version: '3.5' # PhotoPrism for Cloud Servers running Ubuntu 20.04 LTS (Focal Fossa) # =================================================================== # # Run this script as root to install PhotoPrism on a cloud server e.g. at DigitalOcean: # # bash <(curl -s https://dl.photoprism.org/docker/cloud/setup.sh) # # This may take a while to complete, depending on the performance of your # server and its internet connection. # # When done - and you see no errors - please open # # https:/// # # in a Web browser and log in using the initial admin password shown # by the script. You may also see the initial password by running # # cat /root/.initial-password.txt # # as root on your server. To open a terminal: # # ssh root@ # # Data and all config files related to PhotoPrism can be found in # # /opt/photoprism # # The main docker-compose config file for changing config options is # # /opt/photoprism/docker-compose.yml # # The server is running as "photoprism" (UID 1000) by default. There's no need # to change defaults unless you experience conflicts with other services running # on the same server. For example, you may need to disable the Traefik reverse # proxy as the ports 80 and 443 can only be used by a single web server / proxy. # # Configuring multiple apps on the same server is beyond the scope of this base # config and for advanced users only. # # This config includes Ophelia, a docker job scheduler: # # https://github.com/mcuadros/ofelia # # See jobs.ini for details. # # SYSTEM REQUIREMENTS # -------------------------------------------------------------------------- # # We recommend hosting PhotoPrism on a server with at least 2 cores and # 4 GB of memory. Beyond these minimum requirements, the amount of RAM # should match the number of cores. Indexing large photo and video # collections significantly benefits from fast, local SSD storage. # # RAW file conversion and automatic image classification using TensorFlow # will be disabled on servers with less than 2 GB of physical memory. # # DOCKER COMPOSE COMMAND REFERENCE # -------------------------------------------------------------------------- # Start | docker-compose up -d # Stop | docker-compose stop # Update | docker-compose pull # Logs | docker-compose logs --tail=25 -f # Terminal | docker-compose exec photoprism bash # Help | docker-compose exec photoprism photoprism help # Config | docker-compose exec photoprism photoprism config # Reset | docker-compose exec photoprism photoprism reset # Backup | docker-compose exec photoprism photoprism backup -a -i # Restore | docker-compose exec photoprism photoprism restore -a -i # Index | docker-compose exec photoprism photoprism index # Reindex | docker-compose exec photoprism photoprism index -f # Import | docker-compose exec photoprism photoprism import # # See https://docs.photoprism.org/getting-started/docker-compose/#command-line-interface for more examples. # # To search originals for faces without a complete rescan: # docker-compose exec photoprism photoprism faces index # # USING LET'S ENCRYPT HTTPS # -------------------------------------------------------------------------- # # If your server has a public domain name, please disable the self-signed # certificate and enable domain based routing in docker-compose.yml and # traefik.yaml (see inline instructions in !! UPPERCASE !!): # # ssh root@ # cd /opt/photoprism # nano docker-compose.yml # nano traefik.yaml # docker-compose stop # docker-compose up -d # # You should now be able to access your instance without security warnings. services: # REQUIRED: PhotoPrism Application Server photoprism: restart: always # Use photoprism/photoprism:preview for testing preview builds: image: photoprism/photoprism:latest container_name: photoprism depends_on: - mariadb security_opt: - seccomp:unconfined - apparmor:unconfined # Run as a specific, non-root user (see https://docs.docker.com/engine/reference/run/#user): user: "1000:1000" # Don't expose port when running behind Traefik reverse proxy! # ports: # - "2342:2342" # [server]:[container] labels: - "traefik.enable=true" - "traefik.http.services.photoprism.loadbalancer.server.port=2342" - "traefik.http.routers.photoprism.tls=true" - "traefik.http.routers.photoprism.entrypoints=websecure" # !! REMOVE default route if your server has a public domain name !! - "traefik.http.routers.photoprism.rule=PathPrefix(`/`)" # !! UNCOMMENT and CHANGE to set the public domain name !! # - "traefik.http.routers.photoprism.rule=Host(`photos.yourdomain.com`)" # !! UNCOMMENT