version: '3.5' # PhotoPrism for Cloud Servers running Ubuntu 20.04 LTS (Focal Fossa) # =================================================================== # # Run this script as root to install PhotoPrism on a cloud server e.g. at DigitalOcean: # # bash <(curl -s https://dl.photoprism.app/docker/cloud/setup.sh) # # This may take a while to complete, depending on the performance of your # server and its internet connection. # # When done - and you see no errors - please open # # https:/// # # in a Web browser and log in using the initial admin password shown # by the script. You may also see the initial password by running # # cat /root/.initial-password.txt # # as root on your server. To open a terminal: # # ssh root@ # # Data and all config files related to PhotoPrism can be found in # # /opt/photoprism # # The main docker-compose config file for changing config options is # # /opt/photoprism/docker-compose.yml # # The server is running as "photoprism" (UID 1000) by default. There's no need # to change defaults unless you experience conflicts with other services running # on the same server. For example, you may need to disable the Traefik reverse # proxy as the ports 80 and 443 can only be used by a single web server / proxy. # # Configuring multiple apps on the same server is beyond the scope of this base # config and for advanced users only. # # This config includes Ophelia, a docker job scheduler: # # https://github.com/mcuadros/ofelia # # See jobs.ini for details. # # SYSTEM REQUIREMENTS # -------------------------------------------------------------------------- # # We recommend hosting PhotoPrism on a server with at least 2 cores and # 4 GB of memory. Beyond these minimum requirements, the amount of RAM # should match the number of cores. Indexing large photo and video # collections significantly benefits from fast, local SSD storage. # # RAW image conversion and automatic image classification using TensorFlow # will be disabled on servers with 1 GB or less memory. # # DOCKER COMPOSE COMMAND REFERENCE # -------------------------------------------------------------------------- # Start | docker-compose up -d # Stop | docker-compose stop # Update | docker-compose pull # Logs | docker-compose logs --tail=25 -f # Terminal | docker-compose exec photoprism bash # Help | docker-compose exec photoprism photoprism help # Config | docker-compose exec photoprism photoprism config # Reset | docker-compose exec photoprism photoprism reset # Backup | docker-compose exec photoprism photoprism backup -a -i # Restore | docker-compose exec photoprism photoprism restore -a -i # Index | docker-compose exec photoprism photoprism index # Reindex | docker-compose exec photoprism photoprism index -f # Import | docker-compose exec photoprism photoprism import # # To search originals for faces without a complete rescan: # docker-compose exec photoprism photoprism faces index # # More examples: https://docs.photoprism.app/getting-started/docker-compose/#command-line-interface # # USING LET'S ENCRYPT HTTPS # -------------------------------------------------------------------------- # # If your server has a public domain name, please disable the self-signed # certificate and enable domain based routing in docker-compose.yml and # traefik.yaml (see inline instructions in !! UPPERCASE !!) # # ssh root@ # cd /opt/photoprism # nano docker-compose.yml # nano traefik.yaml # docker-compose stop # docker-compose up -d # # You should now be able to access your instance without security warnings. services: photoprism: ## Don't enable automatic restarts until PhotoPrism has been properly configured and tested! ## If the service gets stuck in a restart loop, this points to a memory, filesystem, network, or database issue: ## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors restart: always ## Use photoprism/photoprism:preview for testing preview builds: image: photoprism/photoprism:latest container_name: photoprism depends_on: - mariadb security_opt: - seccomp:unconfined - apparmor:unconfined ## Run as a non-root user (see https://docs.docker.com/engine/reference/run/#user) user: "1000:1000" ## Don't expose port when running behind Traefik reverse proxy! # ports: # - "2342:2342" # HTTP port (host:container) labels: - "traefik.enable=true" - "traefik.http.services.photoprism.loadbalancer.server.port=2342" - "traefik.http.routers.photoprism.tls=true" - "traefik.http.routers.photoprism.entrypoints=websecure" ## !! REMOVE default route if your server has a public domain name !! - "traefik.http.routers.photoprism.rule=PathPrefix(`/`)" ## !! UNCOMMENT and CHANGE to set the public domain name !! # - "traefik.http.routers.photoprism.rule=Host(`photos.yourdomain.com`)" ## !! UNCOMMENT to enable Let's Encrypt HTTPS !! # - "traefik.http.routers.photoprism.tls.certresolver=myresolver" ## !! REMOVE both for Let's Encrypt HTTPS with default HTTP challenge (DNS challenge supports wildcards) !! - "traefik.http.routers.photoprism.tls.domains[0].main=example.com" - "traefik.http.routers.photoprism.tls.domains[0].sans=*.example.com" environment: ## !! CHANGE site url if your server has a public domain name e.g. "https://photos.yourdomain.com/" !! PHOTOPRISM_SITE_URL: "https://_public_ip_/" PHOTOPRISM_SITE_CAPTION: "AI-Powered Photos App" PHOTOPRISM_SITE_DESCRIPTION: "" # meta site description PHOTOPRISM_SITE_AUTHOR: "" # meta site author PHOTOPRISM_ADMIN_PASSWORD: "_admin_password_" # YOUR INITIAL "admin" PASSWORD PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_LOG_LEVEL: "info" # log level: trace, debug, info, warning, error, fatal, or panic PHOTOPRISM_PUBLIC: "false" # no authentication required (disables password protection) PHOTOPRISM_READONLY: "false" # do not modify originals directory (reduced functionality) PHOTOPRISM_EXPERIMENTAL: "false" # enables experimental features PHOTOPRISM_DISABLE_CHOWN: "false" # disables storage permission updates on startup PHOTOPRISM_DISABLE_WEBDAV: "false" # disables built-in WebDAV server PHOTOPRISM_DISABLE_SETTINGS: "false" # disables Settings in Web UI PHOTOPRISM_DISABLE_TENSORFLOW: "false" # disables all features depending on TensorFlow PHOTOPRISM_DISABLE_FACES: "false" # disables facial recognition PHOTOPRISM_DISABLE_CLASSIFICATION: "false" # disables image classification PHOTOPRISM_DISABLE_RAW: "false" # disables indexing and conversion of RAW files PHOTOPRISM_RAW_PRESETS: "false" # enables applying user presets when converting RAW files (reduces performance) PHOTOPRISM_JPEG_QUALITY: 85 # image quality, a higher value reduces compression (25-100) PHOTOPRISM_DETECT_NSFW: "false" # flag photos as private that MAY be offensive (requires TensorFlow) PHOTOPRISM_UPLOAD_NSFW: "true" # allows uploads that MAY be offensive PHOTOPRISM_DATABASE_DRIVER: "mysql" # use MariaDB 10.5+ or MySQL 8+ instead of SQLite for improved performance PHOTOPRISM_DATABASE_SERVER: "mariadb:3306" # MariaDB or MySQL database server (hostname:port) PHOTOPRISM_DATABASE_NAME: "photoprism" # MariaDB or MySQL database schema name PHOTOPRISM_DATABASE_USER: "photoprism" # MariaDB or MySQL database user name PHOTOPRISM_DATABASE_PASSWORD: "_admin_password_" # MariaDB or MySQL database user password ## Run/install on first startup (options: update, gpu, tensorflow, davfs, clean): PHOTOPRISM_INIT: "update tensorflow clean" working_dir: "/photoprism" # do not change or remove ## Storage Folders: "~" is a shortcut for your home directory, "." for the current directory volumes: # "/host/folder:/photoprism/folder" # example: - "./originals:/photoprism/originals" # original media files (photos and videos) - "./import:/photoprism/import" # *optional* base folder from which files can be imported to originals - "./storage:/photoprism/storage" # *writable* storage folder for cache, database, and sidecar files (never remove) - "./backup:/var/lib/photoprism" # *optional* storage folder for database backups ## Traefik Reverse Proxy (required) ## see https://docs.photoprism.app/getting-started/proxies/traefik/ traefik: restart: always image: traefik:v2.6 container_name: traefik ports: - "80:80" - "443:443" expose: - "80" - "443" volumes: - "/var/run/docker.sock:/var/run/docker.sock" - "./traefik/:/data/" - "./traefik.yaml:/etc/traefik/traefik.yaml" - "./certs/:/certs/" ## Database Server (recommended) ## see https://docs.photoprism.app/getting-started/faq/#should-i-use-sqlite-mariadb-or-mysql mariadb: restart: always image: mariadb:10.8 container_name: mariadb security_opt: - seccomp:unconfined - apparmor:unconfined command: mysqld --innodb-buffer-pool-size=512M --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120 ## Never store database files on an unreliable device such as a USB flash drive, an SD card, or a shared network folder: volumes: - "./database:/var/lib/mysql" # DO NOT REMOVE environment: MARIADB_AUTO_UPGRADE: "1" MARIADB_INITDB_SKIP_TZINFO: "1" MARIADB_DATABASE: "photoprism" MARIADB_USER: "photoprism" MARIADB_PASSWORD: "_admin_password_" MARIADB_ROOT_PASSWORD: "_admin_password_" ## Ofelia Job Runner (recommended) ## see https://github.com/mcuadros/ofelia ofelia: restart: always image: mcuadros/ofelia:latest container_name: ofelia volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - "./jobs.ini:/etc/ofelia/config.ini" ## Watchtower upgrades services automatically (optional) ## see https://docs.photoprism.app/getting-started/updates/#watchtower watchtower: restart: always image: containrrr/watchtower container_name: watchtower environment: WATCHTOWER_CLEANUP: "true" WATCHTOWER_POLL_INTERVAL: 86400 # checks for updates every day volumes: - "/var/run/docker.sock:/var/run/docker.sock"