45 lines
3.8 KiB
Markdown
45 lines
3.8 KiB
Markdown
# Upstream sources — immich
|
|
|
|
| service | image | source repo | releases / changelog |
|
|
|---------|-------|-------------|----------------------|
|
|
| app | ghcr.io/immich-app/immich-server | https://github.com/immich-app/immich | https://github.com/immich-app/immich/releases |
|
|
| immich-machine-learning | ghcr.io/immich-app/immich-machine-learning | https://github.com/immich-app/immich | https://github.com/immich-app/immich/releases |
|
|
| redis | docker.io/valkey/valkey | https://github.com/valkey-io/valkey | https://github.com/valkey-io/valkey/releases |
|
|
| database | ghcr.io/immich-app/postgres | https://github.com/immich-app/base-images | https://github.com/immich-app/immich/blob/main/docker/docker-compose.yml |
|
|
|
|
## Standing notes
|
|
|
|
- **DB image is pinned BY immich-server, not bumped independently.** abra cannot survey/upgrade this
|
|
recipe (`FATA … Docker references with both a tag and digest are currently not supported`) because
|
|
`database` is pinned `image:tag@sha256:…`. Use the box-item-4 direct check: the authoritative source
|
|
for the DB tag is **immich's own `docker/docker-compose.yml` at the immich-server release tag**
|
|
(`https://raw.githubusercontent.com/immich-app/immich/<vX.Y.Z>/docker/docker-compose.yml`). Pin the
|
|
recipe's `database` image to EXACTLY what that compose pins for the matching immich-server version —
|
|
do NOT take the newest `ghcr.io/immich-app/postgres` tag. Newer tags (pg-15/16/17/18,
|
|
vectorchord0.5.x, pgvectors0.3.0) exist but moving ahead of what immich-server ships forces a
|
|
**pg-major data migration** and an unsupported extension combo.
|
|
- **immich-server v2.7.5 (latest, 2026-04-13) pins** `ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23`
|
|
— verified against immich's v2.7.5 compose AND the live ghcr manifest (tag resolves to that exact
|
|
digest). PR #2 (`upgrade-1.7.0+v2.7.5`, now at head d561baa `1.8.0+v2.7.5`) bumps the database
|
|
image to `14-vectorchord0.4.3-pgvectors0.3.0@sha256:87c050465fb969a68c7ac23e375e21f4c95cfacd0edce5fa1bc31e63b7891891`
|
|
(same PG14 + VectorChord 0.4.3, newer pgvectors 0.2.0→0.3.0). Digest verified via
|
|
`docker buildx imagetools inspect` on cc-ci (2026-06-12).
|
|
- **Concurrent app+database restart needs `update_config: failure_action: continue` on the app service.**
|
|
When the recipe version label changes (bumping `coop-cloud.${STACK_NAME}.version`) AND the database
|
|
image changes in the same deploy, both services update simultaneously. The app container starts and
|
|
immediately tries TypeORM migrations against a still-restarting database → TypeORM connection fails →
|
|
app process crashes → task FAILED → Docker Swarm sets `UpdateStatus='paused'` (default
|
|
`failure_action: pause`). Fix: set `update_config: failure_action: continue` on the app service.
|
|
With `continue`, Docker Swarm records the update as `completed` and Docker's `restart_policy` retries
|
|
the app container; the database finishes restarting in ~15-20s and the app connects successfully.
|
|
This is also in the recipe as of PR #2.
|
|
- **VectorChord DB backup/restore needs the search_path sed.** A plain `pg_dump` of the
|
|
VectorChord/pgvecto.rs DB emits `SELECT pg_catalog.set_config('search_path', '', false);`. Importing
|
|
that as-is leaves the vector/vchord type + operator references unresolvable, so the first such
|
|
statement errors. immich's official restore (docs.immich.app/administration/backup-and-restore) pipes
|
|
the dump through:
|
|
`sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g"`
|
|
before `psql … --single-transaction --set ON_ERROR_STOP=on`. Omitting that sed (immich PR #1's
|
|
`pg_backup.sh`) is why the single-transaction import aborted wholesale and `ci_marker` was lost on
|
|
restore — fixed in the upgrade PR's `pg_backup.sh`.
|