apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: immich-db
  namespace: immich
  labels:
    app: immich-db
spec:
  replicas: 1
  serviceName: immich-db
  selector:
    matchLabels:
      app: immich-db
  template:
    metadata:
      labels:
        app: immich-db
    spec:
      securityContext:
        runAsUser: 999
        runAsGroup: 999
        fsGroup: 999
      containers:
        - name: postgres
          image: ghcr.io/immich-app/postgres:14-vectorchord0.3.0-pgvectors0.2.0
          env:
            - name: POSTGRES_DB
              valueFrom:
                secretKeyRef:
                  name: immich-credentials
                  key: DB_DATABASE_NAME
            - name: POSTGRES_USER
              valueFrom:
                secretKeyRef:
                  name: immich-credentials
                  key: DB_USERNAME
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: immich-credentials
                  key: DB_PASSWORD
            - name: POSTGRES_INITDB_ARGS
              value: --data-checksums
            - name: DB_STORAGE_TYPE
              value: HDD
            - name: PGDATA
              value: /var/lib/postgresql/data/pgdata
          ports:
            - containerPort: 5432
              name: postgres
              protocol: TCP
          livenessProbe:
            tcpSocket:
              port: 5432
            initialDelaySeconds: 30
            periodSeconds: 30
            failureThreshold: 5
          readinessProbe:
            tcpSocket:
              port: 5432
            initialDelaySeconds: 5
            periodSeconds: 10
          volumeMounts:
            - name: data
              mountPath: /var/lib/postgresql/data
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: immich-db