Skip to content

Using NGINX as Reverse Proxy

Getting Support

In case you experience issues when using NGINX, such as failed uploads, connection errors, broken thumbnails, and video playback problems:

This tutorial explains, how to configure NGINX WebSocket connections between your client and backend services.

Example

http {
  server {
    listen 80 ssl;
    listen [::]:80 ssl;
    server_name example.com
    client_max_body_size 500M;

    # With SSL via Let's Encrypt
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location / {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $host;

      proxy_pass http://photoprism:2342;

      proxy_buffering off;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
    }
  }
}

At the very least you will need to adapt server_name and the ssl_certificate/ssl_certificate_key paths to match your setup. Please refer to their official documentation for further details.

Why Use a Proxy?

If you install PhotoPrism on a public server outside your home network, always run it behind a secure HTTPS reverse proxy. Your files and passwords will otherwise be transmitted in clear text and can be intercepted by anyone, including your provider, hackers, and governments. Backup tools and file sync apps may refuse to connect as well.

Back to top