2019-05-20 20:36:31 +02:00
version : '3.5'
2018-02-04 17:34:07 +01:00
2022-11-04 12:20:26 +01:00
## FOR TEST AND DEVELOPMENT ONLY, DO NOT USE IN PRODUCTION ##
## Setup: https://docs.photoprism.app/developer-guide/setup/ ##
2018-02-04 17:34:07 +01:00
services :
2022-04-06 17:46:41 +02:00
## PhotoPrism Development Environment (MariaDB)
2018-02-28 08:47:50 +01:00
photoprism :
2018-09-17 12:11:19 +02:00
build : .
2018-11-08 10:56:11 +01:00
image : photoprism/photoprism:develop
2021-08-31 18:08:37 +02:00
depends_on :
- mariadb
2021-11-09 16:55:16 +01:00
- dummy-webdav
2020-08-25 14:57:45 +02:00
security_opt :
- seccomp:unconfined
- apparmor:unconfined
2018-02-04 17:34:07 +01:00
ports :
2022-10-11 22:44:11 +02:00
- "2342:2342" # Default HTTP port (host:container)
- "2443:2443" # Default TLS port (host:container)
- "2343:2343" # Acceptance Test HTTP port (host:container)
2022-01-06 11:31:37 +01:00
- "40000:40000" # Go Debugger (host:container)
2019-05-20 20:36:31 +02:00
shm_size : "2gb"
2022-01-06 11:31:37 +01:00
links :
2022-10-19 05:09:09 +02:00
- "traefik:localssl.dev"
2022-02-08 12:51:12 +01:00
- "traefik:app.localssl.dev"
- "traefik:keycloak.localssl.dev"
- "traefik:dummy-oidc.localssl.dev"
2022-11-22 22:14:34 +01:00
- "traefik:dummy-webdav.localssl.dev"
2022-01-06 11:31:37 +01:00
labels :
- "traefik.enable=true"
- "traefik.http.services.photoprism.loadbalancer.server.port=2342"
2022-12-23 00:00:44 +01:00
- "traefik.http.services.photoprism.loadbalancer.server.scheme=http"
2022-01-06 11:31:37 +01:00
- "traefik.http.routers.photoprism.entrypoints=websecure"
2022-10-19 05:09:09 +02:00
- "traefik.http.routers.photoprism.rule=Host(`localssl.dev`, `app.localssl.dev`)"
2022-02-08 12:51:12 +01:00
- "traefik.http.routers.photoprism.tls.domains[0].main=localssl.dev"
- "traefik.http.routers.photoprism.tls.domains[0].sans=*.localssl.dev"
2022-01-06 11:31:37 +01:00
- "traefik.http.routers.photoprism.tls=true"
2018-09-18 15:13:02 +02:00
environment :
2022-07-29 17:36:57 +02:00
## Run as a non-root user after initialization (supported: 0, 33, 50-99, 500-600, and 900-1200):
2022-10-24 12:36:13 +02:00
PHOTOPRISM_UID : ${UID:-1000} # user id, should match your host user id
PHOTOPRISM_GID : ${GID:-1000} # group id
2022-11-22 22:14:34 +01:00
## Access Management
PHOTOPRISM_ADMIN_USER : "admin" # superadmin username
PHOTOPRISM_ADMIN_PASSWORD : "photoprism" # initial superadmin password (minimum 8 characters)
2022-10-24 12:36:13 +02:00
PHOTOPRISM_AUTH_MODE : "password" # authentication mode (public, password)
2022-11-22 22:14:34 +01:00
PHOTOPRISM_REGISTER_URI : "https://keycloak.localssl.dev/admin/"
PHOTOPRISM_PASSWORD_RESET_URI : "https://keycloak.localssl.dev/realms/master/login-actions/reset-credentials"
## LDAP Authentication (pre-configured for local tests):
2022-11-24 19:52:36 +01:00
PHOTOPRISM_LDAP_URI : "ldap://dummy-ldap:389"
