diff --git a/ente-photos/README.md b/ente-photos/README.md new file mode 100644 index 0000000000..a9404a1b33 --- /dev/null +++ b/ente-photos/README.md @@ -0,0 +1,132 @@ +# Ente Photos 📸 +Safe Home for Your Photos + +## Steps to Set Up Ente Photos + +### 1. Install Ente Photos 🛠️ +First, install the Ente Photos application on your Umbrel device. Navigate to the Umbrel App Store and select Ente Photos to complete the installation. + +*Note: After installation, open the following URL to ensure the service is running and responding correctly. You should receive a "pong" response. Which shows all services are up and running.* + +**URL**: `http://172.17.0.2:8080/ping` + +**Expected Response**: +```json +{ + "id": "b0674cd5f37cebda0f446db7ce1e87a3e6d8b9fc", # id can be anything + "message": "pong" +} +``` + +### 2. Update Configuration 🖥️ +Next, update the IP/Host and other configurations in the `/home/umbrel/umbrel/app-data/ente-photos/exports.sh` file. Make sure the details are accurate for your setup. + +Example configuration in `/home/umbrel/umbrel/app-data/ente-photos/exports.sh`: +```bash +# Replace with your Umbrel's IP or host name +export APP_HOST="umbrel.local" + +# Default DB Configs +export DB_HOST="postgres" +export DB_PORT="5432" +export DB_NAME="ente_db" +export DB_USER="pguser" +export DB_PASSWORD="pgpass" + +# Default MinIO Configs +export MINIO_API_PORT="3200" +export MINIO_CONSOLE_PORT="3201" +export MINIO_ROOT_USER="test" +export MINIO_ROOT_PASSWORD="testtest" +export MINIO_REGION="eu-central-2" + +# SMTP Configs to send OTP emails +export SMTP_HOST="smtp.gmail.com" +export SMTP_PORT="465" +export SMTP_USERNAME="example@gmail.com" +export SMTP_PASSWORD="changeme" +# The email address from which to send the email. +export SMTP_EMAIL="example@gmail.com" + +# Uncomment and set these to your email ID or domain to avoid checking server logs for OTPs. +# export INTERNAL_HARDCODED_OTT_EMAILS="example@example.org,123456" + +# Hardcode the verification code to 123456 for email addresses ending with @example.org +export INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_SUFFIX="@example.com" +export INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_VALUE="123456" + +# List of user IDs that can use the admin API endpoints. +# e.g. export INTERNAL_ADMINS="1580559962386439,1580559962386440" +export INTERNAL_ADMINS="" +``` + +### 3. Create the First Account and Obtain the User ID 🔑 + +Download and install the Ente Desktop or Mobile [App](https://ente.io). To configure the connection endpoint, tap the onboarding screen 7 times to reveal a configuration page. Detailed instructions can be found in the Ente documentation [here](https://help.ente.io/self-hosting/guides/custom-server/). + +Once configured, create your first account in the app. This will generate a user ID for the newly created account. Next, open the UmbrelOS [Terminal](http://umbrel.local/settings/terminal/umbrelos) and run the CLI, providing the required information as prompted. + +**Command**: +```shell +# Follow the prompts to log into the account created by the Ente Photos Desktop or Mobile app. +sudo docker exec -it ente-photos_cli_1 ./ente-cli account add +``` + +**Output**: +```shell +[sudo] password for umbrel: +Enter