init

2024-08-24 19:58:13 -07:00 · 2024-08-24 19:58:13 -07:00 · e6360267d5
commit e6360267d5
5 changed files with 187 additions and 0 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -0,0 +1,38 @@
+---
+kind: pipeline
+name: deploy to swarm-test.autonomic.zone
+steps:
+  - name: deployment
+    image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
+    settings:
+      host: swarm-test.autonomic.zone
+      stack: {{ .Name }}
+      generate_secrets: true
+      purge: true
+      deploy_key:
+        from_secret: drone_ssh_swarm_test
+      networks:
+        - proxy
+    environment:
+      DOMAIN: {{ .Name }}.swarm-test.autonomic.zone
+      STACK_NAME: {{ .Name }}
+      LETS_ENCRYPT_ENV: production
+trigger:
+  branch:
+    - main
+---
+kind: pipeline
+name: generate recipe catalogue
+steps:
+  - name: release a new version
+    image: plugins/downstream
+    settings:
+      server: https://build.coopcloud.tech
+      token:
+        from_secret: drone_abra-bot_token
+      fork: true
+      repositories:
+        - coop-cloud/auto-recipes-catalogue-json
+
+trigger:
+  event: tag
--- a/.env.sample
+++ b/.env.sample
@ -0,0 +1,21 @@
+TYPE=photo-prism
+
+DOMAIN=photo-prism.example.com
+
+## Domain aliases
+#EXTRA_DOMAINS=', `www.photo-prism.example.com`'
+
+LETS_ENCRYPT_ENV=production
+
+PHOTOPRISM_SITE_CAPTION="Default Caption"
+PHOTOPRISM_SITE_DESCRIPTION= "Default Description"
+# Meta site author
+PHOTOPRISM_SITE_AUTHOR="Nobody"
+# This is not a good practice so hopefully we get to use a secret fild
+#  in the future rather passing the secret here
+#  see - https://github.com/photoprism/photoprism/issues/1987
+PHOTOPRISM_DATABASE_PASSWORD=
+PHOTOPRISM_ADMIN_PASSWORD=		# initial admin password (8-72 characters)
+
+DB_PASSWORD_VERSION=v1
+DB_ROOT_PASSWORD_VERSION=v1
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.envrc
--- a/README.md
+++ b/README.md
@ -0,0 +1,24 @@
+# photo-prism
+
+> Photo Prism is a self hosted AI powered photo app - https://www.photoprism.app/
+
+<!-- metadata -->
+
+* **Category**: Apps
+* **Status**: 0
+* **Image**: [`photo-prism`](https://hub.docker.com/r/photoprism/photoprism), 4, upstream
+* **Healthcheck**: No
+* **Backups**: No
+* **Email**: No
+* **Tests**: No
+* **SSO**: No
+
+<!-- endmetadata -->
+
+## Quick start
+
+* `abra app new photo-prism --secrets`
+* `abra app config <app-name>`
+* `abra app deploy <app-name>`
+
+For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
--- a/compose.yml
+++ b/compose.yml
@ -0,0 +1,103 @@
+---
+version: "3.8"
+
+services:
+  app:
+    image: photoprism/photoprism:latest
+    depends_on:
+      - db
+    networks:
+      - proxy
+      - internal
+    environment:
+      PHOTOPRISM_ADMIN_USER: "admin"				# admin login username
+      PHOTOPRISM_AUTH_MODE: "password"				# authentication mode (public, password)
+      PHOTOPRISM_SITE_URL: "https://${DOMAIN}"		# server URL in the format "http(s)://domain.name(:port)/(path)"
+      PHOTOPRISM_DISABLE_TLS: "true"				# disables HTTPS/TLS even if the site URL starts with https:// and a certificate is available
+      PHOTOPRISM_DEFAULT_TLS: "true"				# defaults to a self-signed HTTPS/TLS certificate if no other certificate is available
+      PHOTOPRISM_ORIGINALS_LIMIT: 5000				# file size limit for originals in MB (increase for high-res video)
+      PHOTOPRISM_HTTP_COMPRESSION: "gzip"			# improves transfer speed and bandwidth utilization (none or gzip)
+      PHOTOPRISM_LOG_LEVEL: "info"					# log level: trace, debug, info, warning, error, fatal, or panic
+      PHOTOPRISM_READONLY: "false"					# do not modify originals directory (reduced functionality)
+      PHOTOPRISM_EXPERIMENTAL: "false"				# enables experimental features
+      PHOTOPRISM_DISABLE_CHOWN: "false"				# disables updating storage permissions via chmod and chown on startup
