---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: immich-pv
  namespace: immich
spec:
  capacity:
    storage: 50Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: nfs-storage
  nfs:
    server: nas.homenet
    path: /mnt/storage/Storage/k8s/immich/db-vector
    readOnly: false
  volumeMode: Filesystem

---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: nfs-storage
provisioner: kubernetes.io/no-provisioner
reclaimPolicy: Retain
volumeBindingMode: Immediate

---
apiVersion: v1
data:
  password: cG9zdGdyZXM=
  username: cG9zdGdyZXM=
kind: Secret
metadata:
  name: immich-db-pass
  namespace: immich
type: kubernetes.io/basic-auth

---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
  name: immich
  namespace: immich
spec:
  description: "PostgreSQL cluster for Immich with vector support"
  imageName: ghcr.io/tensorchord/cloudnative-pgvecto.rs:14-v0.3.0
  enableSuperuserAccess: true
  instances: 1
  startDelay: 300
  primaryUpdateStrategy: unsupervised
  
  postgresql:
    parameters:
      shared_buffers: "512MB"
      max_wal_size: "2GB"
      wal_compression: "on"
    shared_preload_libraries:
      - "vectors.so"
    pg_hba:
      - host all all 0.0.0.0/0 md5
  
  bootstrap:
    initdb:
      database: immich
      owner: postgres
      dataChecksums: true
      secret:
        name: immich-db-pass
      postInitApplicationSQL:
        - ALTER SYSTEM SET search_path TO "$user", public, vectors;
        - SET search_path TO "$user", public, vectors;
        - CREATE EXTENSION IF NOT EXISTS "vectors";
        - ALTER SCHEMA vectors OWNER TO "postgres";
        - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA vectors TO "postgres";
        - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "postgres";
        - CREATE EXTENSION IF NOT EXISTS cube;
        - CREATE EXTENSION IF NOT EXISTS earthdistance;
  
  storage:
    size: 50Gi
    storageClass: nfs-storage
    pvcTemplate:
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 50Gi
      storageClassName: nfs-storage
      volumeMode: Filesystem
  
  resources:
    requests:
      memory: "1Gi"
      cpu: "500m"
    limits:
      memory: "2Gi"
      cpu: "1"
  
  affinity:
    enablePodAntiAffinity: true
    nodeAffinity:
      preferredDuringSchedulingIgnoredDuringExecution:
        - weight: 100
          preference:
            matchExpressions:
              - key: kubernetes.io/hostname
                operator: In
                values:
                  - nas.homenet
      
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
          - matchExpressions:
              - key: kubernetes.io/hostname
                operator: In
                values:
                  - home.homenet
                  - nas.homenet
    
    tolerations:
      - key: cnpg.io/cluster
        effect: NoSchedule
        value: immich-db
        operator: Equal
    
    additionalPodAffinity:
      preferredDuringSchedulingIgnoredDuringExecution:
        - weight: 1
          podAffinityTerm:
            labelSelector:
              matchExpressions:
                - key: app.component
                  operator: In
                  values:
                    - "pg-cluster"
            topologyKey: topology.kubernetes.io/zone
  
  monitoring:
    enablePodMonitor: true