to enable Let's Encrypt HTTPS !! # - "traefik.http.routers.photoprism.tls.certresolver=myresolver" # !! REMOVE both for Let's Encrypt HTTPS with default HTTP challenge (DNS challenge supports wildcards) !! - "traefik.http.routers.photoprism.tls.domains[0].main=example.com" - "traefik.http.routers.photoprism.tls.domains[0].sans=*.example.com" environment: # !! CHANGE site url if your server has a public domain name e.g. "https://photos.yourdomain.com/" !! PHOTOPRISM_SITE_URL: "https://_public_ip_/" PHOTOPRISM_SITE_TITLE: "PhotoPrism" PHOTOPRISM_SITE_CAPTION: "Browse Your Life" PHOTOPRISM_SITE_DESCRIPTION: "" PHOTOPRISM_SITE_AUTHOR: "" PHOTOPRISM_ADMIN_PASSWORD: "_admin_password_" # PLEASE CHANGE: Your initial admin password (min 4 characters) PHOTOPRISM_ORIGINALS_LIMIT: 5000 # File size limit for originals in MB (increase for high-res video) PHOTOPRISM_HTTP_COMPRESSION: "gzip" # Improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_DEBUG: "false" # Run in debug mode (shows additional log messages) PHOTOPRISM_PUBLIC: "false" # No authentication required (disables password protection) PHOTOPRISM_READONLY: "false" # Don't modify originals directory (reduced functionality) PHOTOPRISM_EXPERIMENTAL: "false" # Enables experimental features PHOTOPRISM_DISABLE_CHOWN: "false" # Disables storage permission updates on startup PHOTOPRISM_DISABLE_WEBDAV: "false" # Disables built-in WebDAV server PHOTOPRISM_DISABLE_SETTINGS: "false" # Disables Settings in Web UI PHOTOPRISM_DISABLE_TENSORFLOW: "false" # Disables all features depending on TensorFlow PHOTOPRISM_DISABLE_FACES: "false" # Disables facial recognition PHOTOPRISM_DISABLE_CLASSIFICATION: "false" # Disables image classification PHOTOPRISM_DARKTABLE_PRESETS: "false" # Enables Darktable presets and disables concurrent RAW conversion PHOTOPRISM_DETECT_NSFW: "false" # Flag photos as private that MAY be offensive (requires TensorFlow) PHOTOPRISM_UPLOAD_NSFW: "true" # Allow uploads that MAY be offensive PHOTOPRISM_DATABASE_DRIVER: "mysql" # Use MariaDB 10.5+ or MySQL 8+ instead of SQLite for improved performance PHOTOPRISM_DATABASE_SERVER: "mariadb:3306" # MariaDB or MySQL database server (hostname:port) PHOTOPRISM_DATABASE_NAME: "photoprism" # MariaDB or MySQL database schema name PHOTOPRISM_DATABASE_USER: "photoprism" # MariaDB or MySQL database user name PHOTOPRISM_DATABASE_PASSWORD: "_admin_password_" # MariaDB or MySQL database user password PHOTOPRISM_INIT: "tensorflow-amd64-avx2" HOME: "/photoprism" working_dir: "/photoprism" volumes: # The *originals* folder contains your original photo and video files (- "[host folder]:/photoprism/originals"): - "./originals:/photoprism/originals" # You may mount an *import* folder from which files can be transferred to *originals* (optional): - "./import:/photoprism/import" # Cache, session, thumbnail, and sidecar files will be created in the *storage* folder (never remove): - "./storage:/photoprism/storage" - "./backup:/var/lib/photoprism" # REQUIRED: Traefik Reverse Proxy, see https://docs.photoprism.org/getting-started/proxies/traefik/ traefik: restart: always image: traefik:v2.4 container_name: traefik ports: - "80:80" - "443:443" expose: - "80" - "443" volumes: - "/var/run/docker.sock:/var/run/docker.sock" - "./traefik/:/data/" - "./traefik.yaml:/etc/traefik/traefik.yaml" - "./certs/:/certs/" # RECOMMENDED: MariaDB Server, see https://docs.photoprism.org/getting-started/faq/#should-i-use-sqlite-mariadb-or-mysql mariadb: restart: always image: mariadb:10.6 container_name: mariadb security_opt: - seccomp:unconfined - apparmor:unconfined command: mysqld --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120 volumes: - "./database:/var/lib/mysql" # Never remove environment: MYSQL_ROOT_PASSWORD: "_admin_password_" MYSQL_DATABASE: "photoprism" MYSQL_USER: "photoprism" MYSQL_PASSWORD: "_admin_password_" # RECOMMENDED: Ofelia Job Runner, see https://github.com/mcuadros/ofelia ofelia: restart: always image: mcuadros/ofelia:latest container_name: ofelia volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - "./jobs.ini:/etc/ofelia/config.ini" # OPTIONAL: Upgrades services automatically, see https://docs.photoprism.org/getting-started/updates/#watchtower watchtower: restart: always image: containrrr/watchtower container_name: watchtower environment: WATCHTOWER_CLEANUP: "true" WATCHTOWER_POLL_INTERVAL: 86400 # Checks for updates every day volumes: - "/var/run/docker.sock:/var/run/docker.sock"