beepi/playbooks/immich/immich.yml

- name: Immich
  hosts: pi
  become: true
  vars:
    immich_user: immich
    immich_home: /home/immich
    quadlet_dir: "{{ immich_home }}/.config/containers/systemd"
    pico_db_password: !vault |
              $ANSIBLE_VAULT;1.1;AES256
              64666332336435616365303563636634373333346537643336626235316432643336303665646463
              3735653065653561643635376237393666313137303661370a336664623937623061313663303835
              37623866383831623433366132346232663862653566653139323630356466653134363035363836
              3061376330316365310a393961343065633937336534306265663733653665383233383030326439
              30633861353033656264663439623264383536376664613665613138623262623261

  tasks:
    - name: Install podman
      ansible.builtin.apt:
        name: podman
        state: present

    - name: Create immich user
      ansible.builtin.user:
        name: "{{ immich_user }}"
        home: "{{ immich_home }}"
        shell: /usr/sbin/nologin
        create_home: true
      register: immich_user_info

    - name: Enable linger
      ansible.builtin.command:
        cmd: "loginctl enable-linger {{ immich_user }}"
        creates: "/var/lib/systemd/linger/{{ immich_user }}"

    - name: Create quadlet directory
      ansible.builtin.file:
        path: "{{ quadlet_dir }}"
        state: directory
        owner: "{{ immich_user }}"
        group: "{{ immich_user }}"
        mode: '0755'

    - name: Deploy network
      ansible.builtin.copy:
        dest: "{{ quadlet_dir }}/immich.network"
        content: "[Network]\n"
        owner: "{{ immich_user }}"
        group: "{{ immich_user }}"
        mode: '0644'

    - name: Deploy volumes
      ansible.builtin.copy:
        dest: "{{ quadlet_dir }}/{{ item }}.volume"
        content: "[Volume]\n"
        owner: "{{ immich_user }}"
        group: "{{ immich_user }}"
        mode: '0644'
      loop:
        - immich-pgdata
        - immich-upload

    - name: Deploy db quadlet
      ansible.builtin.template:
        src: immich-db.container.j2
        dest: "{{ quadlet_dir }}/immich-db.container"
        owner: "{{ immich_user }}"
        group: "{{ immich_user }}"
        mode: '0644'

    - name: Deploy redis quadlet
      ansible.builtin.copy:
        src: immich-redis.container
        dest: "{{ quadlet_dir }}/immich-redis.container"
        owner: "{{ immich_user }}"
        group: "{{ immich_user }}"
        mode: '0644'

    - name: Deploy server quadlet
      ansible.builtin.template:
        src: immich-server.container.j2
        dest: "{{ quadlet_dir }}/immich-server.container"
        owner: "{{ immich_user }}"
        group: "{{ immich_user }}"
        mode: '0644'

    - name: Reload user systemd
      become_user: "{{ immich_user }}"
      environment:
        XDG_RUNTIME_DIR: "/run/user/{{ immich_user_info.uid }}"
        DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ immich_user_info.uid }}/bus"
      ansible.builtin.systemd:
        daemon_reload: true
        scope: user

    - name: Start immich-server
      become_user: "{{ immich_user }}"
      environment:
        XDG_RUNTIME_DIR: "/run/user/{{ immich_user_info.uid }}"
        DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ immich_user_info.uid }}/bus"
      ansible.builtin.systemd:
        name: immich-server.service
        state: started
        scope: user