feat: update immich

2024-03-12 21:59:03 +01:00 · 2024-03-12 21:59:03 +01:00 · 654b1c0318
parent e5f7f605a1
commit 654b1c0318
3 changed files with 8 additions and 5 deletions
--- a/hosts/elisabeth/fs.nix
+++ b/hosts/elisabeth/fs.nix
@ -87,10 +87,11 @@
          type = "snap";
          name = "mach-schnipp-schusss";
          filesystems = {
-            "panzer/safe<" = true;
+            "panzer<" = true;
            "rpool/local/state<" = true;
+            "rpool/local/guests<" = true;
            "rpool/safe<" = true;
-            "renaultft/safe<" = true;
+            "renaultft<" = true;
          };
          snapshotting = {
            type = "periodic";
--- a/modules/services/immich.nix
+++ b/modules/services/immich.nix
@ -6,7 +6,7 @@
  config,
  ...
 }: let
-  version = "v1.93.3";
+  version = "v1.98.2";
  immichDomain = "immich.${config.secrets.secrets.global.domains.web}";

  ipImmichMachineLearning = "10.89.0.10";
@ -299,7 +299,7 @@ in {
    };

  virtualisation.oci-containers.containers."immich_postgres" = {
-    image = "tensorchord/pgvecto-rs:pg14-v0.1.11@sha256:0335a1a22f8c5dd1b697f14f079934f5152eaaa216c09b61e293be285491f8ee";
+    image = "tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0";
    environment = {
      POSTGRES_DB = environment.DB_DATABASE_NAME;
      POSTGRES_PASSWORD_FILE = environment.DB_PASSWORD_FILE;
@ -318,7 +318,7 @@ in {
  };
  systemd.services."podman-immich_postgres" = serviceConfig;
  virtualisation.oci-containers.containers."immich_redis" = {
-    image = "redis:6.2-alpine@sha256:c5a607fb6e1bb15d32bbcf14db22787d19e428d59e31a5da67511b49bb0f1ccc";
+    image = "redis:6.2-alpine@sha256:51d6c56749a4243096327e3fb964a48ed92254357108449cb6e23999c37773c5";
    log-driver = "journald";
    extraOptions = [
      "--network-alias=immich_redis"
--- a/modules/services/kanidm.nix
+++ b/modules/services/kanidm.nix
@ -73,6 +73,7 @@ in {
        basicSecretFile = config.age.secrets.oauth2-nextcloud.path;
        allowInsecureClientDisablePkce = true;
        scopeMaps."nextcloud.access" = ["openid" "email" "profile"];
+        preferShortUsername = true;
      };

      groups."immich.access" = {
@ -88,6 +89,7 @@ in {
        basicSecretFile = config.age.secrets.oauth2-immich.path;
        allowInsecureClientDisablePkce = true;
        scopeMaps."immich.access" = ["openid" "email" "profile"];
+        preferShortUsername = true;
      };

      groups."forgejo.access" = {