2022-11-22 22:14:34 +01:00
PHOTOPRISM_LDAP_INSECURE : "true"
2023-02-16 10:39:18 +01:00
PHOTOPRISM_LDAP_SYNC : "true"
2022-11-22 22:14:34 +01:00
PHOTOPRISM_LDAP_BIND : "simple"
PHOTOPRISM_LDAP_BIND_DN : "cn"
PHOTOPRISM_LDAP_BASE_DN : "dc=localssl,dc=dev"
2023-02-16 10:39:18 +01:00
PHOTOPRISM_LDAP_ROLE : ""
2023-02-14 20:28:47 +01:00
PHOTOPRISM_LDAP_ROLE_DN : "ou=photoprism-*,ou=groups,dc=localssl,dc=dev"
2023-02-20 13:01:49 +01:00
PHOTOPRISM_LDAP_WEBDAV_DN : "ou=photoprism-webdav,ou=groups,dc=localssl,dc=dev"
2022-11-22 22:14:34 +01:00
## OpenID Connect (pre-configured for local tests):
PHOTOPRISM_OIDC_URI : "https://keycloak.localssl.dev/auth/realms/master"
PHOTOPRISM_OIDC_INSECURE : "true"
PHOTOPRISM_OIDC_CLIENT : "photoprism-develop"
PHOTOPRISM_OIDC_SECRET : "9d8351a0-ca01-4556-9c37-85eb634869b9"
## Site Information
2022-10-24 12:36:13 +02:00
PHOTOPRISM_SITE_URL : "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)"
2022-02-23 14:24:50 +01:00
PHOTOPRISM_SITE_CAPTION : "AI-Powered Photos App"
PHOTOPRISM_SITE_DESCRIPTION : "Tags and finds pictures without getting in your way!"
2021-05-15 10:48:37 +02:00
PHOTOPRISM_SITE_AUTHOR : "@photoprism_app"
2018-09-18 16:34:08 +02:00
PHOTOPRISM_DEBUG : "true"
2019-12-30 12:38:11 +01:00
PHOTOPRISM_READONLY : "false"
PHOTOPRISM_EXPERIMENTAL : "true"
2022-08-28 17:03:48 +02:00
PHOTOPRISM_HTTP_MODE : "debug"
2020-04-28 22:49:02 +02:00
PHOTOPRISM_HTTP_HOST : "0.0.0.0"
PHOTOPRISM_HTTP_PORT : 2342
2022-10-24 12:36:13 +02:00
PHOTOPRISM_HTTP_COMPRESSION : "gzip" # improves transfer speed and bandwidth utilization (none or gzip)
2020-05-30 14:52:47 +02:00
PHOTOPRISM_DATABASE_DRIVER : "mysql"
2021-08-31 18:08:37 +02:00
PHOTOPRISM_DATABASE_SERVER : "mariadb:4001"
2020-12-15 19:47:05 +01:00
PHOTOPRISM_DATABASE_NAME : "photoprism"
PHOTOPRISM_DATABASE_USER : "root"
PHOTOPRISM_DATABASE_PASSWORD : "photoprism"
2020-05-31 02:09:52 +02:00
PHOTOPRISM_TEST_DRIVER : "sqlite"
2022-01-16 14:00:37 +01:00
# PHOTOPRISM_TEST_DSN_MYSQL8: "root:photoprism@tcp(mysql:4001)/photoprism?charset=utf8mb4,utf8&collation=utf8mb4_unicode_ci&parseTime=true"
2018-09-18 16:34:08 +02:00
PHOTOPRISM_ASSETS_PATH : "/go/src/github.com/photoprism/photoprism/assets"
2020-05-31 02:09:52 +02:00
PHOTOPRISM_STORAGE_PATH : "/go/src/github.com/photoprism/photoprism/storage"
2020-06-02 15:51:14 +02:00
PHOTOPRISM_ORIGINALS_PATH : "/go/src/github.com/photoprism/photoprism/storage/originals"
PHOTOPRISM_IMPORT_PATH : "/go/src/github.com/photoprism/photoprism/storage/import"
2022-07-29 17:36:57 +02:00
PHOTOPRISM_DISABLE_CHOWN : "false" # disables updating storage permissions via chmod and chown on startup
2022-04-06 17:46:41 +02:00
PHOTOPRISM_DISABLE_BACKUPS : "false" # disables backing up albums and photo metadata to YAML files
2022-02-08 12:51:12 +01:00
PHOTOPRISM_DISABLE_WEBDAV : "false" # disables built-in WebDAV server
2022-03-30 14:27:44 +02:00
