summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--makefu/0tests/data/secrets/photoprism.nix4
-rw-r--r--makefu/2configs/home/photoprism.nix146
2 files changed, 150 insertions, 0 deletions
diff --git a/makefu/0tests/data/secrets/photoprism.nix b/makefu/0tests/data/secrets/photoprism.nix
new file mode 100644
index 000000000..17811ec5f
--- /dev/null
+++ b/makefu/0tests/data/secrets/photoprism.nix
@@ -0,0 +1,4 @@
+{
+ db.username = "photoprism";
+ db.password = "photoprism";
+}
diff --git a/makefu/2configs/home/photoprism.nix b/makefu/2configs/home/photoprism.nix
new file mode 100644
index 000000000..aaccd7350
--- /dev/null
+++ b/makefu/2configs/home/photoprism.nix
@@ -0,0 +1,146 @@
+{ pkgs, lib, ...}:
+# Start | docker-compose up -d
+# Stop | docker-compose stop
+# Update | docker-compose pull
+# Logs | docker-compose logs --tail=25 -f
+# Terminal | docker-compose exec photoprism bash
+# Help | docker-compose exec photoprism photoprism help
+# Config | docker-compose exec photoprism photoprism config
+# Reset | docker-compose exec photoprism photoprism reset
+# Backup | docker-compose exec photoprism photoprism backup -a -i
+# Restore | docker-compose exec photoprism photoprism restore -a -i
+# Index | docker-compose exec photoprism photoprism index
+# Reindex | docker-compose exec photoprism photoprism index -a
+# Import | docker-compose exec photoprism photoprism import
+# -------------------------------------------------------------------
+let
+ port = "2347";
+ photodir = "/media/cryptX/photos";
+ statedir = "/var/lib/photoprism/appsrv";
+ db-dir = "/var/lib/photoprism/mysql";
+ internal-ip = "192.168.1.11";
+ sec = import <secrets/photoprism.nix>;
+in
+{
+ virtualisation.oci-containers.backend = "docker";
+
+ services.nginx.virtualHosts."photos" = {
+ serverAliases = [
+ "photos.lan"
+ "foto" "foto.lan"
+ "fotos" "fotos.lan"
+ ];
+
+ locations."/".proxyPass = "http://localhost:${port}";
+ locations."/".proxyWebsockets = true;
+ extraConfig = ''
+ if ( $server_addr != "${internal-ip}" ) {
+ return 403;
+ }
+ '';
+ };
+
+ systemd.services.workadventure-network = {
+ enable = true;
+ wantedBy = [ "multi-user.target" ];
+ script = ''
+ ${pkgs.docker}/bin/docker network create --driver bridge photoprism ||:
+ '';
+ after = [ "docker" ];
+ before = [
+ "docker-photoprism.service"
+ "docker-mysql-photoprism.service"
+ ];
+ };
+
+
+ virtualisation.oci-containers.containers.photoprism = {
+ image = "photoprism/photoprism:preview";
+ ports = ["${port}:${port}" ];
+ volumes = [
+ "${photodir}:/photoprism/originals"
+ "${statedir}:/photoprism/storage"
+ ];
+ extraOptions = [
+ "--security-opt" "seccomp=unconfined"
+ "--security-opt" "apparmor=unconfined"
+ "--network=photoprism"
+ ];
+ environment = {
+ PHOTOPRISM_HTTP_PORT = port; # Built-in Web server port
+ PHOTOPRISM_HTTP_COMPRESSION = "gzip"; # Improves transfer speed and bandwidth utilization (none or gzip)
+ PHOTOPRISM_DEBUG = "false"; # Run in debug mode (shows additional log messages)
