From 8e43186454c6c25cb5b2d7da2c8b090bba9fcc16 Mon Sep 17 00:00:00 2001 From: Michael Mayer Date: Wed, 28 Jun 2023 16:50:04 +0200 Subject: [PATCH] Config: Generate default HTTPS/TLS certificate on first startup #3509 Signed-off-by: Michael Mayer --- docker-compose.ci.yml | 2 +- docker-compose.postgres.yml | 2 +- docker-compose.yml | 2 +- docker/photoprism/armv7/Dockerfile | 5 ++- docker/photoprism/bookworm/Dockerfile | 5 ++- docker/photoprism/bullseye/Dockerfile | 5 ++- docker/photoprism/buster/Dockerfile | 5 ++- docker/photoprism/impish/Dockerfile | 5 ++- docker/photoprism/jammy/Dockerfile | 5 ++- docker/photoprism/lunar/Dockerfile | 5 ++- frontend/package-lock.json | 50 +++++++++++----------- frontend/tests/unit/config.js | 4 +- frontend/tests/unit/model/link_test.js | 4 +- internal/config/config.go | 4 +- internal/config/config_test.go | 12 +++--- internal/config/config_tls.go | 40 ++++++++++++----- internal/config/config_tls_test.go | 4 +- internal/config/flags.go | 2 +- scripts/dist/install-https.sh | 44 ++++++++----------- scripts/dist/openssl/ca.conf | 6 +-- scripts/dist/openssl/csr.conf | 17 ++++++++ scripts/dist/openssl/{me.conf => ext.conf} | 7 +-- scripts/dist/openssl/local-csr.conf | 25 ----------- scripts/dist/openssl/local.conf | 8 ---- scripts/dist/openssl/me-csr.conf | 25 ----------- setup/docker/arm64/docker-compose.yml | 2 +- setup/docker/armv7/docker-compose.yml | 2 +- setup/docker/docker-compose.yml | 2 +- setup/docker/macos/docker-compose.yml | 2 +- setup/docker/nvidia/docker-compose.yml | 2 +- setup/docker/scheduler/docker-compose.yml | 2 +- setup/docker/sqlite/docker-compose.yml | 2 +- setup/docker/windows/docker-compose.yml | 2 +- setup/podman/docker-compose.yml | 2 +- 34 files changed, 141 insertions(+), 170 deletions(-) create mode 100644 scripts/dist/openssl/csr.conf rename scripts/dist/openssl/{me.conf => ext.conf} (55%) delete mode 100644 scripts/dist/openssl/local-csr.conf delete mode 100644 scripts/dist/openssl/local.conf delete mode 100644 scripts/dist/openssl/me-csr.conf diff --git a/docker-compose.ci.yml b/docker-compose.ci.yml index 3704a1c0d..9606cd1e3 100644 --- a/docker-compose.ci.yml +++ b/docker-compose.ci.yml @@ -22,7 +22,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "photoprism" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "public" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" PHOTOPRISM_SITE_CAPTION: "AI-Powered Photos App" PHOTOPRISM_SITE_DESCRIPTION: "Open-Source Photo Management" PHOTOPRISM_SITE_AUTHOR: "@photoprism_app" diff --git a/docker-compose.postgres.yml b/docker-compose.postgres.yml index 1072b1885..645056d56 100644 --- a/docker-compose.postgres.yml +++ b/docker-compose.postgres.yml @@ -30,7 +30,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "photoprism" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" PHOTOPRISM_SITE_CAPTION: "AI-Powered Photos App" PHOTOPRISM_SITE_DESCRIPTION: "Open-Source Photo Management" PHOTOPRISM_SITE_AUTHOR: "@photoprism_app" diff --git a/docker-compose.yml b/docker-compose.yml index 896ddb00b..f34f8971c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -62,7 +62,7 @@ services: PHOTOPRISM_OIDC_CLIENT: "photoprism-develop" PHOTOPRISM_OIDC_SECRET: "9d8351a0-ca01-4556-9c37-85eb634869b9" ## Site Information - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_SITE_CAPTION: "AI-Powered Photos App" PHOTOPRISM_SITE_DESCRIPTION: "Tags and finds pictures without getting in your way!" PHOTOPRISM_SITE_AUTHOR: "@photoprism_app" diff --git a/docker/photoprism/armv7/Dockerfile b/docker/photoprism/armv7/Dockerfile index 7f03fef26..3f164b284 100644 --- a/docker/photoprism/armv7/Dockerfile +++ b/docker/photoprism/armv7/Dockerfile @@ -59,7 +59,7 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_UPLOAD_NSFW="true" \ PHOTOPRISM_DETECT_NSFW="false" \ PHOTOPRISM_EXPERIMENTAL="false" \ - PHOTOPRISM_SITE_URL="http://photoprism.me:2342/" \ + PHOTOPRISM_SITE_URL="http://localhost:2342/" \ PHOTOPRISM_SITE_CAPTION="AI-Powered Photos App" \ PHOTOPRISM_SITE_DESCRIPTION="" \ PHOTOPRISM_SITE_AUTHOR="" \ @@ -89,7 +89,8 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_WORKERS=0 \ PHOTOPRISM_WAKEUP_INTERVAL=900 \ PHOTOPRISM_AUTO_INDEX=300 \ - PHOTOPRISM_AUTO_IMPORT=300 + PHOTOPRISM_AUTO_IMPORT=300 \ + PHOTOPRISM_INIT="https" # Copy dist files, scripts, and debian backports sources list. COPY --from=build --chown=root:root --chmod=755 /opt/photoprism/ /opt/photoprism diff --git a/docker/photoprism/bookworm/Dockerfile b/docker/photoprism/bookworm/Dockerfile index cd17954b1..9d65a053e 100644 --- a/docker/photoprism/bookworm/Dockerfile +++ b/docker/photoprism/bookworm/Dockerfile @@ -56,7 +56,7 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_UPLOAD_NSFW="true" \ PHOTOPRISM_DETECT_NSFW="false" \ PHOTOPRISM_EXPERIMENTAL="false" \ - PHOTOPRISM_SITE_URL="http://photoprism.me:2342/" \ + PHOTOPRISM_SITE_URL="http://localhost:2342/" \ PHOTOPRISM_SITE_CAPTION="AI-Powered Photos App" \ PHOTOPRISM_SITE_DESCRIPTION="" \ PHOTOPRISM_SITE_AUTHOR="" \ @@ -86,7 +86,8 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_WORKERS=0 \ PHOTOPRISM_WAKEUP_INTERVAL=900 \ PHOTOPRISM_AUTO_INDEX=300 \ - PHOTOPRISM_AUTO_IMPORT=300 + PHOTOPRISM_AUTO_IMPORT=300 \ + PHOTOPRISM_INIT="https" # Copy scripts. COPY --chown=root:root --chmod=755 /scripts/dist/ /scripts/ diff --git a/docker/photoprism/bullseye/Dockerfile b/docker/photoprism/bullseye/Dockerfile index 08d3b82d4..9c81840c1 100644 --- a/docker/photoprism/bullseye/Dockerfile +++ b/docker/photoprism/bullseye/Dockerfile @@ -56,7 +56,7 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_UPLOAD_NSFW="true" \ PHOTOPRISM_DETECT_NSFW="false" \ PHOTOPRISM_EXPERIMENTAL="false" \ - PHOTOPRISM_SITE_URL="http://photoprism.me:2342/" \ + PHOTOPRISM_SITE_URL="http://localhost:2342/" \ PHOTOPRISM_SITE_CAPTION="AI-Powered Photos App" \ PHOTOPRISM_SITE_DESCRIPTION="" \ PHOTOPRISM_SITE_AUTHOR="" \ @@ -86,7 +86,8 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_WORKERS=0 \ PHOTOPRISM_WAKEUP_INTERVAL=900 \ PHOTOPRISM_AUTO_INDEX=300 \ - PHOTOPRISM_AUTO_IMPORT=300 + PHOTOPRISM_AUTO_IMPORT=300 \ + PHOTOPRISM_INIT="https" # Copy scripts. COPY --chown=root:root --chmod=755 /scripts/dist/ /scripts/ diff --git a/docker/photoprism/buster/Dockerfile b/docker/photoprism/buster/Dockerfile index 4743fd554..3d7166d8c 100644 --- a/docker/photoprism/buster/Dockerfile +++ b/docker/photoprism/buster/Dockerfile @@ -59,7 +59,7 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_UPLOAD_NSFW="true" \ PHOTOPRISM_DETECT_NSFW="false" \ PHOTOPRISM_EXPERIMENTAL="false" \ - PHOTOPRISM_SITE_URL="http://photoprism.me:2342/" \ + PHOTOPRISM_SITE_URL="http://localhost:2342/" \ PHOTOPRISM_SITE_CAPTION="AI-Powered Photos App" \ PHOTOPRISM_SITE_DESCRIPTION="" \ PHOTOPRISM_SITE_AUTHOR="" \ @@ -89,7 +89,8 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_WORKERS=0 \ PHOTOPRISM_WAKEUP_INTERVAL=900 \ PHOTOPRISM_AUTO_INDEX=300 \ - PHOTOPRISM_AUTO_IMPORT=300 + PHOTOPRISM_AUTO_IMPORT=300 \ + PHOTOPRISM_INIT="https" # Copy dist files, scripts, and debian backports sources list. COPY --from=build --chown=root:root --chmod=755 /opt/photoprism/ /opt/photoprism diff --git a/docker/photoprism/impish/Dockerfile b/docker/photoprism/impish/Dockerfile index 08ec5580d..a0dff0fb5 100644 --- a/docker/photoprism/impish/Dockerfile +++ b/docker/photoprism/impish/Dockerfile @@ -59,7 +59,7 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_UPLOAD_NSFW="true" \ PHOTOPRISM_DETECT_NSFW="false" \ PHOTOPRISM_EXPERIMENTAL="false" \ - PHOTOPRISM_SITE_URL="http://photoprism.me:2342/" \ + PHOTOPRISM_SITE_URL="http://localhost:2342/" \ PHOTOPRISM_SITE_CAPTION="AI-Powered Photos App" \ PHOTOPRISM_SITE_DESCRIPTION="" \ PHOTOPRISM_SITE_AUTHOR="" \ @@ -89,7 +89,8 