PHOTOPRISM_DISABLE_SETTINGS : "false" # disables settings UI and API
2022-02-08 12:51:12 +01:00
PHOTOPRISM_DISABLE_PLACES : "false" # disables reverse geocoding and maps
2022-03-30 14:27:44 +02:00
PHOTOPRISM_DISABLE_EXIFTOOL : "false" # disables creating JSON metadata sidecar files with ExifTool
PHOTOPRISM_DISABLE_TENSORFLOW : "false" # disables all features depending on TensorFlow
2023-02-11 19:07:27 +01:00
PHOTOPRISM_DISABLE_RAW : "false" # disables indexing and conversion of RAW images
PHOTOPRISM_RAW_PRESETS : "false" # enables applying user presets when converting RAW images (reduces performance)
2022-07-22 09:59:08 +02:00
PHOTOPRISM_DETECT_NSFW : "false" # automatically flags photos as private that MAY be offensive (requires TensorFlow)
PHOTOPRISM_UPLOAD_NSFW : "false" # allows uploads that MAY be offensive (no effect without TensorFlow)
2022-02-08 12:51:12 +01:00
PHOTOPRISM_THUMB_FILTER : "lanczos" # resample filter, best to worst: blackman, lanczos, cubic, linear
PHOTOPRISM_THUMB_UNCACHED : "true" # enables on-demand thumbnail rendering (high memory and cpu usage)
PHOTOPRISM_THUMB_SIZE : 2048 # pre-rendered thumbnail size limit (default 2048, min 720, max 7680)
2021-09-29 09:01:57 +02:00
# PHOTOPRISM_THUMB_SIZE: 4096 # Retina 4K, DCI 4K (requires more storage); 7680 for 8K Ultra HD
2022-02-08 12:51:12 +01:00
PHOTOPRISM_THUMB_SIZE_UNCACHED : 7680 # on-demand rendering size limit (default 7680, min 720, max 7680)
PHOTOPRISM_JPEG_SIZE : 7680 # size limit for converted image files in pixels (720-30000)
2022-07-22 09:59:08 +02:00
PHOTOPRISM_JPEG_QUALITY : 85 # a higher value increases the quality and file size of JPEG images and thumbnails (25-100)
2022-02-08 12:51:12 +01:00
TF_CPP_MIN_LOG_LEVEL : 0 # show TensorFlow log messages for development
2022-10-20 17:44:56 +02:00
## Run/install on first startup (options: update https gpu tensorflow davfs clitools clean):
2022-10-20 16:19:28 +02:00
PHOTOPRISM_INIT : "https tensorflow"
2022-04-05 16:17:26 +02:00
## Hardware Video Transcoding (optional):
2022-09-16 14:14:49 +02:00
# PHOTOPRISM_FFMPEG_ENCODER: "nvidia" # FFmpeg encoder ("software", "intel", "nvidia", "apple", "raspberry", "vaapi") Intel: "intel" for Broadwell or later and "vaapi" for Haswell or earlier
# PHOTOPRISM_FFMPEG_ENCODER: "intel" # FFmpeg encoder ("software", "intel", "nvidia", "apple", "raspberry", "vaapi") Intel: "intel" for Broadwell or later and "vaapi" for Haswell or earlier`
2022-04-05 16:17:26 +02:00
# PHOTOPRISM_FFMPEG_BITRATE: "32" # FFmpeg encoding bitrate limit in Mbit/s (default: 50)
2022-09-16 14:14:49 +02:00
# LIBVA_DRIVER_NAME: "i965" # For Intel architectures Haswell and older which do not support QSV yet but use VAAPI instead
2022-02-25 16:45:15 +01:00
## Share hardware devices with FFmpeg and TensorFlow (optional):
2021-09-29 09:01:57 +02:00
# devices:
2022-09-16 14:14:49 +02:00
