From c10174c32d0576528a28bfc0996d12f4ecf4e05d Mon Sep 17 00:00:00 2001
From: shockrah <dev@shockrah.xyz>
Date: Wed, 22 May 2024 20:26:54 -0700
Subject: [PATCH] Configuration for immich server

---
 infra/dns/shockrah-xyz.tf            |  1 +
 infra/static-vultr/immich-server.tf  | 21 +++++++++++++++++++++
 infra/static-vultr/immich/nginx.conf | 11 +++++++++++
 infra/static-vultr/output.tf         |  8 ++++++++
 infra/static-vultr/ssh.tf            | 13 +++++++++++++
 5 files changed, 54 insertions(+)
 create mode 100644 infra/static-vultr/immich-server.tf
 create mode 100644 infra/static-vultr/immich/nginx.conf

diff --git a/infra/dns/shockrah-xyz.tf b/infra/dns/shockrah-xyz.tf
index d936522..e785437 100644
--- a/infra/dns/shockrah-xyz.tf
+++ b/infra/dns/shockrah-xyz.tf
@@ -36,6 +36,7 @@ locals {
     },
     { name = "www.shockrah.xyz",      records = [ var.vultr_host ] },
     { name = "resume.shockrah.xyz",   records = [ var.vultr_host ] },
+    { name = "immich.shockrah.xyz",    records = [ "45.32.92.196" ] },
   ]
 }
 
diff --git a/infra/static-vultr/immich-server.tf b/infra/static-vultr/immich-server.tf
new file mode 100644
index 0000000..97c4dd1
--- /dev/null
+++ b/infra/static-vultr/immich-server.tf
@@ -0,0 +1,21 @@
+# Here we define the resources for our temporary immich server
+
+resource vultr_instance immich {
+  plan    = var.host.plan
+  region  = var.host.region
+  os_id   = var.host.os
+  enable_ipv6 = true
+
+  # Enable backups for now since we're getting off of s3 as well at some point
+  backups = "enabled"
+  backups_schedule {
+    type = "weekly"
+    dow  = var.host.backups.day
+    hour = var.host.backups.hour
+  }
+
+  ssh_key_ids = [ vultr_ssh_key.immich.id ]
+  firewall_group_id = vultr_firewall_group.host.id
+}
+
+
diff --git a/infra/static-vultr/immich/nginx.conf b/infra/static-vultr/immich/nginx.conf
new file mode 100644
index 0000000..a811322
--- /dev/null
+++ b/infra/static-vultr/immich/nginx.conf
@@ -0,0 +1,11 @@
+server {
+	listen 80;
+	server_name immich.shockrah.xyz;
+
+	location / {
+		proxy_pass http://127.0.0.1:2283/;
+	}
+}
+
+
+
diff --git a/infra/static-vultr/output.tf b/infra/static-vultr/output.tf
index 9f8e5a6..5edd7ed 100644
--- a/infra/static-vultr/output.tf
+++ b/infra/static-vultr/output.tf
@@ -13,3 +13,11 @@ output vultr_key_id {
   value = aws_iam_access_key.vultr.id
 }
 
+
+output immich_key {
+  sensitive = true
+  # value     = tls_private_key.host.private_key_openssh
+  value     = vultr_instance.immich.default_password
+}
+
+
diff --git a/infra/static-vultr/ssh.tf b/infra/static-vultr/ssh.tf
index 14fea41..dc2ebe1 100644
--- a/infra/static-vultr/ssh.tf
+++ b/infra/static-vultr/ssh.tf
@@ -7,3 +7,16 @@ resource vultr_ssh_key host {
   name = "static_ssh_key"
   ssh_key = tls_private_key.host.public_key_openssh
 }
+
+####################
+#    Immich keys   #
+####################
+resource tls_private_key immich {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource vultr_ssh_key immich {
+  name    = "static_ssh_key"
+  ssh_key = tls_private_key.immich.public_key_openssh
+}