Kubernetes: added multiple microservices

- added minio object storage
- added immich photo viewer
- added cloudnative-pg postgres operator for db management
- added cronjobs to run different maintenance tasks
- updated readme

kubernetes/cloud-native-pg/backup-recovery.yaml

@@ -0,0 +1,33 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: cluster-restore
+spec:
+  instances: 1
+  imageName: ghcr.io/tensorchord/cloudnative-pgvecto.rs:16.5-v0.3.0
+
+  # superuserSecret:
+  #   name: superuser-secret
+
+  bootstrap:
+    recovery:
+      source: pg-backup  # Name of the cluster to restore from
+
+  externalClusters:
+    - name: pg-backup  # Name of the cluster to restore from
+      barmanObjectStore:
+        destinationPath: s3://immich/
+        endpointURL: ${MINIO_ENDPOINT_URL}
+        s3Credentials:
+          accessKeyId:
+            name: minio-creds
+            key: ACCESS_KEY_ID
+          secretAccessKey:
+            name: minio-creds
+            key: ACCESS_SECRET_KEY
+        wal:
+          maxParallel: 4
+
+  storage:
+    storageClass: longhorn-2x
+    size: 5Gi

kubernetes/cloud-native-pg/backup.yaml

@@ -0,0 +1,10 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: ScheduledBackup
+metadata:
+  name: immich-db-backup
+spec:
+  immediate: true
+  schedule: "0 0 0 * * *"  # At midnight every day
+  backupOwnerReference: self
+  cluster:
+    name: pg-backup

kubernetes/cloud-native-pg/cloudnative-pg.yaml

@@ -0,0 +1,48 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: pg-backup
+spec:
+  instances: 1
+  imageName: ghcr.io/tensorchord/cloudnative-pgvecto.rs:16.5-v0.3.0
+
+  postgresql:
+    shared_preload_libraries:
+      - "vectors.so"
+
+  managed:
+    roles:
+      - name: immich
+        superuser: true
+        login: true
+
+
+  # Example of rolling update strategy:
+  # - unsupervised: automated update of the primary once all
+  #                 replicas have been upgraded (default)
+  # - supervised: requires manual supervision to perform
+  #               the switchover of the primary
+  primaryUpdateStrategy: unsupervised
+
+  # Persistent storage configuration
+  storage:
+    storageClass: longhorn-2x
+    size: 5Gi
+
+  # Backup properties for MinIO
+  backup:
+    barmanObjectStore:
+      destinationPath: s3://immich
+      endpointURL: ${MINIO_ENDPOINT_URL}
+      s3Credentials:
+        accessKeyId:
+          name: minio-creds
+          key: ACCESS_KEY_ID
+        secretAccessKey:
+          name: minio-creds
+          key: ACCESS_SECRET_KEY
+      wal:
+        compression: gzip
+      data:
+        compression: gzip
+    retentionPolicy: "15d"

kubernetes/cloud-native-pg/secrets.yaml

@@ -0,0 +1,10 @@
+---
+# Secret for MinIO credentials
+apiVersion: v1
+kind: Secret
+metadata:
+  name: minio-creds
+type: Opaque
+stringData:
+  ACCESS_KEY_ID: ${MINIO_ACCESS_KEY_ID}
+  ACCESS_SECRET_KEY: ${MINIO_ACCESS_SECRET_KEY}