+      PHOTOPRISM_DISABLE_WEBDAV: "false"			# disables built-in WebDAV server
+      PHOTOPRISM_DISABLE_SETTINGS: "false"			# disables settings UI and API
+      PHOTOPRISM_DISABLE_TENSORFLOW: "false"		# disables all features depending on TensorFlow
+      PHOTOPRISM_DISABLE_FACES: "false"				# disables face detection and recognition (requires TensorFlow)
+      PHOTOPRISM_DISABLE_CLASSIFICATION: "false"	# disables image classification (requires TensorFlow)
+      PHOTOPRISM_DISABLE_VECTORS: "false"			# disables vector graphics support
+      PHOTOPRISM_DISABLE_RAW: "false"				# disables indexing and conversion of RAW images
+      PHOTOPRISM_RAW_PRESETS: "false"				# enables applying user presets when converting RAW images (reduces performance)
+      PHOTOPRISM_SIDECAR_YAML: "true"				# creates YAML sidecar files to back up picture metadata
+      PHOTOPRISM_BACKUP_ALBUMS: "true"				# creates YAML files to back up album metadata
+      PHOTOPRISM_BACKUP_DATABASE: "true"			# creates regular backups based on the configured schedule
+      PHOTOPRISM_BACKUP_SCHEDULE: "daily"			# backup SCHEDULE in cron format (e.g. "0 12 * * *" for daily at noon) or at a random time (daily, weekly)
+      PHOTOPRISM_INDEX_SCHEDULE: ""					# indexing SCHEDULE in cron format (e.g. "@every 3h" for every 3 hours; "" to disable)
+      PHOTOPRISM_AUTO_INDEX: 300					# delay before automatically indexing files in SECONDS when uploading via WebDAV (-1 to disable)
+      PHOTOPRISM_AUTO_IMPORT: -1					# delay before automatically importing files in SECONDS when uploading via WebDAV (-1 to disable)
+      PHOTOPRISM_DETECT_NSFW: "false"				# automatically flags photos as private that MAY be offensive (requires TensorFlow)
+      PHOTOPRISM_UPLOAD_NSFW: "true"				# allows uploads that MAY be offensive (no effect without TensorFlow)
+      PHOTOPRISM_DATABASE_DRIVER: "mysql"			# MariaDB 10.5.12+ (MySQL successor) offers significantly better performance compared to SQLite
+      PHOTOPRISM_DATABASE_SERVER: "db:3306"			# MariaDB database server (hostname:port)
+      PHOTOPRISM_DATABASE_NAME: "photoprism"		# MariaDB database schema name
+      PHOTOPRISM_DATABASE_USER: "photoprism"		# MariaDB database user name
+    deploy:
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "traefik.enable=true"
+        - "traefik.docker.network=proxy"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=2342"
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
+        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
+        - "coop-cloud.${STACK_NAME}.version=0.1.0+latest"
+        - "caddy=${DOMAIN}"
+        - "caddy.reverse_proxy={{upstreams 2342}}"
+        - "caddy.tls.on_demand="
+    working_dir: "/photoprism"
+    volumes:
+      - photo-originals:/photoprism/originals
+      - photo-storage:/photoprism/storage
+    secrets:
+      - db_password
+  
+  db:
+    image: mariadb:11
+    volumes:
+      - mariadb:/var/lib/mysql
+    command: --innodb-buffer-pool-size=512M --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120
+    environment:
+      MARIADB_AUTO_UPGRADE: "1"
+      MARIADB_INITDB_SKIP_TZINFO: "1"
+      MARIADB_DATABASE: "photoprism"
+      MARIADB_USER: "photoprism"
+      MARIADB_PASSWORD_FILE: /run/secrets/db_password
+      MARIADB_ROOT_PASSWORD_FILE: /run/secrets/db_root_password
+    networks:
+      - internal
+    secrets:
+      - db_root_password
+      - db_password
+
+secrets:
+  db_password:
+    external: true
+    name: ${STACK_NAME}_db_password_${DB_PASSWORD_VERSION}
+  db_root_password:
+    external: true
+    name: ${STACK_NAME}_db_root_password_${DB_ROOT_PASSWORD_VERSION}
+
+volumes:
+  mariadb:
+  photo-originals:
+  photo-storage:
+
+networks:
+  proxy:
+    external: true
+  internal: