add immich 2

update_immich.yml

@@ -43,9 +43,9 @@
       -f {{ immich_compose_file }}
       -f {{ immich_override_file }}
 
-    # Commands to run on the target VM (quiet outputs)
+    # Commands to run on the target VM
     immich_commands:
-      - "cd {{ immich_dir }} && test -f .env"
+      - "cd {{ immich_dir }}"
 
       - |
         cd {{ immich_dir }}
@@ -53,6 +53,12 @@
         if [ -f docker-compose.yml ]; then
           cp -a docker-compose.yml "backups/docker-compose.yml.$(date +%F_%H%M%S).bak"
         fi
+        if [ -f .env ]; then
+          cp -a .env "backups/.env.$(date +%F_%H%M%S).bak"
+        fi
+        if [ -f docker-compose.override.yml ]; then
+          cp -a docker-compose.override.yml "backups/docker-compose.override.yml.$(date +%F_%H%M%S).bak"
+        fi
 
       - |
         cd {{ immich_dir }}
@@ -70,14 +76,15 @@
         cd {{ immich_dir }}
         # Create override file if missing (keep local mounts here so upstream compose can be replaced safely)
         python3 - <<'PY'
-        # Write docker-compose.override.yml only if it doesn't exist
+        # Create docker-compose.override.yml only if missing
         from pathlib import Path
+        import textwrap
 
         p = Path("docker-compose.override.yml")
         if p.exists():
             raise SystemExit(0)
 
-        content = """\
+        content = textwrap.dedent("""\
         # Local overrides for Immich (kept separate from upstream docker-compose.yml).
         # If you want read-only mounts, append ':ro' to the right side.
         services:
@@ -85,14 +92,109 @@
             volumes:
               - /mnt/nextcloud-howard-photos:/mnt/nextcloud-howard-photos
               - /mnt/nextcloud-kamilkaprdelka-photos:/mnt/nextcloud-kamilkaprdelka-photos
-        """
+        """)
         p.write_text(content, encoding="utf-8")
         PY
 
