Setup: Add Podman example config and Makefile

Signed-off-by: Michael Mayer <michael@photoprism.app>
2022-12-31 19:48:56 +01:00 · 2022-12-31 19:48:56 +01:00 · c39f1b0564
commit c39f1b0564
parent 15199c4e7f
6 changed files with 277 additions and 1 deletions
--- a/2
+++ b/2
@ -40,7 +40,7 @@ else
    GOTEST=go test
 endif

-# Compatibility layer to support “docker-compose” and “docker compose”
+# Ensure compatibility with "docker-compose" (old) and "docker compose" (new).
 HAS_DOCKER_COMPOSE_WITH_DASH := $(shell which docker-compose)

 ifdef HAS_DOCKER_COMPOSE_WITH_DASH
--- a/docker/examples/Makefile
+++ b/docker/examples/Makefile
@ -0,0 +1,33 @@
+MAKEFLAGS += --always-make
+
+-include .env
+export
+
+# Ensure compatibility with "docker-compose" (old) and "docker compose" (new).
+HAS_DOCKER_COMPOSE_WITH_DASH := $(shell which docker-compose)
+
+ifdef HAS_DOCKER_COMPOSE_WITH_DASH
+    DOCKER_COMPOSE=docker-compose
+else
+    DOCKER_COMPOSE=docker compose
+endif
+
+all: pull restart
+uninstall: down remove
+restart: stop start
+pull:
+	$(DOCKER_COMPOSE) pull
+start:
+	$(DOCKER_COMPOSE) up -d --remove-orphans
+stop:
+	$(DOCKER_COMPOSE) stop
+reset:
+	$(DOCKER_COMPOSE) exec photoprism photoprism reset
+down:
+	$(DOCKER_COMPOSE) down -v
+remove:
+	$(DOCKER_COMPOSE) rm -s -v
+terminal:
+	$(DOCKER_COMPOSE) exec photoprism bash
+logs:
+	$(DOCKER_COMPOSE) logs --tail=50 -f
--- a/docker/examples/podman/Makefile
+++ b/docker/examples/podman/Makefile
@ -0,0 +1,24 @@
+MAKEFLAGS += --always-make
+
+-include .env
+export
+
+all: pull restart
+uninstall: down remove
+restart: stop start
+pull:
+	podman-compose pull
+start:
+	podman-compose up -d --remove-orphans
+stop:
+	podman-compose stop
+reset:
+	podman-compose exec photoprism photoprism reset
+down:
+	podman-compose down -v
+remove:
+	podman-compose rm -s -v
+terminal:
+	podman-compose exec photoprism bash
+logs:
+	podman-compose logs --tail=50 -f
--- a/docker/examples/podman/README.md
+++ b/docker/examples/podman/README.md
@ -0,0 +1,47 @@
+# PhotoPrism Setup (RedHat, CentOS, Fedora, and AlmaLinux / AMD64)
+
+Running this command will install the required dependencies and download the configuration files:
+
+```
+mkdir -p /opt/photoprism
+cd /opt/photoprism
+curl -sSf https://dl.photoprism.app/podman/install.sh | bash
+```
+
+## Docker
+
+Users of RedHat-based Linux distributions can substitute the `docker` and `docker compose` commands with `podman` and `podman-compose` as [drop-in replacements](https://docs.photoprism.app/getting-started/troubleshooting/docker/#redhat-linux).
+
+## Firewall Settings
+
+### Incoming Requests
+
+By default, the application is accessible via port 2342 on all network devices. If you use a firewall, please make sure that this port is reachable from other computers on your network.
+
+### Outgoing Connections
+
+For the installation script and app to work as expected, we recommend whitelisting requests to the prsm.app, [photoprism.app](https://photoprism.app), and photoprism.xyz domains and their subdomains, e.g.:
+
+- prsm.app
+- dl.photoprism.app
+- my.photoprism.app
+- api.photoprism.app
+- cdn.photoprism.app
+- hub.photoprism.app
+- setup.photoprism.app
+- places.photoprism.app
+- places.photoprism.xyz
+
+Visit https://docs.photoprism.app/getting-started/#maps-places to learn more.
+
+In addition, the following domains should be whitelisted so that Docker can pull public images, e.g. for MariaDB:
+
+- auth.docker.io
+- registry-1.docker.io
+- index.docker.io
+- dseasb33srnrn.cloudfront.net
+- production.cloudflare.docker.com
+
+----
+
+*PhotoPrism® is a [registered trademark](https://photoprism.app/trademark). By using the software and services we provide, you agree to our [Terms of Service](https://photoprism.app/terms), [Privacy Policy](https://photoprism.app/privacy), and [Code of Conduct](https://photoprism.app/code-of-conduct). Docs are [available](https://link.photoprism.app/github-docs) under the [CC BY-NC-SA 4.0 License](https://creativecommons.org/licenses/by-nc-sa/4.0/); [additional terms](https://github.com/photoprism/photoprism/blob/develop/assets/README.md) may apply.*
--- a/docker/examples/podman/docker-compose.yml
+++ b/docker/examples/podman/docker-compose.yml
@ -0,0 +1,119 @@
+version: '3.5'
+
+# Example Podman Compose config file for PhotoPrism (Linux / AMD64)
+#
+# Note:
+# - Hardware transcoding is only available for sponsors due to the high maintenance and support effort.
