From b8349a2c5995d2a50c80ddf49bfb24876e985e7d Mon Sep 17 00:00:00 2001 From: Michael Mayer Date: Thu, 5 Aug 2021 21:05:59 +0200 Subject: [PATCH] Docker: Improve cloud-init setup --- docker/examples/cloud-init/docker-compose.yml | 46 +++++++++---------- docker/examples/cloud-init/setup.sh | 16 ++++++- 2 files changed, 38 insertions(+), 24 deletions(-) diff --git a/docker/examples/cloud-init/docker-compose.yml b/docker/examples/cloud-init/docker-compose.yml index 6fe132abb..73b789d2c 100644 --- a/docker/examples/cloud-init/docker-compose.yml +++ b/docker/examples/cloud-init/docker-compose.yml @@ -53,29 +53,29 @@ services: # - "traefik.http.routers.photoprism.rule=Host(`photos.example.com`)" # - "traefik.http.routers.photoprism.tls.certresolver=myresolver" environment: - PHOTOPRISM_ADMIN_PASSWORD: "insecure" # PLEASE CHANGE: Your initial admin password (min 4 characters) - PHOTOPRISM_ORIGINALS_LIMIT: 5000 # File size limit for originals in MB (increase for high-res video) - PHOTOPRISM_HTTP_COMPRESSION: "gzip" # Improves transfer speed and bandwidth utilization (none or gzip) - PHOTOPRISM_DEBUG: "false" # Run in debug mode (shows additional log messages) - PHOTOPRISM_PUBLIC: "false" # No authentication required (disables password protection) - PHOTOPRISM_READONLY: "false" # Don't modify originals directory (reduced functionality) - PHOTOPRISM_EXPERIMENTAL: "false" # Enables experimental features - PHOTOPRISM_DISABLE_WEBDAV: "false" # Disables built-in WebDAV server - PHOTOPRISM_DISABLE_SETTINGS: "false" # Disables Settings in Web UI - PHOTOPRISM_DISABLE_TENSORFLOW: "false" # Disables using TensorFlow for image classification - PHOTOPRISM_DARKTABLE_PRESETS: "false" # Enables Darktable presets and disables concurrent RAW conversion - PHOTOPRISM_DETECT_NSFW: "false" # Flag photos as private that MAY be offensive (requires TensorFlow) - PHOTOPRISM_UPLOAD_NSFW: "true" # Allow uploads that MAY be offensive - PHOTOPRISM_DATABASE_DRIVER: "mysql" # Use MariaDB (or MySQL) instead of SQLite for improved performance - PHOTOPRISM_DATABASE_SERVER: "mariadb:3306" # MariaDB database server (hostname:port) - PHOTOPRISM_DATABASE_NAME: "photoprism" # MariaDB database schema name - PHOTOPRISM_DATABASE_USER: "photoprism" # MariaDB database user name - PHOTOPRISM_DATABASE_PASSWORD: "photoprism" # MariaDB database user password - PHOTOPRISM_SITE_URL: "http://localhost:2342/" # Public PhotoPrism URL + PHOTOPRISM_SITE_URL: "https://_public_ip_/" PHOTOPRISM_SITE_TITLE: "PhotoPrism" PHOTOPRISM_SITE_CAPTION: "Browse Your Life" PHOTOPRISM_SITE_DESCRIPTION: "" PHOTOPRISM_SITE_AUTHOR: "" + PHOTOPRISM_ADMIN_PASSWORD: "_admin_password_" # PLEASE CHANGE: Your initial admin password (min 4 characters) + PHOTOPRISM_ORIGINALS_LIMIT: 5000 # File size limit for originals in MB (increase for high-res video) + PHOTOPRISM_HTTP_COMPRESSION: "gzip" # Improves transfer speed and bandwidth utilization (none or gzip) + PHOTOPRISM_DEBUG: "false" # Run in debug mode (shows additional log messages) + PHOTOPRISM_PUBLIC: "false" # No authentication required (disables password