70 lines
1.8 KiB
YAML
70 lines
1.8 KiB
YAML
# USING LET'S ENCRYPT HTTPS
|
|
# -------------------------------------------------------------------------
|
|
#
|
|
# If your server has a public domain name, please disable the self-signed
|
|
# certificate and enable domain based routing in docker-compose.yml and
|
|
# traefik.yaml (see inline instructions in !! UPPERCASE !!)
|
|
#
|
|
# ssh root@<YOUR SERVER IP>
|
|
# cd /opt/photoprism
|
|
# nano docker-compose.yml
|
|
# nano traefik.yaml
|
|
# docker compose stop
|
|
# docker compose up -d
|
|
#
|
|
# You should now be able to access your instance without security warnings.
|
|
# -------------------------------------------------------------------------
|
|
|
|
# set to DEBUG to enable debug mode
|
|
log:
|
|
level: INFO
|
|
|
|
# disable telemetry
|
|
global:
|
|
sendAnonymousUsage: false
|
|
|
|
# allow to proxy services with self-signed certificates
|
|
serversTransport:
|
|
insecureSkipVerify: true
|
|
# !! REMOVE when using Let's Encrypt HTTPS !!
|
|
rootCAs:
|
|
- "/certs/ca.crt"
|
|
|
|
# open ports ond protocols (HTTP will be redirected to HTTPS)
|
|
entryPoints:
|
|
web:
|
|
address: ":80"
|
|
http:
|
|
redirections:
|
|
entryPoint:
|
|
to: websecure
|
|
scheme: https
|
|
websecure:
|
|
address: ":443"
|
|
|
|
# auto tls / https
|
|
certificatesResolvers:
|
|
myresolver:
|
|
# See https://doc.traefik.io/traefik/https/acme/
|
|
acme:
|
|
# !! REPLACE "info@yourdomain.com" with your actual email address for Let's Encrypt HTTPS !!
|
|
email: info@yourdomain.com
|
|
storage: /data/letsencrypt.json
|
|
httpChallenge:
|
|
entryPoint: web
|
|
|
|
# config providers
|
|
providers:
|
|
# !! REMOVE file provider when using Let's Encrypt HTTPS !!
|
|
file:
|
|
filename: "/certs/config.yml"
|
|
watch: true
|
|
# always keep this
|
|
docker:
|
|
exposedByDefault: false
|
|
watch: true
|
|
|
|
# disable dashboard and api
|
|
api:
|
|
insecure: false
|
|
dashboard: false |