Fixes and Enhancements (#16)

* Add more instructions after successfully creating a new subdomain.

* Update the container name.

* Add a just-in-case step.

* Add an alias and improve comments.

* Fix manage path.

* Add limits but no reservations for PP. Start off somewhat relaxed rather than strict.

* Always restart PP containers.

* Move URL to env file. Do not recommend using HTTPS in the value.

* Format comments.

* Put commands in shells so they cannot exit the full program.

* Updating apps like this did not seem to be working, but also do not want it to work anymore.
This commit is contained in:
Hyperling 2023-10-17 04:35:57 -07:00 committed by GitHub
parent eb79978adf
commit f45cc326fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 47 additions and 10 deletions

View File

@ -12,10 +12,11 @@ if (( $RUNNING > 0 )); then
fi
# 2023-08-25 From crontab.
docker exec -u www-data nc-app php cron.php --define apc.enable_cli=1
sh -c "docker exec -u www-data nc-app php cron.php --define apc.enable_cli=1"
# 2023-08-25 From fixes.sh, keep ownership correct and apps up to date.
docker exec -it nc-app chown -Rc www-data:www-data .
docker exec -itu www-data nc-app ./occ app:update --all
sh -c "docker exec -it nc-app chown -Rc www-data:www-data ."
# No longer update apps in advance of NC updates, allow the upgrade process to do it.
#sh -c "docker exec -itu www-data nc-app ./occ app:update --all"
exit 0

View File

@ -28,7 +28,6 @@
#
# CLI Commands:
# - https://docs.photoprism.app/getting-started/docker-compose/#command-line-interface
#
##
##
@ -45,7 +44,8 @@ services:
## Don't enable automatic restarts until PhotoPrism has been properly configured and tested!
## If the service gets stuck in a restart loop, this points to a memory, filesystem, network, or database issue:
## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors
# restart: unless-stopped
#restart: unless-stopped
restart: always
stop_grace_period: 10s
depends_on:
- pp-db
@ -58,7 +58,7 @@ services:
PHOTOPRISM_ADMIN_USER: $PHOTOPRISM_ADMIN_USER # admin login username
PHOTOPRISM_ADMIN_PASSWORD: $PHOTOPRISM_ADMIN_PASSWORD # initial admin password (8-72 characters)
PHOTOPRISM_AUTH_MODE: "password" # authentication mode (public, password)
PHOTOPRISM_SITE_URL: "http://localhost:2342/" # server URL in the format "http(s)://domain.name(:port)/(path)"
PHOTOPRISM_SITE_URL: $PHOTOPRISM_SITE_URL # server URL in the format "http(s)://domain.name(:port)/(path)"
PHOTOPRISM_DISABLE_TLS: "false" # disables HTTPS/TLS even if the site URL starts with https:// and a certificate is available
PHOTOPRISM_DEFAULT_TLS: "true" # defaults to a self-signed HTTPS/TLS certificate if no other certificate is available
PHOTOPRISM_ORIGINALS_LIMIT: $PHOTOPRISM_ORIGINALS_LIMIT # file size limit for originals in MB (increase for high-res video)
@ -119,6 +119,12 @@ services:
# *Optional* base folder from which files can be imported to originals
# Importing reorganizes files+folders, would rather they remain intact.
#- "../../Volumes/PhotoPrism/imports_go_here:/photoprism/import"
deploy:
mode: global
resources:
limits:
cpus: '2.00'
memory: 2G
## Database Server (recommended)
## see https://docs.photoprism.app/getting-started/faq/#should-i-use-sqlite-mariadb-or-mysql
@ -127,7 +133,8 @@ services:
image: mariadb:10.11
## If MariaDB gets stuck in a restart loop, this points to a memory or filesystem issue:
## https://docs.photoprism.app/getting-started/troubleshooting/#fatal-server-errors
restart: unless-stopped
#restart: unless-stopped
restart: always
stop_grace_period: 5s
security_opt: # see https://github.com/MariaDB/mariadb-docker/issues/434#issuecomment-1136151239
- seccomp:unconfined
@ -143,6 +150,12 @@ services:
MARIADB_USER: $MARIADB_USER
MARIADB_PASSWORD: $MARIADB_PASSWORD
MARIADB_ROOT_PASSWORD: $MARIADB_ROOT_PASSWORD
deploy:
mode: global
resources:
limits:
cpus: '0.50'
memory: 512M
# Configured but not using this, would prefer to update manually, and the
# volume needs also seem sort of odd. Do not want it to harm other projects.

View File

@ -7,6 +7,12 @@
PHOTOPRISM_ADMIN_USER = "admin" # admin login username
PHOTOPRISM_ADMIN_PASSWORD = "PleaseChangeMe" # initial admin password (8-72 characters)
# External FQDN
# Should be in the format "http(s)://domain.name(:port)/(path)".
# Seems to work best if you leave off the s if behind a revese proxy,
# such as: PHOTOPRISM_SITE_URL = "http://photoprism.example.com"
PHOTOPRISM_SITE_URL = "http://localhost:2342"
# Max Storage Space?
PHOTOPRISM_ORIGINALS_LIMIT = 5000 # file size limit for originals in MB (increase for high-res video)

View File

@ -72,3 +72,12 @@ If wanted as a one-line command:
```
# docker compose down && docker compose build && docker compose up -d
```
## Add New Config
1. Modify your `./config/hosts/domain` file and add the resource.
1. Create the `./config/conf.d/fqdn` file as needed, using the resource.
1. (Optional) If the system needs a cert added, run the placeholder script.
1. Restart the project based on Update Config above.
1. (Optional) Now you may run the letsencrypt script for a real certificate.
1. (Optional) Run another Update Config to make sure the certs are loaded.
1. Done! If set up correctly the site should be live.

View File

@ -21,7 +21,7 @@ if [[ ! -d $CERT_DIR ]]; then
fi
# The container needs to be running in order to use the certbot command.
certbot_running=`docker ps | grep -c reverseproxy-certbot-1`
certbot_running=`docker ps | grep -c rp-certbot`
if [[ $certbot_running != 1 ]]; then
echo "ERROR: Certbot container does not appear to be running, cannot continue." >&2
exit 1
@ -85,12 +85,12 @@ grep -l proxy_pass $DIR/config/conf.d/*.* | while read file; do
echo "Domains='$domains'"
echo "Attempting to create certs at $CERT_DIR/$filename."
docker exec reverseproxy-certbot-1 \
docker exec rp-certbot \
certbot certonly -n --webroot $dry_run \
-w /etc/letsencrypt --agree-tos -m $email -d $filename
if [[ -z $dry_run ]]; then
docker exec reverseproxy-certbot-1 \
docker exec rp-certbot \
sh -c "cp -rL /etc/letsencrypt/live/$filename /etc/letsencrypt/nginx/"
ls -lh $CERT_DIR/$filename/*
fi

View File

@ -12,12 +12,20 @@ if [[ "$DIR" == '.'* ]]; then
cd "$RETURN"
fi
## Variables ##
DOCKER_HOME="$DIR"
DOCKER_PATH="$DOCKER_HOME/bin"
PATH="$DOCKER_PATH:$PATH"
export DOCKER_HOME DOCKER_PATH PATH
## Aliases ##
alias manage="$DOCKER_HOME/bin/manage.sh"
## Validations ##
if [[ -e $DOCKER_HOME/$PROG ]]; then
echo "'$DOCKER_HOME/$PROG' has been loaded successfully."
else