+ PHOTOPRISM_PUBLIC = "true"; # No authentication required (disables password protection)
+ PHOTOPRISM_READONLY = "false"; # Don't modify originals directory (reduced functionality)
+ PHOTOPRISM_EXPERIMENTAL = "true"; # Enables experimental features
+ PHOTOPRISM_DISABLE_WEBDAV = "false"; # Disables built-in WebDAV server
+ PHOTOPRISM_DISABLE_SETTINGS = "false"; # Disables Settings in Web UI
+ PHOTOPRISM_DISABLE_TENSORFLOW = "false"; # Disables using TensorFlow for image classification
+ PHOTOPRISM_DARKTABLE_PRESETS = "false"; # Enables Darktable presets and disables concurrent RAW conversion
+ PHOTOPRISM_DETECT_NSFW = "false"; # Flag photos as private that MAY be offensive (requires TensorFlow)
+ PHOTOPRISM_UPLOAD_NSFW = "true"; # Allow uploads that MAY be offensive
+
+ #PHOTOPRISM_DATABASE_DRIVER = "postgres";
+ #PHOTOPRISM_DATABASE_SERVER = "postgres-prism:5432";
+ #PHOTOPRISM_DATABASE_NAME = "photoprism";
+ #PHOTOPRISM_DATABASE_USER = "photoprism";
+ #PHOTOPRISM_DATABASE_PASSWORD = "photoprism";
+
+ PHOTOPRISM_DATABASE_DRIVER= "mysql"; # Use MariaDB (or MySQL) instead of SQLite for improved performance
+ PHOTOPRISM_DATABASE_SERVER= "mysql-photoprism:3306" ; # MariaDB database server (hostname:port)
+ PHOTOPRISM_DATABASE_NAME= "photoprism"; # MariaDB database schema name
+ PHOTOPRISM_DATABASE_USER= sec.db.username; # MariaDB database user name
+ PHOTOPRISM_DATABASE_PASSWORD= sec.db.password; # MariaDB database user password
+
+ PHOTOPRISM_SITE_URL = "http://localhost:2342/"; # Public PhotoPrism URL
+ PHOTOPRISM_SITE_TITLE = "PhotoPrism";
+ PHOTOPRISM_SITE_CAPTION = "FeMi Fotos";
+ PHOTOPRISM_SITE_DESCRIPTION = "Unsere Fotos";
+ PHOTOPRISM_SITE_AUTHOR = "FeMi";
+
+ };
+ };
+
+ virtualisation.oci-containers.containers.mysql-photoprism = {
+ image = "mariadb:10.5";
+ extraOptions = [
+ "--security-opt" "seccomp=unconfined"
+ "--security-opt" "apparmor=unconfined"
+ "--network=photoprism"
+ ];
+ ports = [ "3306:3306" ]; # no need to expose the database
+ #cmd = [ "mysqld"
+ # "--transaction-isolation=READ-COMMITTED"
+ # "--character-set-server=utf8mb4"
+ # "--collation-server=utf8mb4_unicode_ci"
+ # "--max-connections=512"
+ # "--innodb-rollback-on-timeout=OFF"
+ # "--innodb-lock-wait-timeout=50"
+ #];
+ volumes= [ "${db-dir}:/var/lib/mysql" ];
+ environment = {
+ MYSQL_ROOT_PASSWORD = "dickidibutt";
+ MYSQL_DATABASE= "photoprism";
+ MYSQL_USER = sec.db.username;
+ MYSQL_PASSWORD = sec.db.password;
+ };
+ };
+ #virtualisation.oci-containers.containers.postgres-prism = {
+ # image = "postgres:12-alpine";
+ # ports = [ "5432" ]; # no need to expose the database
+ # environment = {
+ # POSTGRES_DB = "photoprism";
+ # POSTGRES_USER = "photoprism";
+ # POSTGRES_PASSWORD = "photoprism";
+ # };
+ #};
+
+ systemd.services.photoprism.serviceConfig = {
+ StandardOutput = lib.mkForce "journal";
+ StandardError = lib.mkForce "journal";
+ };
+ systemd.services.mysql-photoprism.serviceConfig = {
+ StandardOutput = lib.mkForce "journal";
+ StandardError = lib.mkForce "journal";
+ };
+}