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_WORKERS=0 \ PHOTOPRISM_WAKEUP_INTERVAL=900 \ PHOTOPRISM_AUTO_INDEX=300 \ - PHOTOPRISM_AUTO_IMPORT=300 + PHOTOPRISM_AUTO_IMPORT=300 \ + PHOTOPRISM_INIT="https" # Copy dist files and scripts. COPY --from=build --chown=root:root --chmod=755 /opt/photoprism/ /opt/photoprism diff --git a/docker/photoprism/jammy/Dockerfile b/docker/photoprism/jammy/Dockerfile index 27f277873..9b425666b 100644 --- a/docker/photoprism/jammy/Dockerfile +++ b/docker/photoprism/jammy/Dockerfile @@ -57,7 +57,7 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_UPLOAD_NSFW="true" \ PHOTOPRISM_DETECT_NSFW="false" \ PHOTOPRISM_EXPERIMENTAL="false" \ - PHOTOPRISM_SITE_URL="http://photoprism.me:2342/" \ + PHOTOPRISM_SITE_URL="http://localhost:2342/" \ PHOTOPRISM_SITE_CAPTION="AI-Powered Photos App" \ PHOTOPRISM_SITE_DESCRIPTION="" \ PHOTOPRISM_SITE_AUTHOR="" \ @@ -87,7 +87,8 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_WORKERS=0 \ PHOTOPRISM_WAKEUP_INTERVAL=900 \ PHOTOPRISM_AUTO_INDEX=300 \ - PHOTOPRISM_AUTO_IMPORT=300 + PHOTOPRISM_AUTO_IMPORT=300 \ + PHOTOPRISM_INIT="https" # Copy scripts. COPY --chown=root:root --chmod=755 /scripts/dist/ /scripts/ diff --git a/docker/photoprism/lunar/Dockerfile b/docker/photoprism/lunar/Dockerfile index cde97063c..fc0445fce 100644 --- a/docker/photoprism/lunar/Dockerfile +++ b/docker/photoprism/lunar/Dockerfile @@ -57,7 +57,7 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_UPLOAD_NSFW="true" \ PHOTOPRISM_DETECT_NSFW="false" \ PHOTOPRISM_EXPERIMENTAL="false" \ - PHOTOPRISM_SITE_URL="http://photoprism.me:2342/" \ + PHOTOPRISM_SITE_URL="http://localhost:2342/" \ PHOTOPRISM_SITE_CAPTION="AI-Powered Photos App" \ PHOTOPRISM_SITE_DESCRIPTION="" \ PHOTOPRISM_SITE_AUTHOR="" \ @@ -87,7 +87,8 @@ ENV PHOTOPRISM_ARCH=$TARGETARCH \ PHOTOPRISM_WORKERS=0 \ PHOTOPRISM_WAKEUP_INTERVAL=900 \ PHOTOPRISM_AUTO_INDEX=300 \ - PHOTOPRISM_AUTO_IMPORT=300 + PHOTOPRISM_AUTO_IMPORT=300 \ + PHOTOPRISM_INIT="https" # Copy scripts. COPY --chown=root:root --chmod=755 /scripts/dist/ /scripts/ diff --git a/frontend/package-lock.json b/frontend/package-lock.json index a76a31479..c1191067b 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -109,6 +109,14 @@ "yarn": "please use npm" } }, + "node_modules/@aashutoshrathi/word-wrap": { + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", + "integrity": "sha512-1Yjs2SvM8TflER/OD3cOjhWWOZb58A2t7wpE2S9XfBYTiIl+XFhQG2bjy4Pu1I+EAlCNUzRDYDdFwFYUKvXcIA==", + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/@ampproject/remapping": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.2.1.tgz", @@ -3763,9 +3771,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001508", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001508.tgz", - "integrity": "sha512-sdQZOJdmt3GJs1UMNpCCCyeuS2IEGLXnHyAo9yIO5JJDjbjoVRij4M1qep6P6gFpptD1PqIYgzM+gwJbOi92mw==", + "version": "1.0.30001509", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001509.tgz", + "integrity": "sha512-2uDDk+TRiTX5hMcUYT/7CSyzMZxjfGu0vAUjS2g0LSD8UoXOv0LtpH4LxGMemsiPq6LCVIUjNwVM0erkOkGCDA==", "funding": [ { "type": "opencollective", @@ -4943,9 +4951,9 @@ } }, "node_modules/electron-to-chromium": { - "version": "1.4.441", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.441.tgz", - "integrity": "sha512-LlCgQ8zgYZPymf5H4aE9itwiIWH4YlCiv1HFLmmcBeFYi5E+3eaIFnjHzYtcFQbaKfAW+CqZ9pgxo33DZuoqPg==" + "version": "1.4.442", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.442.tgz", + "integrity": "sha512-RkrZF//Ya+0aJq2NM3OdisNh5ZodZq1rdXOS96G8DdDgpDKqKE81yTbbQ3F/4CKm1JBPsGu1Lp/akkna2xO06Q==" }, "node_modules/emoji-regex": { "version": "8.0.0", @@ -7164,9 +7172,9 @@ } }, "node_modules/hls.js": { - "version": "1.4.6", - "resolved": "https://registry.npmjs.org/hls.js/-/hls.js-1.4.6.tgz", - "integrity": "sha512-lGv9QfjfjfuGQfLa/28vDFlYWb9Myq5QuvM9qWp5DyElp8jTGMNodTdeAjOLzaA/fN4XHeG+HhTkRGzntwuDZw==" + "version": "1.4.7", + "resolved": "https://registry.npmjs.org/hls.js/-/hls.js-1.4.7.tgz", + "integrity": "sha512-dvwJXLlYES6wb7DR42uuTrio5sUTsIoWbuNeQS4xHMqfVBZ0KAlJlBmjFAo4s20/0XRhsMjWf5bx0kq5Lgvv1w==" }, "node_modules/html-entities": { "version": "2.4.0", @@ -9259,16 +9267,16 @@ } }, "node_modules/optionator": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.1.tgz", - "integrity": "sha512-74RlY5FCnhq4jRxVUPKDaRwrVNXMqsGsiW6AJw4XK8hmtm10wC0ypZBLw5IIp85NZMr91+qd1RvvENwg7jjRFw==", + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", + "integrity": "sha512-JjCoypp+jKn1ttEFExxhetCKeJt9zhAgAve5FXHixTvFDW/5aEktX9bufBKLRRMdU7bNtpLfcGu94B3cdEJgjg==", "dependencies": { + "@aashutoshrathi/word-wrap": "^1.2.3", "deep-is": "^0.1.3", "fast-levenshtein": "^2.0.6", "levn": "^0.4.1", "prelude-ls": "^1.2.1", - "type-check": "^0.4.0", - "word-wrap": "^1.2.3" + "type-check": "^0.4.0" }, "engines": { "node": ">= 0.8.0" @@ -11747,9 +11755,9 @@ } }, "node_modules/socket.io": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.7.0.tgz", - "integrity": "sha512-eOpu7oCNiPGBHn9Falg0cAGivp6TpDI3Yt596fbsf+vln8kRLFWxXKrecFrybn/xNYVn9HcdJNAkYToCmTjsyg==", + "version": "4.7.1", + "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.7.1.tgz", + "integrity": "sha512-W+utHys2w//dhFjy7iQQu9sGd3eokCjGbl2r59tyLqNiJJBdIebn3GAKEXBr3osqHTObJi2die/25bCx2zsaaw==", "dependencies": { "accepts": "~1.3.4", "base64id": "~2.0.0", @@ -13440,14 +13448,6 @@ "node": ">= 10.0.0" } }, - "node_modules/word-wrap": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", - "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/wordwrap": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz", diff --git a/frontend/tests/unit/config.js b/frontend/tests/unit/config.js index b00c5f0cf..bcb0bd334 100644 --- a/frontend/tests/unit/config.js +++ b/frontend/tests/unit/config.js @@ -10,8 +10,8 @@ const clientConfig = { staticUri: "/static", apiUri: "/api/v1", contentUri: "/api/v1", - siteUrl: "http://photoprism.me:2342/", - sitePreview: "http://photoprism.me:2342/static/img/preview.jpg", + siteUrl: "http://localhost:2342/", + sitePreview: "http://localhost:2342/static/img/preview.jpg", siteTitle: "PhotoPrism", siteCaption: "AI-Powered Photos App", siteDescription: "Open-Source Photo Management", diff --git a/frontend/tests/unit/model/link_test.js b/frontend/tests/unit/model/link_test.js index ef05bae78..7653f0297 100644 --- a/frontend/tests/unit/model/link_test.js +++ b/frontend/tests/unit/model/link_test.js @@ -19,11 +19,11 @@ describe("model/link", () => { const values = { UID: 5, Token: "1234hhtbbt", Slug: "friends", ShareUID: "family" }; const link = new Link(values); const result = link.url(); - assert.equal(result, "http://photoprism.me:2342/s/1234hhtbbt/friends"); + assert.equal(result, "http://localhost:2342/s/1234hhtbbt/friends"); const values2 = { UID: 5, Token: "", ShareUID: "family" }; const link2 = new Link(values2); const result2 = link2.url(); - assert.equal(result2, "http://photoprism.me:2342/s/…/family"); + assert.equal(result2, "http://localhost:2342/s/…/family"); }); it("should get link caption", () => { diff --git a/internal/config/config.go b/internal/config/config.go index b0110d7ab..7f95f4ef9 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -480,10 +480,10 @@ func (c *Config) StaticAssetUri(res string) string { return c.StaticUri() + "/" + res } -// SiteUrl returns the public server URL (default is "http://photoprism.me:2342/"). +// SiteUrl returns the public server URL (default is "http://localhost:2342/"). func (c *Config) SiteUrl() string { if c.options.SiteUrl == "" { - return "http://photoprism.me:2342/" + return "http://localhost:2342/" } return strings.TrimRight(c.options.SiteUrl, "/") + "/" diff --git a/internal/config/config_test.go b/internal/config/config_test.go index 559735298..608a9d800 100644 --- a/internal/config/config_test.go +++ b/internal/config/config_test.go @@ -496,7 +496,7 @@ func TestConfig_VideoUri(t *testing.T) { func TestConfig_SiteUrl(t *testing.T) { c := NewConfig(CliTestContext()) - assert.Equal(t, "http://photoprism.me:2342/", c.SiteUrl()) + assert.Equal(t, "http://localhost:2342/", c.SiteUrl()) c.options.SiteUrl = "http://superhost:2342/" assert.Equal(t, "http://superhost:2342/", c.SiteUrl()) c.options.SiteUrl = "http://superhost" @@ -506,11 +506,11 @@ func TestConfig_SiteUrl(t *testing.T) { func TestConfig_SiteDomain(t *testing.T) { c := NewConfig(CliTestContext()) - assert.Equal(t, "photoprism.me", c.SiteDomain()) + assert.Equal(t, "localhost", c.SiteDomain()) c.options.SiteUrl = "https://foo.bar.com:2342/" assert.Equal(t, "foo.bar.com", c.SiteDomain()) c.options.SiteUrl = "" - assert.Equal(t, "photoprism.me", c.SiteDomain()) + assert.Equal(t, "localhost", c.SiteDomain()) } func TestConfig_SitePreview(t *testing.T) { @@ -519,11 +519,11 @@ func TestConfig_SitePreview(t *testing.T) { c.options.SitePreview = "http://preview.jpg" assert.Equal(t, "http://preview.jpg", c.SitePreview()) c.options.SitePreview = "preview123.jpg" - assert.Equal(t, "http://photoprism.me:2342/preview123.jpg", c.SitePreview()) + assert.Equal(t, "http://localhost:2342/preview123.jpg", c.SitePreview()) c.options.SitePreview = "foo/preview123.jpg" - assert.Equal(t, "http://photoprism.me:2342/foo/preview123.jpg", c.SitePreview()) + assert.Equal(t, "http://localhost:2342/foo/preview123.jpg", c.SitePreview()) c.options.SitePreview = "/foo/preview123.jpg" - assert.Equal(t, "http://photoprism.me:2342/foo/preview123.jpg", c.SitePreview()) + assert.Equal(t, "http://localhost:2342/foo/preview123.jpg", c.SitePreview()) } func TestConfig_SiteTitle(t *testing.T) { diff --git a/internal/config/config_tls.go b/internal/config/config_tls.go index 706522caa..120ff2cf6 100644 --- a/internal/config/config_tls.go +++ b/internal/config/config_tls.go @@ -31,14 +31,24 @@ func (c *Config) TLSCert() string { return certName } - // Try to find server certificate. - if fileName := filepath.Join(c.CertificatesPath(), certName); fs.FileExistsNotEmpty(fileName) { - return fileName - } else if fileName = filepath.Join("/etc/ssl/certs", certName); fs.FileExistsNotEmpty(fileName) { + // find looks for an existing certificate file. + find := func(certName string) string { + if fileName := filepath.Join(c.CertificatesPath(), certName); fs.FileExistsNotEmpty(fileName) { + return fileName + } else if fileName = filepath.Join("/etc/ssl/certs", certName); fs.FileExistsNotEmpty(fileName) { + return fileName + } else { + return "" + } + } + + // Find matching TLS certificate file. + if fileName := find(certName); fileName != "" { return fileName } - return "" + // Find default TLS certificate. + return find("photoprism" + PublicCertExt) } // TLSKey returns the private key required to enable TLS. @@ -51,14 +61,24 @@ func (c *Config) TLSKey() string { return keyName } - // Try to find private key. - if fileName := filepath.Join(c.CertificatesPath(), keyName); fs.FileExistsNotEmpty(fileName) { - return fileName - } else if fileName = filepath.Join("/etc/ssl/private", keyName); fs.FileExistsNotEmpty(fileName) { + // find looks for an existing private key file. + find := func(keyName string) string { + if fileName := filepath.Join(c.CertificatesPath(), keyName); fs.FileExistsNotEmpty(fileName) { + return fileName + } else if fileName = filepath.Join("/etc/ssl/private", keyName); fs.FileExistsNotEmpty(fileName) { + return fileName + } else { + return "" + } + } + + // Find matching private key. + if fileName := find(keyName); fileName != "" { return fileName } - return "" + // Find default key file. + return find("photoprism" + PrivateKeyExt) } // TLS returns the HTTPS certificate and private key file name. diff --git a/internal/config/config_tls_test.go b/internal/config/config_tls_test.go