From 3c33df81defaac871b2c8572a3c729ab0b1fffa7 Mon Sep 17 00:00:00 2001
From: Michael Mayer <michael@photoprism.app>
Date: Wed, 22 Mar 2023 01:36:55 +0100
Subject: [PATCH] Setup: Update cloud config example

Signed-off-by: Michael Mayer <michael@photoprism.app>
---
 setup/docker/cloud/docker-compose.yml |  3 ++-
 setup/docker/cloud/setup.sh           | 39 ++++++++++++++++-----------
 2 files changed, 26 insertions(+), 16 deletions(-)

diff --git a/setup/docker/cloud/docker-compose.yml b/setup/docker/cloud/docker-compose.yml
index d3c754484..410e75730 100644
--- a/setup/docker/cloud/docker-compose.yml
+++ b/setup/docker/cloud/docker-compose.yml
@@ -139,6 +139,7 @@ services:
       PHOTOPRISM_LOG_LEVEL: "info"                     # log level: trace, debug, info, warning, error, fatal, or panic
       PHOTOPRISM_READONLY: "false"                     # do not modify originals directory (reduced functionality)
       PHOTOPRISM_EXPERIMENTAL: "false"                 # enables experimental features
+      PHOTOPRISM_DISABLE_TLS: "true"                   # disables HTTPS even if a certificate is available
       PHOTOPRISM_DISABLE_CHOWN: "false"                # disables updating storage permissions via chmod and chown on startup
       PHOTOPRISM_DISABLE_WEBDAV: "false"               # disables built-in WebDAV server
       PHOTOPRISM_DISABLE_SETTINGS: "false"             # disables Settings in Web UI
@@ -169,7 +170,7 @@ services:
   ## see https://docs.photoprism.app/getting-started/proxies/traefik/
   traefik:
     restart: always
-    image: traefik:v2.8
+    image: traefik:v2.9
     container_name: traefik
     ports:
       - "80:80"
diff --git a/setup/docker/cloud/setup.sh b/setup/docker/cloud/setup.sh
index ad13de397..5ceb564a7 100755
--- a/setup/docker/cloud/setup.sh
+++ b/setup/docker/cloud/setup.sh
@@ -32,35 +32,40 @@ echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
 echo 'APT::Install-Recommends "false";' > /etc/apt/apt.conf.d/80recommends && \
 echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \
 echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \
-echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing
+echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \
+echo 'force-confold' > /etc/dpkg/dpkg.cfg.d/force-confold
 
 # update operating system
 apt-get update
 apt dist-upgrade 2>/dev/null
 
 # install dependencies
-apt-get -qq install --no-install-recommends apt-transport-https ca-certificates \
-        curl software-properties-common openssl
+apt-get -qq install --no-install-recommends apt-utils apt-transport-https ca-certificates \
+        curl software-properties-common openssl gnupg lsb-release
 
-# install docker if needed
-if ! command -v docker &> /dev/null; then
-  curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/trusted.gpg.d/download.docker.com.gpg
-  add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
-  apt-get update
-  apt-get -qq install docker-ce
-fi
+echo "Installing Docker..."
 
-# install docker-compose if needed
-if ! command -v docker-compose &> /dev/null; then
-  apt-get update
-  apt-get -qq install docker-compose
-fi
+# add docker repository key
+mkdir -p /etc/apt/keyrings
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+chmod a+r /etc/apt/keyrings/docker.gpg
+
+echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
+  $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+# install docker incl compose plugin
+apt-get update
+apt-get -qq install docker-ce docker-ce-cli docker-ce-rootless-extras containerd.io docker-compose-plugin cgroupfs-mount libltdl7 pigz
+
+echo "Adding user..."
 
 # create user
 useradd -o -m -U -u 1000 -G docker -d /opt/photoprism photoprism || echo "User 'photoprism' already exists. Proceeding."
 mkdir -p /opt/photoprism/originals /opt/photoprism/import /opt/photoprism/storage /opt/photoprism/backup \
       /opt/photoprism/database /opt/photoprism/traefik /opt/photoprism/certs
 
+echo "Generating certificates..."
+
 # download ssl config
 curl -fsSL https://dl.photoprism.app/docker/cloud/certs/ca.conf > /opt/photoprism/certs/ca.conf
 curl -fsSL https://dl.photoprism.app/docker/cloud/certs/cert.conf > /opt/photoprism/certs/cert.conf
@@ -92,6 +97,8 @@ chmod 600 /root/.initial-password.txt
 # detect public server ip address
 PUBLIC_IP=$(curl -sfSL ifconfig.me)
 
+echo "Downloading configuration..."
+
 # download service config
 COMPOSE_CONFIG=$(curl -fsSL https://dl.photoprism.app/docker/cloud/docker-compose.yml)
 COMPOSE_CONFIG=${COMPOSE_CONFIG//_public_ip_/$PUBLIC_IP}
@@ -103,6 +110,8 @@ curl -fsSL https://dl.photoprism.app/docker/cloud/traefik.yaml > /opt/photoprism
 # change permissions
 chown -Rf photoprism:photoprism /opt/photoprism
 
+echo "Cleaning up..."
+
 # clear package cache
 apt-get autoclean
 apt-get autoremove