protection) + PHOTOPRISM_READONLY: "false" # Don't modify originals directory (reduced functionality) + PHOTOPRISM_EXPERIMENTAL: "false" # Enables experimental features + PHOTOPRISM_DISABLE_WEBDAV: "false" # Disables built-in WebDAV server + PHOTOPRISM_DISABLE_SETTINGS: "false" # Disables Settings in Web UI + PHOTOPRISM_DISABLE_TENSORFLOW: "false" # Disables using TensorFlow for image classification + PHOTOPRISM_DARKTABLE_PRESETS: "false" # Enables Darktable presets and disables concurrent RAW conversion + PHOTOPRISM_DETECT_NSFW: "false" # Flag photos as private that MAY be offensive (requires TensorFlow) + PHOTOPRISM_UPLOAD_NSFW: "true" # Allow uploads that MAY be offensive + PHOTOPRISM_DATABASE_DRIVER: "mysql" # Use MariaDB (or MySQL) instead of SQLite for improved performance + PHOTOPRISM_DATABASE_SERVER: "mariadb:3306" # MariaDB database server (hostname:port) + PHOTOPRISM_DATABASE_NAME: "photoprism" # MariaDB database schema name + PHOTOPRISM_DATABASE_USER: "photoprism" # MariaDB database user name + PHOTOPRISM_DATABASE_PASSWORD: "_admin_password_" # MariaDB database user password user: "1000" volumes: # Your photo and video files ([local path]:[container path]): @@ -111,10 +111,10 @@ services: volumes: # Don't remove permanent storage for index database files! - "./database:/var/lib/mysql" environment: - MYSQL_ROOT_PASSWORD: photoprism - MYSQL_DATABASE: photoprism - MYSQL_USER: photoprism - MYSQL_PASSWORD: photoprism + MYSQL_ROOT_PASSWORD: "_admin_password_" + MYSQL_DATABASE: "photoprism" + MYSQL_USER: "photoprism" + MYSQL_PASSWORD: "_admin_password_" ofelia: image: mcuadros/ofelia:latest diff --git a/docker/examples/cloud-init/setup.sh b/docker/examples/cloud-init/setup.sh index 796d3f7cd..73c0ec054 100755 --- a/docker/examples/cloud-init/setup.sh +++ b/docker/examples/cloud-init/setup.sh @@ -85,10 +85,24 @@ openssl x509 -req -in /photoprism/certs/cert.csr -CA /photoprism/certs/ca.pem \ openssl pkcs12 -export -in /photoprism/certs/cert.crt -inkey /photoprism/certs/cert.key \ -out /photoprism/certs/cert.pfx -passout pass: +# generate random password +PASSWORD_PLACEHOLDER="_admin_password_" +ADMIN_PASSWORD=$(gpg --gen-random --armor 2 6) +echo "${ADMIN_PASSWORD}" > /root/.photoprism-password.txt +echo "Initial admin password: ${ADMIN_PASSWORD}" + +# detect public server ip address +PUBLIC_IP=$(curl -sfSL ifconfig.me) + # download service config -curl -fsSL https://dl.photoprism.org/docker/cloud-init/docker-compose.yml > /photoprism/docker-compose.yml +COMPOSE_CONFIG=$(curl -fsSL https://dl.photoprism.org/docker/cloud-init/docker-compose.yml) +COMPOSE_CONFIG=${COMPOSE_CONFIG//_public_ip_/$PUBLIC_IP} +COMPOSE_CONFIG=${COMPOSE_CONFIG//$PASSWORD_PLACEHOLDER/$ADMIN_PASSWORD} +echo "${COMPOSE_CONFIG}" > /photoprism/docker-compose.yml curl -fsSL https://dl.photoprism.org/docker/cloud-init/jobs.ini > /photoprism/jobs.ini curl -fsSL https://dl.photoprism.org/docker/cloud-init/traefik.yaml > /photoprism/traefik.yaml + +# change permissions chown -Rf photoprism:photoprism /photoprism # start services using docker-compose