index 1ebf192e5..203a0814e 100644 --- a/internal/config/config_tls_test.go +++ b/internal/config/config_tls_test.go @@ -31,13 +31,13 @@ func TestConfig_TLSEmail(t *testing.T) { func TestConfig_TLSCert(t *testing.T) { c := NewConfig(CliTestContext()) - assert.True(t, strings.HasSuffix(c.TLSCert(), "photoprism.me.crt")) + assert.True(t, strings.HasSuffix(c.TLSCert(), "photoprism.crt")) } func TestConfig_TLSKey(t *testing.T) { c := NewConfig(CliTestContext()) - assert.True(t, strings.HasSuffix(c.TLSKey(), "photoprism.me.key")) + assert.True(t, strings.HasSuffix(c.TLSKey(), "photoprism.key")) } func TestConfig_TLS(t *testing.T) { diff --git a/internal/config/flags.go b/internal/config/flags.go index a3fc45557..e171f94f1 100644 --- a/internal/config/flags.go +++ b/internal/config/flags.go @@ -396,7 +396,7 @@ var Flags = CliFlags{ Flag: cli.StringFlag{ Name: "site-url, url", Usage: "public site `URL`", - Value: "http://photoprism.me:2342/", + Value: "http://localhost:2342/", EnvVar: EnvVar("SITE_URL"), }}, { Flag: cli.StringFlag{ diff --git a/scripts/dist/install-https.sh b/scripts/dist/install-https.sh index 493f7b00f..8a47417d6 100755 --- a/scripts/dist/install-https.sh +++ b/scripts/dist/install-https.sh @@ -5,7 +5,7 @@ PATH="/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/scripts:$PATH" -# Abort if not executed as root.. +# Abort if not executed as root. if [[ $(id -u) != "0" ]]; then echo "Usage: run ${0##*/} as root" 1>&2 exit 1 @@ -16,50 +16,40 @@ CONF_PATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )/openssl" CERTS_PATH="/etc/ssl/certs" KEY_PATH="/etc/ssl/private" -# Check if keys and certificates already exist. -if [ -f "$CERTS_PATH/photoprism.local.issuer.crt" ] && [ -f "$KEY_PATH/photoprism.local.pfx" ] && [ -f "$KEY_PATH/photoprism.me.pfx" ]; then - echo "Keys and certificates for photoprism.local already exist in ${KEY_PATH} and ${CERTS_PATH}." +# Abort if files already exist. + +if [ -f "$CERTS_PATH/photoprism.issuer.crt" ] && [ -f "$KEY_PATH/photoprism.pfx" ]; then + echo "Certificate already exists in ${KEY_PATH} and ${CERTS_PATH}." exit 0 fi -echo "Creating local HTTPS keys and certificates in ${KEY_PATH} and ${CERTS_PATH}." +echo "Creating keys and certificates in ${KEY_PATH} and ${CERTS_PATH}." mkdir -p "${CERTS_PATH}" "${KEY_PATH}" groupadd -f -r -g 116 ssl-cert 1>&2 # Generate issuer (CA) certificate. -echo "Generating issuer (CA) certificate..." +echo "Generating self-signed issuer (CA) certificate..." -openssl genrsa -out "$KEY_PATH/photoprism.local.issuer.key" 4096 +openssl genrsa -out "$KEY_PATH/photoprism.issuer.key" 4096 -openssl req -x509 -new -nodes -key "$KEY_PATH/photoprism.local.issuer.key" -sha256 -days 365 -out "$CERTS_PATH/photoprism.local.issuer.pem" -passin pass: -passout pass: -config "$CONF_PATH/ca.conf" +openssl req -x509 -new -nodes -key "$KEY_PATH/photoprism.issuer.key" -sha256 -days 3650 -out "$CERTS_PATH/photoprism.issuer.pem" -passin pass: -passout pass: -config "$CONF_PATH/ca.conf" -openssl x509 -outform der -in "$CERTS_PATH/photoprism.local.issuer.pem" -out "$CERTS_PATH/photoprism.local.issuer.crt" +openssl x509 -outform der -in "$CERTS_PATH/photoprism.issuer.pem" -out "$CERTS_PATH/photoprism.issuer.crt" # Generate server certificates. -echo "Generating certificate for photoprism.local..." +echo "Generating self-signed tls certificate..." -openssl genrsa -out "$KEY_PATH/photoprism.local.key" 4096 +openssl genrsa -out "$KEY_PATH/photoprism.key" 4096 -openssl req -new -config "$CONF_PATH/local-csr.conf" -key "$KEY_PATH/photoprism.local.key" -out "$CERTS_PATH/photoprism.local.csr" +openssl req -new -config "$CONF_PATH/csr.conf" -key "$KEY_PATH/photoprism.key" -out "$CERTS_PATH/photoprism.csr" -openssl x509 -req -in "$CERTS_PATH/photoprism.local.csr" -CA "$CERTS_PATH/photoprism.local.issuer.pem" -CAkey "$KEY_PATH/photoprism.local.issuer.key" -CAcreateserial \ --out "$CERTS_PATH/photoprism.local.crt" -days 365 -sha256 -extfile "$CONF_PATH/local.conf" +openssl x509 -req -in "$CERTS_PATH/photoprism.csr" -CA "$CERTS_PATH/photoprism.issuer.pem" -CAkey "$KEY_PATH/photoprism.issuer.key" -CAcreateserial \ +-out "$CERTS_PATH/photoprism.crt" -days 3650 -sha256 -extfile "$CONF_PATH/ext.conf" -openssl pkcs12 -export -in "$CERTS_PATH/photoprism.local.crt" -inkey "$KEY_PATH/photoprism.local.key" -out "$KEY_PATH/photoprism.local.pfx" -passin pass: -passout pass: - -echo "Generating certificate for photoprism.me..." - -openssl genrsa -out "$KEY_PATH/photoprism.me.key" 4096 - -openssl req -new -config "$CONF_PATH/me-csr.conf" -key "$KEY_PATH/photoprism.me.key" -out "$CERTS_PATH/photoprism.me.csr" - -openssl x509 -req -in "$CERTS_PATH/photoprism.me.csr" -CA "$CERTS_PATH/photoprism.local.issuer.pem" -CAkey "$KEY_PATH/photoprism.local.issuer.key" -CAcreateserial \ --out "$CERTS_PATH/photoprism.me.crt" -days 365 -sha256 -extfile "$CONF_PATH/me.conf" - -openssl pkcs12 -export -in "$CERTS_PATH/photoprism.me.crt" -inkey "$KEY_PATH/photoprism.me.key" -out "$KEY_PATH/photoprism.me.pfx" -passin pass: -passout pass: +openssl pkcs12 -export -in "$CERTS_PATH/photoprism.crt" -inkey "$KEY_PATH/photoprism.key" -out "$KEY_PATH/photoprism.pfx" -passin pass: -passout pass: # Change key permissions. @@ -73,4 +63,4 @@ chmod -R u=rwX,g=rX,o-rwx "$KEY_PATH" echo "Running 'update-ca-certificates'..." update-ca-certificates -echo "Done." \ No newline at end of file +echo "Enjoy!" \ No newline at end of file diff --git a/scripts/dist/openssl/ca.conf b/scripts/dist/openssl/ca.conf index 25532d0c2..c0c8d9821 100644 --- a/scripts/dist/openssl/ca.conf +++ b/scripts/dist/openssl/ca.conf @@ -8,7 +8,7 @@ prompt = no C = DE ST = Berlin L = Berlin -O = Local HTTPS +O = PhotoPrism OU = Self-Hosted -emailAddress = hello@photoprism.local -CN = photoprism.local +emailAddress = hello@photoprism.app +CN = PhotoPrism \ No newline at end of file diff --git a/scripts/dist/openssl/csr.conf b/scripts/dist/openssl/csr.conf new file mode 100644 index 000000000..c5e5ba071 --- /dev/null +++ b/scripts/dist/openssl/csr.conf @@ -0,0 +1,17 @@ +[req] +default_bits = 4096 +prompt = no +default_md = sha256 +x509_extensions = v3_req +distinguished_name = dn + +[dn] +C = DE +ST = Berlin +L = Berlin +O = PhotoPrism +OU = Self-Hosted +emailAddress = hello@photoprism.app +CN = PhotoPrism + +[v3_req] \ No newline at end of file diff --git a/scripts/dist/openssl/me.conf b/scripts/dist/openssl/ext.conf similarity index 55% rename from scripts/dist/openssl/me.conf rename to scripts/dist/openssl/ext.conf index 787fffaf8..db7bc362a 100644 --- a/scripts/dist/openssl/me.conf +++ b/scripts/dist/openssl/ext.conf @@ -1,8 +1,3 @@ authorityKeyIdentifier=keyid,issuer basicConstraints=CA:FALSE -keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment -subjectAltName = @alt_names - -[alt_names] -DNS.1 = *.photoprism.me -DNS.2 = photoprism.me \ No newline at end of file +keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment \ No newline at end of file diff --git a/scripts/dist/openssl/local-csr.conf b/scripts/dist/openssl/local-csr.conf deleted file mode 100644 index 1463f87ae..000000000 --- a/scripts/dist/openssl/local-csr.conf +++ /dev/null @@ -1,25 +0,0 @@ -[req] -default_bits = 4096 -prompt = no -default_md = sha256 -x509_extensions = v3_req -distinguished_name = dn - -[dn] -C = DE -ST = Berlin -L = Berlin -O = PhotoPrism -OU = Self-Hosted -emailAddress = hello@photoprism.local -CN = photoprism.local - -[v3_req] -subjectAltName = @alt_names - -[SAN] -subjectAltName = @alt_names - -[alt_names] -DNS.1 = *.photoprism.local -DNS.2 = photoprism.local \ No newline at end of file diff --git a/scripts/dist/openssl/local.conf b/scripts/dist/openssl/local.conf deleted file mode 100644 index e6f9bbb23..000000000 --- a/scripts/dist/openssl/local.conf +++ /dev/null @@ -1,8 +0,0 @@ -authorityKeyIdentifier=keyid,issuer -basicConstraints=CA:FALSE -keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment -subjectAltName = @alt_names - -[alt_names] -DNS.1 = *.photoprism.local -DNS.2 = photoprism.local \ No newline at end of file diff --git a/scripts/dist/openssl/me-csr.conf b/scripts/dist/openssl/me-csr.conf deleted file mode 100644 index 6e6cfaf5b..000000000 --- a/scripts/dist/openssl/me-csr.conf +++ /dev/null @@ -1,25 +0,0 @@ -[req] -default_bits = 4096 -prompt = no -default_md = sha256 -x509_extensions = v3_req -distinguished_name = dn - -[dn] -C = DE -ST = Berlin -L = Berlin -O = PhotoPrism -OU = Self-Hosted -emailAddress = hello@photoprism.local -CN = photoprism.me - -[v3_req] -subjectAltName = @alt_names - -[SAN] -subjectAltName = @alt_names - -[alt_names] -DNS.1 = *.photoprism.me -DNS.2 = photoprism.me \ No newline at end of file diff --git a/setup/docker/arm64/docker-compose.yml b/setup/docker/arm64/docker-compose.yml index 085985a6a..5bf04423c 100644 --- a/setup/docker/arm64/docker-compose.yml +++ b/setup/docker/arm64/docker-compose.yml @@ -54,7 +54,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "none" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_WORKERS: 2 # limits the number of indexing workers to reduce system load diff --git a/setup/docker/armv7/docker-compose.yml b/setup/docker/armv7/docker-compose.yml index 53e9523ad..a66a49175 100644 --- a/setup/docker/armv7/docker-compose.yml +++ b/setup/docker/armv7/docker-compose.yml @@ -49,7 +49,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "none" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_WORKERS: 1 # Limits the number of indexing workers to reduce system load diff --git a/setup/docker/docker-compose.yml b/setup/docker/docker-compose.yml index 3e30387de..8e2579701 100644 --- a/setup/docker/docker-compose.yml +++ b/setup/docker/docker-compose.yml @@ -46,7 +46,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic diff --git a/setup/docker/macos/docker-compose.yml b/setup/docker/macos/docker-compose.yml index 3e15db9f3..b23f3f0ba 100644 --- a/setup/docker/macos/docker-compose.yml +++ b/setup/docker/macos/docker-compose.yml @@ -42,7 +42,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic diff --git a/setup/docker/nvidia/docker-compose.yml b/setup/docker/nvidia/docker-compose.yml index 0eadc0d6c..6d61cd64a 100644 --- a/setup/docker/nvidia/docker-compose.yml +++ b/setup/docker/nvidia/docker-compose.yml @@ -50,7 +50,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic diff --git a/setup/docker/scheduler/docker-compose.yml b/setup/docker/scheduler/docker-compose.yml index d63d8bc6a..2209bc93a 100644 --- a/setup/docker/scheduler/docker-compose.yml +++ b/setup/docker/scheduler/docker-compose.yml @@ -44,7 +44,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic diff --git a/setup/docker/sqlite/docker-compose.yml b/setup/docker/sqlite/docker-compose.yml index 926f6157a..1f7442c6e 100644 --- a/setup/docker/sqlite/docker-compose.yml +++ b/setup/docker/sqlite/docker-compose.yml @@ -42,7 +42,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic diff --git a/setup/docker/windows/docker-compose.yml b/setup/docker/windows/docker-compose.yml index ad70be627..0895cfb1b 100644 --- a/setup/docker/windows/docker-compose.yml +++ b/setup/docker/windows/docker-compose.yml @@ -48,7 +48,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_DEBUG: "false" # run in debug mode, shows additional log messages diff --git a/setup/podman/docker-compose.yml b/setup/podman/docker-compose.yml index bfac02d90..d14e8c1fb 100644 --- a/setup/podman/docker-compose.yml +++ b/setup/podman/docker-compose.yml @@ -50,7 +50,7 @@ services: PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) - PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" + PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic