `photos` |
|
||||
| **Auth Web** | Authelia SSO |
|
||||
| **Auth Mobile** | API Key (bypass Authelia) |
|
||||
Immich is the self-hosted photo and video management solution for LakeNet.
|
||||
|
||||
## Architecture
|
||||
|
||||
```
|
||||
┌─────────────────────────────────────────────────────────────────┐
|
||||
│ IMMICH ARCHITECTURE │
|
||||
├─────────────────────────────────────────────────────────────────┤
|
||||
│ Clients (iOS/Web) → Immich Server → PostgreSQL + Redis │
|
||||
│ ↓ ↓ │
|
||||
│ Authelia SSO ┌─────┴─────┐ │
|
||||
│ ↓ ↓ │
|
||||
│ HOT (NVME) COLD (Annecy NFS) │
|
||||
│ - thumbs - originals │
|
||||
│ - profile - encoded-video │
|
||||
│ - ML cache - library │
|
||||
└─────────────────────────────────────────────────────────────────┘
|
||||
```
|
||||
|
||||
## Composants K3s
|
||||
|
||||
| Pod | Rôle | Resources |
|
||||
|-----|------|-----------|
|
||||
| `immich-server` | API + Workers (v2.5+ unified) | 2 CPU, 4Gi RAM |
|
||||
| `immich-ml` | Machine Learning (faces, objects) | 2 CPU, 2Gi RAM |
|
||||
| `postgres-immich` | Base de données métadonnées | 500m CPU, 1Gi RAM |
|
||||
| `redis-immich` | Cache sessions | 100m CPU, 256Mi RAM |
|
||||
**URL**: https://photos.serval-nase.ts.net
|
||||
|
||||
## Storage Architecture
|
||||
|
||||
### Tier 1 - Hot Storage (Talloires NVME)
|
||||
- **HOT** (Talloires NVMe): PostgreSQL, Redis, ML cache, Thumbs
|
||||
- **LUKEWARM** (Annecy photoserver 4TB): originals, encoded-video, library
|
||||
- **COLD** (B2 encrypted): Daily backup at 05:00
|
||||
|
||||
Budget: **~300 GB**
|
||||
## B2 Backup (Encrypted)
|
||||
|
||||
| PVC | Taille | Contenu |
|
||||
|-----|--------|---------|
|
||||
| `immich-thumbs` | 250 Gi | Thumbnails 1024px |
|
||||
| `immich-profile` | 1 Gi | Avatars utilisateurs |
|
||||
| `immich-backups` | 20 Gi | DB dumps |
|
||||
| `immich-ml-cache` | 10 Gi | Modèles ML |
|
||||
| `postgres-immich-data` | 30 Gi | PostgreSQL data |
|
||||
|
||||
### Tier 2 - Cold Storage (Annecy NAS via NFS)
|
||||
|
||||
Budget: **~1.3 TB**
|
||||
|
||||
| PVC | Taille | Contenu |
|
||||
|-----|--------|---------|
|
||||
| `immich-originals` | 600 Gi | Photos/vidéos originales |
|
||||
| `immich-encoded` | 200 Gi | Vidéos transcodées |
|
||||
| `immich-library` | 500 Gi | External libraries |
|
||||
|
||||
### Tier 3 - Backup (Backblaze B2)
|
||||
|
||||
🚧 **À configurer** - Backup immutable quotidien
|
||||
|
||||
## Utilisateurs
|
||||
|
||||
| Utilisateur | Rôle | Status |
|
||||
|-------------|------|--------|
|
||||
| lionel | Admin | ✅ Actif |
|
||||
| rachel | User | 🔜 À créer |
|
||||
| fiona | User | 🔜 À créer |
|
||||
| jean-claude | User | 🔜 À créer |
|
||||
| anne | User | 🔜 À créer |
|
||||
| amelie | User | 🔜 À créer |
|
||||
| alexis | User | 🔜 À créer |
|
||||
|
||||
## Configuration Réseau
|
||||
|
||||
### IngressRoutes
|
||||
|
||||
```yaml
|
||||
# Web UI (avec Authelia)
|
||||
Host: photos.serval-nase.ts.net
|
||||
Middleware: authelia-forwardauth
|
||||
Priority: 50
|
||||
|
||||
# API Mobile (sans Authelia)
|
||||
Host: photos.serval-nase.ts.net
|
||||
Path: /api/*
|
||||
Priority: 100 (bypass auth)
|
||||
```
|
||||
|
||||
### DNS
|
||||
|
||||
```bash
|
||||
# /etc/dnsmasq.d/tailscale.conf sur Talloires
|
||||
address=/photos.serval-nase.ts.net/100.119.210.84
|
||||
address=/photos.serval-nase.ts.net/100.116.198.105
|
||||
```
|
||||
|
||||
## Maintenance
|
||||
|
||||
### Vérifier les pods
|
||||
|
||||
```bash
|
||||
kubectl get pods -n photos
|
||||
```
|
||||
|
||||
### Logs serveur
|
||||
|
||||
```bash
|
||||
kubectl logs -n photos -l app=immich-server -f
|
||||
```
|
||||
|
||||
### Backup base de données
|
||||
|
||||
Immich v2.5+ inclut un système de backup/restore intégré accessible via Administration > Maintenance.
|
||||
|
||||
## Références
|
||||
|
||||
- [Documentation Immich](https://immich.app/docs)
|
||||
- [Issue Gitea #48](https://git.serval-nase.ts.net/lionel/lake-central/issues/48)
|
||||
- [Release Notes v2.5.0](https://github.com/immich-app/immich/releases/tag/v2.5.0)
|
||||
- Bucket: ldu-photos-cold-storage
|
||||
- Encryption: AES-256 rclone crypt
|
||||
- Script: ~/scripts/backup-immich-b2.sh
|
||||
- Cron: Daily 05:00
|
||||
|
||||
Reference in New Issue
Block a user