version: '3.5' # Example Docker Compose config file for PhotoPrism Pro (Microsoft Windows / AMD64) # # Running PhotoPrism Pro on a server with less than 4 GB of swap space or setting a memory/swap limit can cause # unexpected restarts ("crashes"), for example, when the indexer temporarily needs more memory to process large files. # # Quickstart Guide: https://www.photoprism.app/pro/kb/quickstart # Knowledge Base: https://www.photoprism.app/pro/kb # Docker Image: prsm.app/photoprism/photoprism-pro # # DOCKER COMPOSE COMMAND REFERENCE # -------------------------------------------------------------------------- # Start | docker compose up -d # Stop | docker compose stop # Update | docker compose pull # Logs | docker compose logs --tail=25 -f # Terminal | docker compose exec photoprism bash # Help | docker compose exec photoprism photoprism-pro help # Config | docker compose exec photoprism photoprism-pro config # Reset | docker compose exec photoprism photoprism-pro reset # Backup | docker compose exec photoprism photoprism-pro backup -a -i # Restore | docker compose exec photoprism photoprism-pro restore -a -i # Index | docker-compose exec photoprism photoprism-pro index # Reindex | docker-compose exec photoprism photoprism-pro index -f # Import | docker-compose exec photoprism photoprism-pro import # # To search originals for faces without a complete rescan: # docker-compose exec photoprism photoprism-pro faces index services: photoprism: ## Available images are "preview" (unstable) and "latest" (stable), ## you can also specify a specific version, e.g. "1" or "1.2301.19" image: prsm.app/photoprism/photoprism-pro:latest ## Don't enable automatic restarts until PhotoPrism has been properly configured and tested! ## If the service gets stuck in a restart loop, this points to a memory, filesystem, network, or database issue: ## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors # restart: unless-stopped stop_grace_period: 10s depends_on: - mariadb security_opt: - seccomp:unconfined - apparmor:unconfined ## Server port mapping in the format "Host:Container". To use a different port, change the host port on ## the left-hand side and keep the container port, e.g. "80:2342" (for HTTP) or "443:2342 (for HTTPS): ports: - "2342:2342" ## Before you start the service, please check the following config options (and change them as needed): ## https://www.photoprism.app/pro/kb/config-options environment: ## Access Management PHOTOPRISM_ADMIN_USER: "admin" # admin login username PHOTOPRISM_ADMIN_PASSWORD: "insecure" # initial admin password (8-72 characters) PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password) PHOTOPRISM_REGISTER_URI: "" # optional user registration URL PHOTOPRISM_PASSWORD_RESET_URI: "" # optional password reset URL ## LDAP / AD Authentication (remove or leave blank to disable) # PHOTOPRISM_LDAP_URI: "ldaps://example.com:636" # LDAP directory server URI e.g. ldaps://example.com:636 for LDAP over SSL PHOTOPRISM_LDAP_INSECURE: "true" # skip SSL certificate verification when using LDAPS PHOTOPRISM_LDAP_BIND: "simple" # LDAP authentication TYPE (simple, none) PHOTOPRISM_LDAP_BIND_DN: "cn" # LDAP username attribute DN PHOTOPRISM_LDAP_BASE_DN: "dc=localssl,dc=dev" # LDAP directory base DN PHOTOPRISM_LDAP_SYNC: "true" # update email and role from LDAP every time a user logs in PHOTOPRISM_LDAP_ROLE: "user" # LDAP user default ROLE (admin, user, viewer, contributor, guest) PHOTOPRISM_LDAP_ROLE_DN: "photoprismRole" # custom LDAP attribute DN for specifying the user role PHOTOPRISM_LDAP_NOLOGIN: "false" # disable login on the Web UI for new LDAP users PHOTOPRISM_LDAP_NOLOGIN_DN: "photoprismNoLogin" # custom LDAP attribute 'DN' to disable login on the Web UI PHOTOPRISM_LDAP_WEBDAV: "false" # allow new LDAP users to use WebDAV PHOTOPRISM_LDAP_WEBDAV_DN: "photoprismWebdav" # custom LDAP attribute DN for WebDAV access ## Site Information PHOTOPRISM_SITE_URL: "https://privatecloud.photos:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)" PHOTOPRISM_SITE_CAPTION: "Digital Asset Management" PHOTOPRISM_SITE_DESCRIPTION: "" PHOTOPRISM_SITE_AUTHOR: "" PHOTOPRISM_LEGAL_INFO: "" # legal INFORMATION, displayed in the page footer PHOTOPRISM_LEGAL_URL: "" # legal information URL ## Photos & Videos PHOTOPRISM_JPEG_QUALITY: 85 # image quality, a higher value reduces compression (25-100) PHOTOPRISM_ORIGINALS_LIMIT: 5000 # file size limit for originals in MB (increase for high-res video) ## Feature Flags PHOTOPRISM_DEBUG: "false" # run in debug mode, shows additional log messages PHOTOPRISM_READONLY: "false" # do not modify originals folder; disables import, upload, and delete PHOTOPRISM_EXPERIMENTAL: "false" # enables experimental features PHOTOPRISM_DISABLE_CHOWN: "false" # disables storage permission updates on startup PHOTOPRISM_DISABLE_WEBDAV: "false" # disables built-in WebDAV server PHOTOPRISM_DISABLE_SETTINGS: "false" # disables settings UI and API