/
/
/
1---
2# Runner Services - Immich Photo Management
3
4- name: Debug vault variable resolution for Immich
5 debug:
6 msg: |
7 Vault variable debug for Immich:
8 - postgres_user: '{{ postgres_user }}'
9 - postgres_db: '{{ postgres_db }}'
10 - postgres_password: '{{ postgres_password }}'
11 - vault_runner.postgres_user: '{{ vault_runner.postgres_user | default("NOT_SET") }}'
12 - vault_runner.postgres_db: '{{ vault_runner.postgres_db | default("NOT_SET") }}'
13 - vault_runner.postgres_password: '{{ vault_runner.postgres_password | default("NOT_SET") }}'
14
15- name: Validate PostgreSQL password is set
16 fail:
17 msg: "PostgreSQL password is empty! Make sure to provide vault password with --ask-vault-pass or --vault-password-file"
18 when: postgres_password == ''
19
20- name: Create Immich consolidated directory structure
21 file:
22 path: "{{ item }}"
23 state: directory
24 owner: "{{ runner_user }}"
25 group: "users"
26 mode: '2775' # setgid bit for inheritance, group writable (umask 002)
27 loop:
28 - "{{ immich_config_dir }}"
29 - "{{ immich_config_dir }}/config"
30 - "{{ immich_config_dir }}/postgres"
31
32- name: Ensure proper ownership for entire Immich directory
33 file:
34 path: "{{ immich_config_dir }}"
35 state: directory
36 owner: "{{ runner_user }}"
37 group: "users"
38 mode: '2775'
39 recurse: yes
40
41- name: Generate Immich environment file
42 template:
43 src: immich.env.j2
44 dest: "{{ immich_config_dir }}/.env"
45 owner: "{{ runner_user }}"
46 group: "users"
47 mode: '0664' # group writable
48 notify: restart immich
49
50- name: Create Immich Docker Compose file
51 template:
52 src: immich-compose.yml.j2
53 dest: "{{ immich_config_dir }}/docker-compose.yml"
54 owner: "{{ runner_user }}"
55 group: "users"
56 mode: '0664' # group writable
57 notify: restart immich
58
59- name: Create Immich JSON configuration file
60 template:
61 src: immich.json.j2
62 dest: "{{ immich_config_dir }}/config/immich.json"
63 owner: "{{ runner_user }}"
64 group: "users"
65 mode: '0644'
66 notify: restart immich
67
68# Database initialization is handled automatically by Immich services
69# Remove any existing failed PostgreSQL data directory to ensure clean start
70- name: Clean up any existing PostgreSQL data if service failed
71 file:
72 path: "{{ immich_config_dir }}/postgres"
73 state: absent
74 when: immich_start_result is defined and immich_start_result is failed
75
76- name: Start Immich services
77 community.docker.docker_compose_v2:
78 project_src: "{{ immich_config_dir }}"
79 state: present
80 register: immich_start_result
81
82# Wait for Immich server to be healthy
83- name: Wait for Immich server to be healthy
84 uri:
85 url: "http://localhost:{{ immich_server_port }}/api/server/ping"
86 method: GET
87 status_code: 200
88 register: immich_health
89 until: immich_health.status == 200
90 retries: 12
91 delay: 10
92 when: immich_start_result is changed
93
94- name: Display Immich deployment summary
95 debug:
96 msg: |
97 Immich Photo Management Deployment:
98 - Status: {{ 'Started' if immich_start_result is changed else 'Already running' }}
99 - Server Health: {{ 'OK' if (immich_health.status | default(0)) == 200 else 'Check manually' }}
100 - ML Health: {{ 'OK' if (immich_ml_health.status | default(0)) == 200 else 'Check manually' }}
101 - Web UI: http://{{ ansible_default_ipv4.address }}:{{ immich_server_port }}
102 - API Endpoint: http://{{ ansible_default_ipv4.address }}:{{ immich_server_port }}/api
103 - Configuration: {{ immich_config_dir }}
104 - Photo Storage: {{ immich_upload_dir }}
105 - Machine Learning: {{ 'Enabled' if immich_ml_enabled else 'Disabled' }}
106 - Facial Recognition: {{ 'Enabled' if immich_facial_recognition else 'Disabled' }}
107 - Hardware Acceleration: {{ immich_hardware_acceleration }}
108 - GPU Detection: {{ 'Available' if ansible_facts.get('gpu_info', {}).get('nvidia_gpu_detected', false) or ansible_facts.get('intel_gpu_detected', false) or ansible_facts.get('vaapi_devices', []) | length > 0 else 'No GPU detected' }}
109