+# - Running PhotoPrism on a server with less than 4 GB of swap space or setting a memory/swap limit can cause unexpected
+#   restarts ("crashes"), for example, when the indexer temporarily needs more memory to process large files.
+# - If you install PhotoPrism on a public server outside your home network, please always run it behind a secure
+#   HTTPS reverse proxy such as Traefik or Caddy. Your files and passwords will otherwise be transmitted
+#   in clear text and can be intercepted by anyone, including your provider, hackers, and governments:
+#   https://docs.photoprism.app/getting-started/proxies/traefik/
+#
+# Quickstart Guide: https://docs.photoprism.app/getting-started/docker-compose/
+# Knowledge Base: https://photoprism.app/kb
+# Docker Image: https://hub.docker.com/r/photoprism/photoprism
+#
+# PODMAN COMPOSE COMMAND REFERENCE
+# --------------------------------------------------------------------------
+# Start    | podman-compose up -d
+# Stop     | podman-compose stop
+# Update   | podman-compose pull
+# Logs     | podman-compose logs --tail=25 -f
+# Terminal | podman-compose exec photoprism bash
+# Help     | podman-compose exec photoprism photoprism help
+# Config   | podman-compose exec photoprism photoprism config
+# Reset    | podman-compose exec photoprism photoprism reset
+# Backup   | podman-compose exec photoprism photoprism backup -a -i
+# Restore  | podman-compose exec photoprism photoprism restore -a -i
+# Index    | podman-compose exec photoprism photoprism index
+# Reindex  | podman-compose exec photoprism photoprism index -f
+# Import   | podman-compose exec photoprism photoprism import
+
+services:
+  photoprism:
+    ## Use photoprism/photoprism:preview for testing preview builds:
+    image: photoprism/photoprism:latest
+    container_name: photoprism
+    depends_on:
+      - mariadb
+    restart: unless-stopped
+    security_opt:
+      - seccomp:unconfined
+      - apparmor:unconfined
+    user: 1000:1000
+    privileged: true
+    ports:
+      - "2342:2342" # HTTP port (host:container)
+    environment:
+      PHOTOPRISM_ADMIN_USER: "admin"                 # superadmin username
+      PHOTOPRISM_ADMIN_PASSWORD: "insecure"          # initial superadmin password (minimum 8 characters)
+      PHOTOPRISM_AUTH_MODE: "password"               # authentication mode (public, password)
+      PHOTOPRISM_SITE_URL: "http://photoprism.me:2342/"  # server URL in the format "http(s)://domain.name(:port)/(path)"
+      PHOTOPRISM_ORIGINALS_LIMIT: 5000               # file size limit for originals in MB (increase for high-res video)
+      PHOTOPRISM_HTTP_COMPRESSION: "gzip"            # improves transfer speed and bandwidth utilization (none or gzip)
+      PHOTOPRISM_LOG_LEVEL: "info"                   # log level: trace, debug, info, warning, error, fatal, or panic
+      PHOTOPRISM_READONLY: "false"                   # do not modify originals directory (reduced functionality)
+      PHOTOPRISM_EXPERIMENTAL: "false"               # enables experimental features
+      PHOTOPRISM_DISABLE_CHOWN: "false"              # disables updating storage permissions via chmod and chown on startup
+      PHOTOPRISM_DISABLE_WEBDAV: "false"             # disables built-in WebDAV server
+      PHOTOPRISM_DISABLE_SETTINGS: "false"           # disables settings UI and API
+      PHOTOPRISM_DISABLE_TENSORFLOW: "false"         # disables all features depending on TensorFlow
+      PHOTOPRISM_DISABLE_FACES: "false"              # disables face detection and recognition (requires TensorFlow)
+      PHOTOPRISM_DISABLE_CLASSIFICATION: "false"     # disables image classification (requires TensorFlow)
+      PHOTOPRISM_DISABLE_RAW: "false"                # disables indexing and conversion of RAW files
+      PHOTOPRISM_RAW_PRESETS: "false"                # enables applying user presets when converting RAW files (reduces performance)
+      PHOTOPRISM_JPEG_QUALITY: 85                    # a higher value increases the quality and file size of JPEG images and thumbnails (25-100)
+      PHOTOPRISM_DETECT_NSFW: "false"                # automatically flags photos as private that MAY be offensive (requires TensorFlow)
+      PHOTOPRISM_UPLOAD_NSFW: "true"                 # allows uploads that MAY be offensive (no effect without TensorFlow)
+      # PHOTOPRISM_DATABASE_DRIVER: "sqlite"         # SQLite is an embedded database that doesn't require a server
+      PHOTOPRISM_DATABASE_DRIVER: "mysql"            # use MariaDB 10.5+ or MySQL 8+ instead of SQLite for improved performance
+      PHOTOPRISM_DATABASE_SERVER: "mariadb:3306"     # MariaDB or MySQL database server (hostname:port)
+      PHOTOPRISM_DATABASE_NAME: "photoprism"         # MariaDB or MySQL database schema name
+      PHOTOPRISM_DATABASE_USER: "photoprism"         # MariaDB or MySQL database user name
+      PHOTOPRISM_DATABASE_PASSWORD: "insecure"       # MariaDB or MySQL database user password
+      PHOTOPRISM_SITE_CAPTION: "AI-Powered Photos App"
+      PHOTOPRISM_SITE_DESCRIPTION: ""                # meta site description
+      PHOTOPRISM_SITE_AUTHOR: ""                     # meta site author
+      ## Run/install on first startup (options: update https gpu tensorflow davfs clitools clean):
+      # PHOTOPRISM_INIT: "https gpu tensorflow"
+      ## Hardware Video Transcoding:
+      # PHOTOPRISM_FFMPEG_ENCODER: "software"        # FFmpeg encoder ("software", "intel", "nvidia", "apple", "raspberry")
+      # PHOTOPRISM_FFMPEG_BITRATE: "32"              # FFmpeg encoding bitrate limit in Mbit/s (default: 50)
+      ## Run as a non-root user after initialization (supported: 0, 33, 50-99, 500-600, and 900-1200):
+      # PHOTOPRISM_UID: 1000
+      # PHOTOPRISM_GID: 1000
+      # PHOTOPRISM_UMASK: 0000
+    working_dir: "/photoprism" # do not change or remove
+    ## Storage Folders: "~" is a shortcut for your home directory, "." for the current directory
+    volumes:
+      - "./originals:/photoprism/originals"    # original media files (photos and videos)
+      - "./import:/photoprism/import"          # *optional* folder from which files can be imported to originals
+      - "./storage:/photoprism/storage"        # *writable* storage folder for cache, database, and sidecar files (never remove)
+
+  ## Database Server (recommended)
+  ## see https://docs.photoprism.app/getting-started/faq/#should-i-use-sqlite-mariadb-or-mysql
+  mariadb:
+    ## If MariaDB gets stuck in a restart loop, this points to a memory or filesystem issue:
+    ## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors
+    restart: unless-stopped
+    image: mariadb:10.10
+    container_name: mariadb
+    user: 1000:1000
+    privileged: true
+    security_opt:
+      - seccomp:unconfined
+      - apparmor:unconfined
+    ## --lower-case-table-names=1 stores tables in lowercase and compares names in a case-insensitive manner
+    ## see https://mariadb.com/kb/en/server-system-variables/#lower_case_table_names
+    command: mysqld --innodb-buffer-pool-size=2G --lower-case-table-names=1 --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=180
+    volumes:
+      - "./mariadb:/var/lib/mysql"
+    environment:
+      MARIADB_AUTO_UPGRADE: "1"
+      MARIADB_INITDB_SKIP_TZINFO: "1"
+      MARIADB_DATABASE: "photoprism"
+      MARIADB_USER: "photoprism"
+      MARIADB_PASSWORD: "insecure"
+      MARIADB_ROOT_PASSWORD: "insecure"
--- a/docker/examples/podman/install.sh
+++ b/docker/examples/podman/install.sh
@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+set -e
+
+# Install dependencies.
+echo "Installing dependencies..."
+sudo dnf update -y
+sudo dnf install nano make netavark aardvark-dns podman podman-docker -y
+
+# Specify Podman network backend.
+cat >/etc/containers/containers.conf <<EOL
+[network]
+network_backend = "netavark"
+EOL
+
+# Install Podman Compose if needed.
+if ! command -v "podman-compose" &> /dev/null; then
+  sudo dnf install python3 python3-pip python3-devel -y
+  sudo -H pip3 install --upgrade pip
+  sudo pip3 install python-dotenv
+  sudo pip3 install pyyaml
+  sudo pip3 install podman-compose
+fi
+
+# Start Podman service.
+sudo systemctl start podman
+sudo systemctl enable podman
+
+# Wait 2 seconds.
+sleep 2
+
+# Reset Podman and show version.
+podman system reset --force
+podman --version
+
+# Download config files.
+echo "Downloading Makefile and docker-compose.yml..."
+curl -o Makefile https://dl.photoprism.app/podman/Makefile
+curl -o docker-compose.yml https://dl.photoprism.app/podman/docker-compose.yml
+
+# Create storage folders.
+echo "Creating storage folders..."
+mkdir -p import mariadb originals storage
+sudo chown 1000:1000 import mariadb originals storage
+sudo chmod u+rwx,g+rwx import mariadb originals storage
+
+# Show further instructions.
+echo ""
+echo "Done! You can now customize your settings in the downloaded docker-compose.yml file:"
+echo ">> nano docker-compose.yml"
+echo "When you are done with the configuration, run 'make' to download and start PhotoPrism."
+echo "After waiting a few moments, you should be able to open the UI in a web browser by navigating to:"
+echo ">> http://localhost:2342/ (or the configured site URL if you have changed it)"