PHOTOPRISM_DISABLE_TENSORFLOW: "false" # disables all features depending on TensorFlow PHOTOPRISM_DISABLE_FACES: "false" # disables facial recognition PHOTOPRISM_DISABLE_CLASSIFICATION: "false" # disables image classification PHOTOPRISM_DISABLE_VECTORS: "false" # disables vector graphics support PHOTOPRISM_DISABLE_RAW: "false" # disables indexing and conversion of RAW images PHOTOPRISM_RAW_PRESETS: "false" # enables applying user presets when converting RAW images (reduces performance) PHOTOPRISM_DETECT_NSFW: "false" # flag photos as private that MAY be offensive (requires TensorFlow) PHOTOPRISM_UPLOAD_NSFW: "true" # allows uploads that MAY be offensive PHOTOPRISM_HTTP_COMPRESSION: "gzip" # improves transfer speed and bandwidth utilization (none or gzip) PHOTOPRISM_INIT: "tensorflow" # run/install on first startup (options: update https gpu tensorflow davfs clitools clean) ## Web Security PHOTOPRISM_DISABLE_TLS: "false" # disables HTTPS/TLS even if the site URL starts with https:// and a certificate is available PHOTOPRISM_DEFAULT_TLS: "true" # defaults to a self-signed HTTPS/TLS certificate if no other certificate is available PHOTOPRISM_TLS_CERT: "" # public TLS certificate FILE (not required for privatecloud.photos and photoprism.me domains) PHOTOPRISM_TLS_KEY: "" # private TLS key FILE for the certificate PHOTOPRISM_DISABLE_STS: "true" # disables HTTP Strict-Transport-Security (STS) header PHOTOPRISM_STS_SECONDS: 31536000 # TIME for the browser to remember that the site is to be accessed only via HTTPS (0 to disable) PHOTOPRISM_STS_SUBDOMAINS: "false" # rule applies to all subdomains as well PHOTOPRISM_STS_PRELOAD: "false" # submit to Google's HSTS preload service PHOTOPRISM_REQUEST_LIMIT: 500 # maximum number of concurrent HTTP REQUESTS allowed from a single IP (default: 500) PHOTOPRISM_REQUEST_INTERVAL: "5ms" # average DURATION between HTTP requests from a single IP (0-1000ms) PHOTOPRISM_LOGIN_LIMIT: 10 # maximum number of consecutive failed LOGIN ATTEMPTS from a single IP (default: 10) PHOTOPRISM_LOGIN_INTERVAL: "1m0s" # average DURATION between failed LOGIN attempts from a single IP (0-86400s) ## Database Connection PHOTOPRISM_DATABASE_DRIVER: "mysql" # use MariaDB 10.5+ or MySQL 8+ instead of SQLite for improved performance PHOTOPRISM_DATABASE_SERVER: "mariadb:3306" # MariaDB or MySQL database server hostname (:port is optional) PHOTOPRISM_DATABASE_NAME: "photoprism" # MariaDB or MySQL database schema name PHOTOPRISM_DATABASE_USER: "photoprism" # MariaDB or MySQL database user name PHOTOPRISM_DATABASE_PASSWORD: "insecure" # MariaDB or MySQL database user password working_dir: "/photoprism" # do not change or remove ## Storage Folders: use "/" not "\" as separator, "~" is a shortcut for C:/user/{username}, "." for the current directory volumes: # "C:/user/username/folder:/photoprism/folder" # example - "~/Pictures:/photoprism/originals" # original media files (photos and videos) # - "D:/example/family:/photoprism/originals/family" # *additional* media folders can be mounted like this # - "E:/import:/photoprism/import" # *optional* drive or folder from which files can be imported to originals - "./storage:/photoprism/storage" # *writable* storage folder for cache, database, and sidecar files (never remove) ## Database Server (recommended) ## see https://docs.photoprism.app/getting-started/faq/#should-i-use-sqlite-mariadb-or-mysql mariadb: image: mariadb:11 ## If MariaDB gets stuck in a restart loop, this points to a memory or filesystem issue: ## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors restart: unless-stopped stop_grace_period: 5s security_opt: - seccomp:unconfined - apparmor:unconfined ## --lower-case-table-names=1 stores tables in lowercase and compares names in a case-insensitive manner ## see https://mariadb.com/kb/en/server-system-variables/#lower_case_table_names command: --innodb-buffer-pool-size=2G --lower-case-table-names=1 --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120 volumes: - "database:/var/lib/mysql" # Named volume "database" is defined at the bottom (DO NOT REMOVE) environment: MARIADB_AUTO_UPGRADE: "1" MARIADB_INITDB_SKIP_TZINFO: "1" MARIADB_DATABASE: "photoprism" MARIADB_USER: "photoprism" MARIADB_PASSWORD: "insecure" MARIADB_ROOT_PASSWORD: "insecure" ## Watchtower upgrades services automatically (optional) ## see https://docs.photoprism.app/getting-started/updates/#watchtower # # watchtower: # restart: unless-stopped # image: containrrr/watchtower # environment: # WATCHTOWER_CLEANUP: "true" # WATCHTOWER_POLL_INTERVAL: 7200 # checks for updates every two hours # volumes: # - "/var/run/docker.sock:/var/run/docker.sock" # - "~/.docker/config.json:/config.json" # optional, for authentication if you have a Docker Hub account ## Create named volumes, advanced users may remove this if they mount a regular host folder ## for the database or use SQLite instead (never remove otherwise) volumes: database: driver: local