147 lines
5.7 KiB
Nix
147 lines
5.7 KiB
Nix
{ pkgs, lib, ...}:
|
|
# Start | docker-compose up -d
|
|
# Stop | docker-compose stop
|
|
# Update | docker-compose pull
|
|
# Logs | docker-compose logs --tail=25 -f
|
|
# Terminal | docker-compose exec photoprism bash
|
|
# Help | docker-compose exec photoprism photoprism help
|
|
# Config | docker-compose exec photoprism photoprism config
|
|
# Reset | docker-compose exec photoprism photoprism reset
|
|
# Backup | docker-compose exec photoprism photoprism backup -a -i
|
|
# Restore | docker-compose exec photoprism photoprism restore -a -i
|
|
# Index | docker-compose exec photoprism photoprism index
|
|
# Reindex | docker-compose exec photoprism photoprism index -a
|
|
# Import | docker-compose exec photoprism photoprism import
|
|
# -------------------------------------------------------------------
|
|
let
|
|
port = "2347";
|
|
photodir = "/media/cryptX/photos";
|
|
statedir = "/var/lib/photoprism/appsrv";
|
|
db-dir = "/var/lib/photoprism/mysql";
|
|
internal-ip = "192.168.1.11";
|
|
sec = import <secrets/photoprism.nix>;
|
|
in
|
|
{
|
|
virtualisation.oci-containers.backend = "docker";
|
|
|
|
services.nginx.virtualHosts."photos" = {
|
|
serverAliases = [
|
|
"photos.lan"
|
|
"foto" "foto.lan"
|
|
"fotos" "fotos.lan"
|
|
];
|
|
|
|
locations."/".proxyPass = "http://localhost:${port}";
|
|
locations."/".proxyWebsockets = true;
|
|
extraConfig = ''
|
|
if ( $server_addr != "${internal-ip}" ) {
|
|
return 403;
|
|
}
|
|
'';
|
|
};
|
|
|
|
systemd.services.workadventure-network = {
|
|
enable = true;
|
|
wantedBy = [ "multi-user.target" ];
|
|
script = ''
|
|
${pkgs.docker}/bin/docker network create --driver bridge photoprism ||:
|
|
'';
|
|
after = [ "docker" ];
|
|
before = [
|
|
"docker-photoprism.service"
|
|
"docker-mysql-photoprism.service"
|
|
];
|
|
};
|
|
|
|
|
|
virtualisation.oci-containers.containers.photoprism = {
|
|
image = "photoprism/photoprism:preview";
|
|
ports = ["${port}:${port}" ];
|
|
volumes = [
|
|
"${photodir}:/photoprism/originals"
|
|
"${statedir}:/photoprism/storage"
|
|
];
|
|
extraOptions = [
|
|
"--security-opt" "seccomp=unconfined"
|
|
"--security-opt" "apparmor=unconfined"
|
|
"--network=photoprism"
|
|
];
|
|
environment = {
|
|
PHOTOPRISM_HTTP_PORT = port; # Built-in Web server port
|
|
PHOTOPRISM_HTTP_COMPRESSION = "gzip"; # Improves transfer speed and bandwidth utilization (none or gzip)
|
|
PHOTOPRISM_DEBUG = "false"; # Run in debug mode (shows additional log messages)
|
|
PHOTOPRISM_PUBLIC = "true"; # No authentication required (disables password protection)
|
|
PHOTOPRISM_READONLY = "false"; # Don't modify originals directory (reduced functionality)
|
|
PHOTOPRISM_EXPERIMENTAL = "true"; # Enables experimental features
|
|
PHOTOPRISM_DISABLE_WEBDAV = "false"; # Disables built-in WebDAV server
|
|
PHOTOPRISM_DISABLE_SETTINGS = "false"; # Disables Settings in Web UI
|
|
PHOTOPRISM_DISABLE_TENSORFLOW = "false"; # Disables using TensorFlow for image classification
|
|
PHOTOPRISM_DARKTABLE_PRESETS = "false"; # Enables Darktable presets and disables concurrent RAW conversion
|
|
PHOTOPRISM_DETECT_NSFW = "false"; # Flag photos as private that MAY be offensive (requires TensorFlow)
|
|
PHOTOPRISM_UPLOAD_NSFW = "true"; # Allow uploads that MAY be offensive
|
|
|
|
#PHOTOPRISM_DATABASE_DRIVER = "postgres";
|
|
#PHOTOPRISM_DATABASE_SERVER = "postgres-prism:5432";
|
|
#PHOTOPRISM_DATABASE_NAME = "photoprism";
|
|
#PHOTOPRISM_DATABASE_USER = "photoprism";
|
|
#PHOTOPRISM_DATABASE_PASSWORD = "photoprism";
|
|
|
|
PHOTOPRISM_DATABASE_DRIVER= "mysql"; # Use MariaDB (or MySQL) instead of SQLite for improved performance
|
|
PHOTOPRISM_DATABASE_SERVER= "mysql-photoprism:3306" ; # MariaDB database server (hostname:port)
|
|
PHOTOPRISM_DATABASE_NAME= "photoprism"; # MariaDB database schema name
|
|
PHOTOPRISM_DATABASE_USER= sec.db.username; # MariaDB database user name
|
|
PHOTOPRISM_DATABASE_PASSWORD= sec.db.password; # MariaDB database user password
|
|
|
|
PHOTOPRISM_SITE_URL = "http://localhost:2342/"; # Public PhotoPrism URL
|
|
PHOTOPRISM_SITE_TITLE = "PhotoPrism";
|
|
PHOTOPRISM_SITE_CAPTION = "FeMi Fotos";
|
|
PHOTOPRISM_SITE_DESCRIPTION = "Unsere Fotos";
|
|
PHOTOPRISM_SITE_AUTHOR = "FeMi";
|
|
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.mysql-photoprism = {
|
|
image = "mariadb:10.5";
|
|
extraOptions = [
|
|
"--security-opt" "seccomp=unconfined"
|
|
"--security-opt" "apparmor=unconfined"
|
|
"--network=photoprism"
|
|
];
|
|
ports = [ "3306:3306" ]; # no need to expose the database
|
|
#cmd = [ "mysqld"
|
|
# "--transaction-isolation=READ-COMMITTED"
|
|
# "--character-set-server=utf8mb4"
|
|
# "--collation-server=utf8mb4_unicode_ci"
|
|
# "--max-connections=512"
|
|
# "--innodb-rollback-on-timeout=OFF"
|
|
# "--innodb-lock-wait-timeout=50"
|
|
#];
|
|
volumes= [ "${db-dir}:/var/lib/mysql" ];
|
|
environment = {
|
|
MYSQL_ROOT_PASSWORD = "dickidibutt";
|
|
MYSQL_DATABASE= "photoprism";
|
|
MYSQL_USER = sec.db.username;
|
|
MYSQL_PASSWORD = sec.db.password;
|
|
};
|
|
};
|
|
#virtualisation.oci-containers.containers.postgres-prism = {
|
|
# image = "postgres:12-alpine";
|
|
# ports = [ "5432" ]; # no need to expose the database
|
|
# environment = {
|
|
# POSTGRES_DB = "photoprism";
|
|
# POSTGRES_USER = "photoprism";
|
|
# POSTGRES_PASSWORD = "photoprism";
|
|
# };
|
|
#};
|
|
|
|
systemd.services.photoprism.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
systemd.services.mysql-photoprism.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
}
|