app type (default: photos): +Use default app type: photos +Enter export directory: /var/tmp +Enter email address: example@example.com +Enter password: +Please wait authenticating... +Account added successfully +run `ente export` to initiate export of your account data +``` + +Retrieve the user ID of the newly created account: + +**Command**: +```shell +sudo docker exec -it ente-photos_cli_1 ./ente-cli account list +``` + +**Output**: +```shell +Configured accounts: 1 +==================================== +Email: example@example.com +ID: 1580559962386438 +App: photos +ExportDir: /var/tmp +==================================== +``` + +### 4. Make the User an Admin 👨‍💼 +Make the user an admin by updating the `INTERNAL_ADMINS` variable in the `/home/umbrel/umbrel/app-data/ente-photos/exports.sh` file. + +Example: +```bash +... +# List of user IDs that can use the admin API endpoints. +# e.g. export INTERNAL_ADMINS="1580559962386439,1580559962386440" +export INTERNAL_ADMINS="1580559962386438" +... +``` + +Run `/home/umbrel/umbrel/app-data/ente-photos/update_admins.sh` to create a `museum.yaml` with all admin IDs. + +### 5. Restart Ente Photos 🔄 +Restart the Ente Photos application from the UmbrelOS dashboard. + +### 6. Update Storage Provision 💾 +Update the storage provision to ensure you have allocated sufficient storage for your Ente Photos application. + +Example: +```bash +sudo docker exec -it ente-photos_cli_1 ./ente-cli admin update-subscription -a example@example.com -u example@example.com --no-limit true +``` + +### Final Steps 🎉 +By following these steps, you should have successfully set up Ente Photos on your Umbrel device. If you encounter any issues, refer to the [official self-hosting documentation](https://help.ente.io/self-hosting) or reach out to support. \ No newline at end of file diff --git a/ente-photos/data/.gitkeep b/ente-photos/data/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/ente-photos/docker-compose.yml b/ente-photos/docker-compose.yml new file mode 100644 index 0000000000..9d16b2ae0b --- /dev/null +++ b/ente-photos/docker-compose.yml @@ -0,0 +1,152 @@ +version: "3.7" + +x-environment: &env + # Umbrel's IP or host name + APP_HOST: "${APP_HOST}" + + # DB Configs + ENTE_DB_HOST: "${DB_HOST}" + ENTE_DB_PORT: "${DB_PORT}" + ENTE_DB_NAME: "${DB_NAME}" + ENTE_DB_USER: "${DB_USER}" + ENTE_DB_PASSWORD: "${DB_PASSWORD}" + + # MinIO Configs + MINIO_API_PORT: "${MINIO_API_PORT}" + MINIO_CONSOLE_PORT: "${MINIO_CONSOLE_PORT}" + MINIO_URL: &minio_url "${APP_HOST}:${MINIO_API_PORT}" + MINIO_ROOT_USER: &minio_user "${MINIO_ROOT_USER}" + MINIO_ROOT_PASSWORD: &minio_password "${MINIO_ROOT_PASSWORD}" + MINIO_REGION: &minio_region "${MINIO_REGION}" + + # SMTP Configs to send OTP emails + ENTE_SMTP_HOST: "${SMTP_HOST}" + ENTE_SMTP_PORT: "${SMTP_PORT}" + ENTE_SMTP_USERNAME: "${SMTP_USERNAME}" + ENTE_SMTP_PASSWORD: "${SMTP_PASSWORD}" + # The email address from which to send the email. Set this to an email + # address whose credentials you're providing. + ENTE_SMTP_EMAIL: "${SMTP_EMAIL}" + + # Set these to your email ID or domain so that you don't + # need to peek into the server logs for obtaining the OTP when trying to log + # into an instance you're developing on. + # export