64 lines
No EOL
1.7 KiB
YAML
64 lines
No EOL
1.7 KiB
YAML
# USING LET'S ENCRYPT HTTPS
|
|
# -------------------------------------------------------------------------
|
|
#
|
|
# If your server has a public domain name, please disable the self-signed
|
|
# certificate and enable domain based routing in docker-compose.yml and
|
|
# traefik.yaml (see inline instructions in !! UPPERCASE !!)
|
|
#
|
|
# ssh root@<YOUR SERVER IP>
|
|
# cd /opt/photoprism
|
|
# nano docker-compose.yml
|
|
# nano traefik.yaml
|
|
# docker-compose stop
|
|
# docker-compose up -d
|
|
#
|
|
# You should now be able to access your instance without security warnings.
|
|
# -------------------------------------------------------------------------
|
|
|
|
# Uncomment to enable debug mode:
|
|
# log:
|
|
# level: DEBUG
|
|
|
|
serversTransport:
|
|
# Required to proxy services with self-signed HTTPS certificates:
|
|
insecureSkipVerify: true
|
|
# !! REMOVE when using Let's Encrypt HTTPS !!
|
|
rootCAs:
|
|
- "/certs/ca.crt"
|
|
|
|
# Open ports ond protocols (HTTP will be redirected to HTTPS)
|
|
entryPoints:
|
|
web:
|
|
address: ":80"
|
|
http:
|
|
redirections:
|
|
entryPoint:
|
|
to: websecure
|
|
scheme: https
|
|
websecure:
|
|
address: ":443"
|
|
|
|
certificatesResolvers:
|
|
myresolver:
|
|
# See https://doc.traefik.io/traefik/https/acme/
|
|
acme:
|
|
# !! REPLACE "info@yourdomain.com" with your actual email address for Let's Encrypt HTTPS !!
|
|
email: info@yourdomain.com
|
|
storage: /data/letsencrypt.json
|
|
httpChallenge:
|
|
entryPoint: web
|
|
|
|
providers:
|
|
# !! REMOVE file provider when using Let's Encrypt HTTPS !!
|
|
file:
|
|
filename: "/certs/config.yml"
|
|
watch: true
|
|
# Always keep this:
|
|
docker:
|
|
exposedByDefault: false
|
|
watch: true
|
|
|
|
# Disable API & Dashboard by default, please read Traefik docs before enabling this:
|
|
api:
|
|
insecure: false
|
|
dashboard: false |