# - "/dev/dri:/dev/dri" # Intel QSV (Broadwell and later) or VAAPI (Haswell and earlier)
2022-05-17 04:23:27 +02:00
# - "/dev/nvidia0:/dev/nvidia0" # Nvidia CUDA
2022-02-25 16:33:46 +01:00
# - "/dev/nvidiactl:/dev/nvidiactl"
2022-03-23 13:27:25 +01:00
# - "/dev/nvidia-modeset:/dev/nvidia-modeset"
# - "/dev/nvidia-nvswitchctl:/dev/nvidia-nvswitchctl"
# - "/dev/nvidia-uvm:/dev/nvidia-uvm"
# - "/dev/nvidia-uvm-tools:/dev/nvidia-uvm-tools"
2022-07-29 17:39:56 +02:00
# - "/dev/video11:/dev/video11" # Video4Linux Video Encode Device (h264_v4l2m2m)
2021-09-29 09:01:57 +02:00
working_dir : "/go/src/github.com/photoprism/photoprism"
volumes :
- ".:/go/src/github.com/photoprism/photoprism"
- "go-mod:/go/pkg/mod"
2021-08-31 18:08:37 +02:00
2021-11-09 17:11:14 +01:00
## MariaDB Database Server
2022-03-30 13:47:49 +02:00
## Docs: https://mariadb.com/docs/reference/
2022-11-18 12:49:17 +01:00
## Release Notes: https://mariadb.com/kb/en/changes-improvements-in-mariadb-1010/
2021-08-31 18:08:37 +02:00
mariadb :
2022-11-18 12:49:17 +01:00
image : mariadb:10.10
2022-07-23 21:43:08 +02:00
security_opt : # see https://github.com/MariaDB/mariadb-docker/issues/434#issuecomment-1136151239
- seccomp:unconfined
- apparmor:unconfined
2022-06-16 01:27:14 +02:00
command : mysqld --port=4001 --innodb-strict-mode=1 --innodb-buffer-pool-size=256M --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120
2019-05-20 16:39:41 +02:00
expose :
- "4001"
2019-04-26 04:12:55 +02:00
ports :
2022-02-08 12:51:12 +01:00
- "4001:4001" # database port (host:container)
2020-05-08 19:34:29 +02:00
volumes :
2022-01-06 11:31:37 +01:00
- "./scripts/sql/mariadb-init.sql:/docker-entrypoint-initdb.d/init.sql"
2018-02-04 17:34:07 +01:00
environment :
2022-03-30 13:47:49 +02:00
MARIADB_AUTO_UPGRADE : "1"
MARIADB_INITDB_SKIP_TZINFO : "1"
MARIADB_DATABASE : "photoprism"
MARIADB_USER : "photoprism"
MARIADB_PASSWORD : "photoprism"
MARIADB_ROOT_PASSWORD : "photoprism"
2020-03-27 11:01:41 +01:00
2022-07-11 13:44:27 +02:00
## HTTPS Reverse Proxy (recommended) ##
## includes "*.localssl.dev" SSL certificate for test environments
2022-04-06 17:46:41 +02:00
## Docs: https://doc.traefik.io/traefik/
traefik :
2022-07-11 13:44:27 +02:00
image : photoprism/traefik:latest
2022-04-06 17:46:41 +02:00
ports :
2022-07-11 13:44:27 +02:00
- "80:80" # HTTP (redirects to HTTPS)
2022-04-06 17:46:41 +02:00
- "443:443" # HTTPS (required)
labels :
- "traefik.enable=true"
volumes :
- "/var/run/docker.sock:/var/run/docker.sock" # enables Traefik to watch services
2022-01-06 11:31:37 +01:00
## Keycloak OpenID Connect Provider
2022-04-06 17:46:41 +02:00
## Login: user / photoprism
## Admin: admin / photoprism
2022-01-06 11:31:37 +01:00
keycloak :
2022-11-24 19:52:36 +01:00
image : quay.io/keycloak/keycloak:20.0
2022-03-30 14:27:44 +02:00
command : "start-dev" # development mode, do not use this in production!