INTERNAL_HARDCODED_OTT_EMAILS="example@example.org,123456" + ENTE_INTERNAL_HARDCODED-OTT_EMAILS: "${INTERNAL_HARDCODED_OTT_EMAILS}" + # When running in a local environment, hardcode the verification code to + # 123456 for email addresses ending with @example.org + ENTE_INTERNAL_HARDCODED-OTT_LOCAL-DOMAIN-SUFFIX: "${INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_SUFFIX}" + ENTE_INTERNAL_HARDCODED-OTT_LOCAL-DOMAIN-VALUE: "${INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_VALUE}" + +services: + app_proxy: + depends_on: + - museum + environment: + APP_HOST: ente-photos_museum_1 + APP_PORT: 8080 + PROXY_AUTH_ADD: "false" + + museum: + # https://github.com/ente-io/ente/pkgs/container/server + image: ghcr.io/ente-io/server:b0674cd5f37cebda0f446db7ce1e87a3e6d8b9fc@sha256:d44049492bb62a3c0c64126ade1b2c0294683422e5a1b7d656d128186919b5e9 + depends_on: + postgres: + condition: service_healthy + environment: + <<: *env + # S3 Configs + ENTE_S3_ARE_LOCAL_BUCKETS: "true" + ENTE_S3_B2-EU-CEN_KEY: *minio_user + ENTE_S3_B2-EU-CEN_SECRET: *minio_password + ENTE_S3_B2-EU-CEN_ENDPOINT: *minio_url + ENTE_S3_B2-EU-CEN_REGION: *minio_region + ENTE_S3_B2-EU-CEN_BUCKET: b2-eu-cen + ENTE_S3_WASABI-EU-CENTRAL-2-V3_KEY: *minio_user + ENTE_S3_WASABI-EU-CENTRAL-2-V3_SECRET: *minio_password + ENTE_S3_WASABI-EU-CENTRAL-2-V3_ENDPOINT: *minio_url + ENTE_S3_WASABI-EU-CENTRAL-2-V3_REGION: *minio_region + ENTE_S3_WASABI-EU-CENTRAL-2-V3_BUCKET: wasabi-eu-central-2-v3 + ENTE_S3_WASABI-EU-CENTRAL-2-V3_COMPIANCE: "false" + ENTE_S3_SCW-EU-FR-V3_KEY: *minio_user + ENTE_S3_SCW-EU-FR-V3_SECRET: *minio_password + ENTE_S3_SCW-EU-FR-V3_ENDPOINT: *minio_url + ENTE_S3_SCW-EU-FR-V3_REGION: *minio_region + ENTE_S3_SCW-EU-FR-V3_BUCKET: scw-eu-fr-v3 + + # More Configs can be found below + # https://github.com/ente-io/ente/blob/main/server/configurations/local.yaml + + volumes: + - ${APP_DATA_DIR}/data/custom-logs:/var/logs + - ${APP_DATA_DIR}/museum.yaml:/museum.yaml:ro + - ${APP_DATA_DIR}/data:/data:ro + restart: on-failure + + cli: + image: vasuratanpara/ente-cli:v0.2.2@sha256:027abc99f012a910a28289034266ce4a63aeb1484c65d56b3743056f0795a3af + depends_on: + - museum + environment: + <<: *env + volumes: + - ${APP_DATA_DIR}/data/cli-data:/cli-data + command: ["sh", "-c", "echo -e 'endpoint:\\n api: http://${APP_HOST}:8080' > config.yaml && sleep infinity"] + restart: on-failure + + socat: + image: alpine/socat:1.8.0.0@sha256:a6be4c0262b339c53ddad723cdd178a1a13271e1137c65e27f90a08c16de02b8 + network_mode: service:museum + depends_on: + - museum + command: "TCP-LISTEN:${MINIO_API_PORT},fork,reuseaddr TCP:minio:${MINIO_API_PORT}" + + postgres: + image: postgres:15@sha256:6cbdd616ae7ea61fa88873fdab529b3fd141b8a8311bfe4e6e62575f643f88fe + ports: + - "${DB_PORT}:${DB_PORT}" + environment: + <<: *env + POSTGRES_USER: "${DB_USER}" + POSTGRES_PASSWORD: "${DB_PASSWORD}" + POSTGRES_DB: "${DB_NAME}" + # Wait for postgres to accept connections before starting museum. + healthcheck: + test: + ["CMD", "pg_isready", "-q", "-d", "${DB_NAME}", "-U", "${DB_USER}"] + start_period: 40s + start_interval: 1s + volumes: + - ${APP_DATA_DIR}/data/postgres-data:/var/lib/postgresql/data + restart: on-failure + + minio: + image: minio/minio:RELEASE.2024-11-07T00-52-20Z@sha256:ac591851803a79aee64bc37f66d77c56b0a4b6e12d9e5356380f4105510f2332 + # Use different ports than the minio defaults to avoid conflicting + # with the ports used by Prometheus. + ports: + - "${MINIO_API_PORT}:${MINIO_API_PORT}" # API + - "${MINIO_CONSOLE_PORT}:${MINIO_CONSOLE_PORT}" # Console + environment: + <<: *env + command: server /data --address ":${MINIO_API_PORT}" --console-address ":${MINIO_CONSOLE_PORT}" + volumes: + - ${APP_DATA_DIR}/data/minio-data:/data + restart: on-failure + + minio-provision: + image: minio/mc:RELEASE.2024-11-17T19-35-25Z@sha256:8f94d208188dcd04bbaa51b54578bb43ea2a663626ca59889c07d4fb8ae9546d + depends_on: + - minio + environment: + <<: *env + volumes: + - ${APP_DATA_DIR}/scripts/compose/minio-provision.sh:/provision.sh:ro + - ${APP_DATA_DIR}/data/minio-data:/data + entrypoint: sh /provision.sh + +volumes: + cli-data: + custom-logs: + minio-data: + postgres-data: \ No newline at end of file diff --git a/ente-photos/exports.sh b/ente-photos/exports.sh new file mode 100644 index 0000000000..6e2b894f56 --- /dev/null +++ b/ente-photos/exports.sh @@ -0,0 +1,41 @@ +# Replace with your Umbrel's IP or host name +export APP_HOST="umbrel.local" + +# Default DB Configs +export DB_HOST="postgres" +export DB_PORT="5432" +export DB_NAME="ente_db" +export DB_USER="pguser" +export DB_PASSWORD="pgpass" + +# Default MinIO Configs +export MINIO_API_PORT="3200" +export MINIO_CONSOLE_PORT="3201" +export MINIO_ROOT_USER="test" +export MINIO_ROOT_PASSWORD="testtest" +export MINIO_REGION="eu-central-2" + +# SMTP Configs to send OTP emails +# Notes: +# - Make sure they are correct since the program will stuck at signup if there is any issue +# - Gmail SMTP hast might fail due to timeout errors, check your latency via ping +# export SMTP_HOST="smtp.gmail.com" +# export SMTP_PORT="465" +# export SMTP_USERNAME="example@gmail.com" +# export SMTP_PASSWORD="changeme" +# The email address from which to send the email. +# export SMTP_EMAIL="example@gmail.com" + +# Uncomment and set these to your email ID or domain to avoid checking server logs for OTPs. +# export INTERNAL_HARDCODED_OTT_EMAILS="example@example.org,123456" + +# Hardcode the verification code to 123456 for email addresses ending with @example.org +export INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_SUFFIX="@example.com" +export INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_VALUE="123456" + +# List of user IDs that can use the admin API endpoints. +# e.g. export INTERNAL_ADMINS="1580559962386439,1580559962386440" +export INTERNAL_ADMINS="" + +alias ente="sudo docker exec -it ente-photos_cli_1 ./ente-cli" +chmod +x /home/umbrel/umbrel/app-data/ente-photos/update_admins.sh \ No newline at end of file diff --git a/ente-photos/scripts/compose/minio-provision.sh b/ente-photos/scripts/compose/minio-provision.sh new file mode 100644 index 0000000000..4b7a5e28b1 --- /dev/null +++ b/ente-photos/scripts/compose/minio-provision.