From 1d6c95d5212d83379b673c5f25ffc26c219b37ce Mon Sep 17 00:00:00 2001 From: kisfenyo Date: Thu, 18 Dec 2025 15:56:04 +0100 Subject: [PATCH] Added apps --- argocd-apps/homelab.yaml | 66 +++++ backup-system/duplicati.yaml | 137 +++++++++ bookstack-system/bookstack.yaml | 347 ++++++++++++++++++++++ immich-system/immich.yaml | 502 ++++++++++++++++++++++++++++++++ 4 files changed, 1052 insertions(+) create mode 100644 backup-system/duplicati.yaml create mode 100644 bookstack-system/bookstack.yaml create mode 100644 immich-system/immich.yaml diff --git a/argocd-apps/homelab.yaml b/argocd-apps/homelab.yaml index 3b49c54..3164e36 100644 --- a/argocd-apps/homelab.yaml +++ b/argocd-apps/homelab.yaml @@ -126,3 +126,69 @@ spec: - CreateNamespace=true - PruneLast=true --- +# Duplicati +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: duplicati + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: homelab + source: + repoURL: https://gitea.dooplex.hu/admin/homelab-manifests.git + targetRevision: main + path: backup-system + destination: + server: https://kubernetes.default.svc + namespace: backup-system + syncPolicy: + syncOptions: + - CreateNamespace=true + - PruneLast=true +--- +# Bookstack +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: bookstack + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: homelab + source: + repoURL: https://gitea.dooplex.hu/admin/homelab-manifests.git + targetRevision: main + path: bookstack-system + destination: + server: https://kubernetes.default.svc + namespace: bookstack-system + syncPolicy: + syncOptions: + - CreateNamespace=true + - PruneLast=true +--- +# Immich +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: immich + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: homelab + source: + repoURL: https://gitea.dooplex.hu/admin/homelab-manifests.git + targetRevision: main + path: immich-system + destination: + server: https://kubernetes.default.svc + namespace: immich-system + syncPolicy: + syncOptions: + - CreateNamespace=true + - PruneLast=true +--- diff --git a/backup-system/duplicati.yaml b/backup-system/duplicati.yaml new file mode 100644 index 0000000..b6a83ea --- /dev/null +++ b/backup-system/duplicati.yaml @@ -0,0 +1,137 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: backup-system +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: duplicati-config + namespace: backup-system +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: longhorn +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: duplicati + namespace: backup-system + labels: + app.kubernetes.io/name: duplicati +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/name: duplicati + template: + metadata: + labels: + app.kubernetes.io/name: duplicati + spec: + containers: + - name: duplicati + image: lscr.io/linuxserver/duplicati:latest + env: + - name: PUID + value: "0" + - name: PGID + value: "0" + - name: TZ + value: Europe/Budapest + - name: SETTINGS_ENCRYPTION_KEY + valueFrom: + secretKeyRef: + name: duplicati + key: encyptionkey + - name: DUPLICATI__WEBSERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: duplicati + key: webpassword + ports: + - containerPort: 8200 + name: http + volumeMounts: + - name: config + mountPath: /config + - name: source + mountPath: /source + readOnly: true + - name: backup + mountPath: /backup + - name: home + mountPath: /source_home + - name: orsi + mountPath: /source_orsi + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: "2" + memory: 1Gi + volumes: + - name: config + persistentVolumeClaim: + claimName: duplicati-config + - name: source + hostPath: + path: /mnt/4_hdd/data + type: Directory + - name: backup + hostPath: + path: /mnt/2_hdd/Backup + type: Directory + - name: home + hostPath: + path: /home + type: Directory + - name: orsi + hostPath: + path: /mnt/4_hdd/orsi + type: Directory +--- +apiVersion: v1 +kind: Service +metadata: + name: duplicati + namespace: backup-system + annotations: + external-dns.alpha.kubernetes.io/hostname: duplicati.home +spec: + type: ClusterIP + ports: + - port: 8200 + targetPort: http + name: http + selector: + app.kubernetes.io/name: duplicati +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: duplicati + namespace: backup-system + annotations: + external-dns.alpha.kubernetes.io/hostname: duplicati.home +spec: + ingressClassName: nginx-internal + rules: + - host: duplicati.home + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: duplicati + port: + number: 8200 diff --git a/bookstack-system/bookstack.yaml b/bookstack-system/bookstack.yaml new file mode 100644 index 0000000..3f540ed --- /dev/null +++ b/bookstack-system/bookstack.yaml @@ -0,0 +1,347 @@ +--- +# Namespace +apiVersion: v1 +kind: Namespace +metadata: + name: bookstack-system +--- +# Service Account +apiVersion: v1 +kind: ServiceAccount +metadata: + name: default + namespace: bookstack-system +--- +# PVC for MariaDB data +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: bookstack-mariadb + namespace: bookstack-system + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: mariadb +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 5Gi +--- +# PVC for Bookstack config +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: bookstack-config + namespace: bookstack-system + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: bookstack +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 2Gi +--- +# MariaDB Deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bookstack-mariadb + namespace: bookstack-system + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: mariadb +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: mariadb + template: + metadata: + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: mariadb + spec: + containers: + - name: mariadb + image: mariadb:11 + imagePullPolicy: IfNotPresent + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: bookstack-db + key: root-password + - name: MYSQL_DATABASE + value: bookstackapp + - name: MYSQL_USER + valueFrom: + secretKeyRef: + name: bookstack-db + key: username + - name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: bookstack-db + key: password + ports: + - name: mysql + containerPort: 3306 + protocol: TCP + resources: + limits: + cpu: "500m" + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + livenessProbe: + exec: + command: + - sh + - -c + - healthcheck.sh --connect --innodb_initialized + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - sh + - -c + - healthcheck.sh --connect --innodb_initialized + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + volumeMounts: + - name: data + mountPath: /var/lib/mysql + volumes: + - name: data + persistentVolumeClaim: + claimName: bookstack-mariadb +--- +# MariaDB Service +apiVersion: v1 +kind: Service +metadata: + name: bookstack-mariadb + namespace: bookstack-system + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: mariadb +spec: + type: ClusterIP + ports: + - name: mysql + port: 3306 + targetPort: mysql + protocol: TCP + selector: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: mariadb +--- +# Bookstack Deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bookstack + namespace: bookstack-system + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: bookstack + app.kubernetes.io/version: 25.11.5 +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: bookstack + template: + metadata: + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: bookstack + app.kubernetes.io/version: 25.11.5 + spec: + containers: + - name: bookstack + image: linuxserver/bookstack:25.11.5 + imagePullPolicy: IfNotPresent + env: + # LinuxServer.io specific + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: TZ + value: Europe/Budapest + # App URL + - name: APP_URL + value: https://bookstack.dooplex.hu + # Database + - name: DB_HOST + value: bookstack-mariadb + - name: DB_PORT + value: "3306" + - name: DB_DATABASE + value: bookstackapp + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: bookstack-db + key: username + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: bookstack-db + key: password + # App key for encryption + - name: APP_KEY + valueFrom: + secretKeyRef: + name: bookstack-app + key: app-key + # SMTP Configuration + - name: MAIL_DRIVER + value: smtp + - name: MAIL_HOST + valueFrom: + secretKeyRef: + name: smtp-credentials + key: host + - name: MAIL_PORT + valueFrom: + secretKeyRef: + name: smtp-credentials + key: port + - name: MAIL_USERNAME + valueFrom: + secretKeyRef: + name: smtp-credentials + key: username + - name: MAIL_PASSWORD + valueFrom: + secretKeyRef: + name: smtp-credentials + key: password + - name: MAIL_FROM + valueFrom: + secretKeyRef: + name: smtp-credentials + key: from-address + - name: MAIL_FROM_NAME + value: "BookStack" + - name: MAIL_ENCRYPTION + value: tls + ports: + - name: http + containerPort: 80 + protocol: TCP + resources: + limits: + cpu: "1" + memory: 1Gi + requests: + cpu: 100m + memory: 256Mi + livenessProbe: + httpGet: + path: /status + port: http + initialDelaySeconds: 60 + periodSeconds: 30 + timeoutSeconds: 10 + failureThreshold: 5 + readinessProbe: + httpGet: + path: /status + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + volumeMounts: + - name: config + mountPath: /config + - name: data + mountPath: /data + volumes: + - name: config + persistentVolumeClaim: + claimName: bookstack-config + - name: data + hostPath: + path: /mnt/4_hdd/data/bookstack + type: DirectoryOrCreate +--- +# Bookstack Service +apiVersion: v1 +kind: Service +metadata: + name: bookstack + namespace: bookstack-system + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: bookstack + app.kubernetes.io/version: 25.11.5 +spec: + type: ClusterIP + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP + selector: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: bookstack +--- +# Ingress +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: bookstack + namespace: bookstack-system + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + external-dns.alpha.kubernetes.io/hostname: bookstack.dooplex.hu,bookstack.home + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/proxy-body-size: "50m" + labels: + app.kubernetes.io/instance: bookstack + app.kubernetes.io/name: bookstack +spec: + ingressClassName: nginx-internal + rules: + - host: bookstack.dooplex.hu + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: bookstack + port: + number: 80 + - host: bookstack.home + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: bookstack + port: + number: 80 + tls: + - hosts: + - bookstack.dooplex.hu + secretName: bookstack-tls diff --git a/immich-system/immich.yaml b/immich-system/immich.yaml new file mode 100644 index 0000000..9b37832 --- /dev/null +++ b/immich-system/immich.yaml @@ -0,0 +1,502 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: immich-system +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: immich-postgres + namespace: immich-system +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: longhorn +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: immich-postgres + namespace: immich-system + labels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: postgres +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: postgres + template: + metadata: + labels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: postgres + spec: + securityContext: + fsGroup: 999 + containers: + - name: postgres + image: ghcr.io/immich-app/postgres:16-vectorchord0.3.0 + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: immich-db + key: username + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: immich-db + key: password + - name: POSTGRES_DB + value: immich + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + subPath: data + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 1 + memory: 1Gi + volumes: + - name: data + persistentVolumeClaim: + claimName: immich-postgres +--- +apiVersion: v1 +kind: Service +metadata: + name: immich-postgres + namespace: immich-system +spec: + type: ClusterIP + ports: + - port: 5432 + targetPort: postgres + name: postgres + selector: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: postgres +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: immich-machine-learning + labels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: machine-learning + app.kubernetes.io/version: v2.3.1 + namespace: immich-system +spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "10Gi" + storageClassName: "longhorn" +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: immich-valkey + labels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: valkey + app.kubernetes.io/version: v2.3.1 + namespace: immich-system +spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "1Gi" + storageClassName: "longhorn" +--- +apiVersion: v1 +kind: Service +metadata: + name: immich-machine-learning + labels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: machine-learning + app.kubernetes.io/service: immich-machine-learning + app.kubernetes.io/version: v2.3.1 + namespace: immich-system +spec: + type: ClusterIP + ports: + - port: 3003 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: machine-learning +--- +apiVersion: v1 +kind: Service +metadata: + name: immich-server + labels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: server + app.kubernetes.io/service: immich-server + app.kubernetes.io/version: v2.3.1 + namespace: immich-system +spec: + type: ClusterIP + ports: + - port: 2283 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: server +--- +apiVersion: v1 +kind: Service +metadata: + name: immich-valkey + labels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: valkey + app.kubernetes.io/service: immich-valkey + app.kubernetes.io/version: v2.3.1 + namespace: immich-system +spec: + type: ClusterIP + ports: + - port: 6379 + targetPort: redis + protocol: TCP + name: redis + selector: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: valkey +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: immich-machine-learning + labels: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: machine-learning + app.kubernetes.io/version: v2.3.1 + namespace: immich-system +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: main + app.kubernetes.io/name: machine-learning + app.kubernetes.io/instance: immich + template: + metadata: + labels: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: machine-learning + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: HF_XET_CACHE + value: /cache/huggingface-xet + - name: IMMICH_MACHINE_LEARNING_URL + value: http://immich-machine-learning:3003 + - name: MPLCONFIGDIR + value: /cache/matplotlib-config + - name: REDIS_HOSTNAME + value: immich-valkey + - name: TRANSFORMERS_CACHE + value: /cache + image: ghcr.io/immich-app/immich-machine-learning:v2.3.1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + name: main + ports: + - containerPort: 3003 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + startupProbe: + failureThreshold: 60 + httpGet: + path: /ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - mountPath: /cache + name: cache + volumes: + - name: cache + persistentVolumeClaim: + claimName: immich-machine-learning +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: immich-server + labels: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: server + app.kubernetes.io/version: v2.3.1 + namespace: immich-system +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: main + app.kubernetes.io/name: server + app.kubernetes.io/instance: immich + template: + metadata: + labels: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: server + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: DB_HOSTNAME + value: immich-postgres + - name: DB_PORT + value: "5432" + - name: DB_DATABASE_NAME + value: immich + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: immich-db + key: username + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: immich-db + key: password + - name: IMMICH_MACHINE_LEARNING_URL + value: http://immich-machine-learning:3003 + - name: REDIS_HOSTNAME + value: immich-valkey + image: ghcr.io/immich-app/immich-server:v2.3.1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /api/server/ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + name: main + ports: + - containerPort: 2283 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /api/server/ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + startupProbe: + failureThreshold: 30 + httpGet: + path: /api/server/ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + volumeMounts: + - mountPath: /data + name: data + volumes: + - name: data + hostPath: + path: /mnt/4_hdd/data/immich + type: Directory +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: immich-valkey + labels: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: valkey + app.kubernetes.io/version: v2.3.1 + namespace: immich-system +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: main + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + template: + metadata: + labels: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: immich + app.kubernetes.io/name: valkey + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: IMMICH_MACHINE_LEARNING_URL + value: http://immich-machine-learning:3003 + - name: REDIS_HOSTNAME + value: immich-valkey + image: docker.io/valkey/valkey:9.0-alpine@sha256:b4ee67d73e00393e712accc72cfd7003b87d0fcd63f0eba798b23251bfc9c394 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - valkey-cli ping | grep PONG + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + name: main + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - valkey-cli ping | grep PONG + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + startupProbe: + exec: + command: + - sh + - -c + - valkey-cli ping | grep PONG + failureThreshold: 30 + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 5 + volumeMounts: + - mountPath: /data + name: data + volumes: + - name: data + persistentVolumeClaim: + claimName: immich-valkey +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: immich-server + labels: + app.kubernetes.io/instance: immich + app.kubernetes.io/name: server + app.kubernetes.io/version: v2.3.1 + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + external-dns.alpha.kubernetes.io/hostname: photos.dooplex.hu + nginx.ingress.kubernetes.io/proxy-body-size: "0" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + namespace: immich-system +spec: + ingressClassName: nginx-internal + tls: + - hosts: + - "photos.dooplex.hu" + secretName: "immich-tls" + rules: + - host: "photos.dooplex.hu" + http: + paths: + - path: "/" + pathType: Prefix + backend: + service: + name: immich-server + port: + number: 2283 + - host: "photos.home" + http: + paths: + - path: "/" + pathType: Prefix + backend: + service: + name: immich-server + port: + number: 2283