+      - |
+        cd {{ immich_dir }}
+        # Ensure .env exists. If missing, try to reconstruct it from running containers to avoid breaking DB creds.
+        python3 - <<'PY'
+        import json
+        import subprocess
+        from pathlib import Path
+
+        env_path = Path(".env")
+        if env_path.exists():
+            raise SystemExit(0)
+
+        def run(cmd):
+            p = subprocess.run(cmd, capture_output=True, text=True)
+            return p.returncode, p.stdout, p.stderr
+
+        rc, out, err = run(["bash", "-lc", "command docker inspect immich_postgres immich_server"])
+        if rc != 0 or not out.strip():
+            print("ERROR: .env is missing and cannot inspect running containers (immich_postgres/immich_server).", flush=True)
+            print("Create /opt/immich/.env manually or ensure the containers exist.", flush=True)
+            raise SystemExit(1)
+
+        data = json.loads(out)
+
+        by_name = {}
+        for c in data:
+            name = (c.get("Name") or "").lstrip("/")
+            by_name[name] = c
+
+        pg = by_name.get("immich_postgres")
+        srv = by_name.get("immich_server")
+        if not pg or not srv:
+            print("ERROR: Could not find immich_postgres and immich_server in docker inspect output.", flush=True)
+            raise SystemExit(1)
+
+        def env_map(container):
+            m = {}
+            for kv in (container.get("Config", {}).get("Env") or []):
+                if "=" in kv:
+                    k, v = kv.split("=", 1)
+                    m[k] = v
+            return m
+
+        def find_mount_source(container, dest):
+            for m in (container.get("Mounts") or []):
+                if m.get("Destination") == dest:
+                    return m.get("Source")
+            return ""
+
+        pg_env = env_map(pg)
+        db_user = pg_env.get("POSTGRES_USER", "")
+        db_pass = pg_env.get("POSTGRES_PASSWORD", "")
+        db_name = pg_env.get("POSTGRES_DB", "")
+
+        db_data = find_mount_source(pg, "/var/lib/postgresql/data")
+        upload_loc = find_mount_source(srv, "/usr/src/app/upload")
+
+        # Try to preserve the currently used image tag as IMMICH_VERSION (optional but safer)
+        immich_version = ""
+        image = (srv.get("Config", {}).get("Image") or "")
+        if ":" in image and "@" not in image:
+            immich_version = image.rsplit(":", 1)[-1]
+        elif ":" in image and "@" in image:
+            # image like repo:tag@sha256:...
+            immich_version = image.split("@", 1)[0].rsplit(":", 1)[-1]
+
+        missing = []
+        for k, v in [
+            ("DB_USERNAME", db_user),
+            ("DB_PASSWORD", db_pass),
+            ("DB_DATABASE_NAME", db_name),
+            ("DB_DATA_LOCATION", db_data),
+            ("UPLOAD_LOCATION", upload_loc),
+        ]:
+            if not v:
+                missing.append(k)
+
+        if missing:
+            print("ERROR: Could not reconstruct these .env values from containers: " + ", ".join(missing), flush=True)
+            raise SystemExit(1)
+
+        lines = [
+            f"UPLOAD_LOCATION={upload_loc}",
+            f"DB_DATA_LOCATION={db_data}",
+            f"DB_USERNAME={db_user}",
+            f"DB_PASSWORD={db_pass}",
+            f"DB_DATABASE_NAME={db_name}",
+        ]
+        if immich_version:
+            lines.append(f"IMMICH_VERSION={immich_version}")
+
+        env_path.write_text("\n".join(lines) + "\n", encoding="utf-8")
+        print("Created .env from running containers.", flush=True)
+        PY
+
       - |
         cd {{ immich_dir }}
         # Docker Engine <25 may not support healthcheck.start_interval; comment it out if present
-        server_major="$({{ docker_prefix }} version --format '{{ "{{.Server.Version}}" }}' 2>/dev/null | cut -d. -f1 || echo 0)"
+        server_major="$({{ docker_prefix }} version --format '{% raw %}{{.Server.Version}}{% endraw %}' 2>/dev/null | cut -d. -f1 || echo 0)"
         if [ "${server_major:-0}" -lt 25 ]; then
           sed -i -E 's/^([[:space:]]*)start_interval:/\1# start_interval:/' docker-compose.yml || true
         fi
@@ -131,6 +233,7 @@
       register: immich_cmds
       changed_when: false
       no_log: "{{ DEBUG == 0 }}"
+      run_once: true
 
     - name: Show outputs for each Immich command
       ansible.builtin.debug:
@@ -143,6 +246,7 @@
           {{ (item.stderr | default('')).strip() }}
       loop: "{{ immich_cmds.results }}"
       when: DEBUG == 1
+      run_once: true
 
     - name: Fail play if any Immich command failed
       ansible.builtin.assert:
@@ -153,6 +257,7 @@
       loop_control:
         index_var: idx
         label: "cmd-{{ idx }}"
+      run_once: true
 
     # -------------------------
     # Readiness checks (controller first, then VM fallback)
@@ -208,6 +313,7 @@
       delay: "{{ immich_delay }}"
       until: (immich_vm.stdout | default('') | trim | length) > 0 and ('pong' in (immich_vm.stdout | default('')))
       no_log: "{{ DEBUG == 0 }}"
+      run_once: true
 
     - name: Immich | Print concise summary
       ansible.builtin.debug:
@@ -215,3 +321,4 @@
           Immich API ping {{ 'OK' if (('pong' in (immich_controller.content|default(''))) or ('pong' in (immich_vm.stdout|default('')))) else 'NOT OK' }}.
           Source={{ 'controller' if (immich_controller.status|default(0))==200 else 'vm' if (immich_vm.stdout|default('')|trim|length>0) else 'n/a' }}.
       when: DEBUG == 1
+      run_once: true