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +# Script used to prepare the minio instance that runs as part of the development +# Docker compose cluster. +while ! mc config host add h0 http://minio:${MINIO_API_PORT} $MINIO_ROOT_USER $MINIO_ROOT_PASSWORD +do + echo "waiting for minio..." + sleep 0.5 +done + +cd /data + +mc mb -p b2-eu-cen +mc mb -p wasabi-eu-central-2-v3 +mc mb -p scw-eu-fr-v3 \ No newline at end of file diff --git a/ente-photos/umbrel-app.yml b/ente-photos/umbrel-app.yml new file mode 100644 index 0000000000..d92e882f81 --- /dev/null +++ b/ente-photos/umbrel-app.yml @@ -0,0 +1,40 @@ +manifestVersion: 1 +id: ente-photos +category: files +name: Ente Photos +version: "b0674cd" +tagline: Safe Home for your photos +description: >- + Ente Photos is an end-to-end encrypted alternative to Google Photos and Apple Photos. + + + You can use it to safely and securely store your photos on your personal cloud. + + + Full release notes are found at https://github.com/ente-io/ente/releases + + + Version: https://github.com/ente-io/ente/commit/b0674cd5f37cebda0f446db7ce1e87a3e6d8b9fc + + + ⚠️ Important Notes: + + - Setup Steps: https://github.com/getumbrel/umbrel-apps/tree/master/ente-photos/README.md + + - Self Hosting Docs https://help.ente.io/self-hosting/guides/selfhost-cli + +developer: Ente +website: https://ente.io +repo: https://github.com/ente-io/ente +support: https://ente.io/community +port: 8080 +gallery: + - 1.jpg + - 2.jpg + - 3.jpg +releaseNotes: "" +path: "" +defaultUsername: "" +defaultPassword: "" +submitter: Starfreck +submission: https://github.com/getumbrel/umbrel-apps/pull/1922 \ No newline at end of file diff --git a/ente-photos/update_admins.sh b/ente-photos/update_admins.sh new file mode 100644 index 0000000000..bb83b21635 --- /dev/null +++ b/ente-photos/update_admins.sh @@ -0,0 +1,60 @@ +#!/usr/bin/bash + +# Author: https://github.com/starfreck +# This script runs automatically on each restart. It reads admin IDs from the environment +# and writes them into "museum.yaml" at "/home/umbrel/umbrel/app-data/ente-photos". +# To run manually, execute it from the "/home/umbrel/umbrel/app-data/ente-photos" directory. + +# Function to delete the existing file or directory +delete_existing_file() { + local file_path=$1 + if [ -e "$file_path" ]; then + if [ -d "$file_path" ]; then + rmdir "$file_path" + else + rm "$file_path" + fi + echo "Deleted existing $file_path" + fi +} + +# Function to read admin IDs from the environment variable +read_admin_ids_from_env() { + local ids_env + ids_env=$(printenv INTERNAL_ADMINS) + if [ -z "$ids_env" ]; then + echo "" + else + echo "$ids_env" | tr ',' '\n' + fi +} + +# Function to write admin IDs to the YAML file +write_admin_ids_to_yaml() { + local file_path=$1 + shift + local admin_ids=("$@") + + echo "internal:" > "$file_path" + echo " admins:" >> "$file_path" + for admin_id in "${admin_ids[@]}"; do + echo " - $admin_id" >> "$file_path" + done + echo "Created new $file_path with Admin IDs: ${admin_ids[*]}" +} + +# Main function to create the admin config file +create_admin_config_file() { + local config_file="/home/umbrel/umbrel/app-data/ente-photos/museum.yaml" + + delete_existing_file "$config_file" + + local admin_ids + IFS=$'\n' read -d '' -r -a admin_ids < <(read_admin_ids_from_env && printf '\0') + + write_admin_ids_to_yaml "$config_file" "${admin_ids[@]}" +} + +source /home/umbrel/umbrel/app-data/ente-photos/exports.sh +echo "Running create_admin_config_file..." +create_admin_config_file \ No newline at end of file