2022-11-22 22:14:34 +01:00
container_name : keycloak
2022-01-06 11:31:37 +01:00
links :
2022-10-19 05:09:09 +02:00
- "traefik:localssl.dev"
2022-02-08 12:51:12 +01:00
- "traefik:app.localssl.dev"
2022-01-06 11:31:37 +01:00
labels :
- "traefik.enable=true"
- "traefik.http.services.keycloak.loadbalancer.server.port=8080"
- "traefik.http.routers.keycloak.entrypoints=websecure"
2022-02-08 12:51:12 +01:00
- "traefik.http.routers.keycloak.rule=Host(`keycloak.localssl.dev`)"
- "traefik.http.routers.keycloak.tls.domains[0].main=localssl.dev"
- "traefik.http.routers.keycloak.tls.domains[0].sans=*.localssl.dev"
2022-01-06 11:31:37 +01:00
- "traefik.http.routers.keycloak.tls=true"
2022-02-13 19:32:22 +01:00
environment : # see https://www.keycloak.org/server/all-config
KEYCLOAK_ADMIN : "admin"
KEYCLOAK_ADMIN_PASSWORD : "photoprism"
KC_METRICS_ENABLED : "false"
KC_HOSTNAME : "keycloak.localssl.dev"
KC_HOSTNAME_STRICT : "false"
KC_PROXY : "edge"
KC_DB : "mariadb"
KC_DB_URL : "jdbc:mariadb://mariadb:4001/keycloak"
KC_DB_USERNAME : "keycloak"
KC_DB_PASSWORD : "keycloak"
2022-01-06 11:31:37 +01:00
2022-11-24 19:52:36 +01:00
## Dummy LDAP Directory Server
2022-11-25 10:02:28 +01:00
## Docs: https://glauth.github.io/docs/
2022-11-22 22:14:34 +01:00
dummy-ldap :
2022-11-24 19:52:36 +01:00
image : glauth/glauth-plugins:latest
2022-11-22 22:14:34 +01:00
container_name : dummy-ldap
2022-11-24 19:52:36 +01:00
ports :
- "127.0.0.1:389:389"
labels :
- "traefik.enable=true"
- "traefik.http.services.ldap.loadbalancer.server.port=5555"
- "traefik.http.routers.dummy-ldap.entrypoints=websecure"
- "traefik.http.routers.dummy-ldap.rule=Host(`dummy-ldap.localssl.dev`)"
- "traefik.http.routers.dummy-ldap.tls.domains[0].main=localssl.dev"
- "traefik.http.routers.dummy-ldap.tls.domains[0].sans=*.localssl.dev"
- "traefik.http.routers.dummy-ldap.tls=true"
volumes :
- "./.ldap.cfg:/app/config/config.cfg"
2022-11-22 22:14:34 +01:00
2022-04-06 17:46:41 +02:00
## Dummy OpenID Connect Provider
dummy-oidc :
image : photoprism/dummy-oidc:220405
2022-11-22 22:14:34 +01:00
container_name : dummy-oidc
2022-04-06 17:46:41 +02:00
labels :
- "traefik.enable=true"
- "traefik.http.services.dummy-oidc.loadbalancer.server.port=9998"
- "traefik.http.routers.dummy-oidc.entrypoints=websecure"
- "traefik.http.routers.dummy-oidc.rule=Host(`dummy-oidc.localssl.dev`)"
- "traefik.http.routers.dummy-oidc.tls.domains[0].main=localssl.dev"
- "traefik.http.routers.dummy-oidc.tls.domains[0].sans=*.localssl.dev"
- "traefik.http.routers.dummy-oidc.tls=true"
2021-11-09 16:55:16 +01:00
## Dummy WebDAV Server
dummy-webdav :
2022-04-05 15:34:02 +02:00
image : photoprism/dummy-webdav:220405
2022-11-22 22:14:34 +01:00
container_name : dummy-webdav
2021-11-09 16:55:16 +01:00
environment :
WEBDAV_USERNAME : admin
WEBDAV_PASSWORD : photoprism
2022-01-06 11:31:37 +01:00
labels :
- "traefik.enable=true"
- "traefik.http.services.dummy-webdav.loadbalancer.server.port=80"
- "traefik.http.routers.dummy-webdav.entrypoints=websecure"
2022-02-08 12:51:12 +01:00
- "traefik.http.routers.dummy-webdav.rule=Host(`dummy-webdav.localssl.dev`)"
- "traefik.http.routers.dummy-webdav.tls.domains[0].main=localssl.dev"
- "traefik.http.routers.dummy-webdav.tls.domains[0].sans=*.localssl.dev"
2022-01-06 11:31:37 +01:00
- "traefik.http.routers.dummy-webdav.tls=true"
## Create named volume for Go module cache
2020-05-19 12:09:48 +02:00
volumes :
go-mod :
driver : local
2021-09-23 23:46:17 +02:00
2022-01-06 11:31:37 +01:00
## Create shared "photoprism-develop" network for connecting with services in other docker-compose.yml files
2021-09-23 23:46:17 +02:00
networks :
default :
2022-01-06 11:31:37 +01:00
name : photoprism-develop
2021-09-23 23:46:17 +02:00
driver : bridge