From 147747de32a7362db842d95433a4ab1688eece92 Mon Sep 17 00:00:00 2001 From: kurama <52566613+zp33dy@users.noreply.github.com> Date: Mon, 23 Sep 2024 09:40:23 +0200 Subject: [PATCH] docs: add section for Traefik Reverse Proxy (#12813) * added a section for the Traefik Proxy * minimized the configs * replaced config with a comment. * Update docs/docs/administration/reverse-proxy.md changed timeout values Co-authored-by: dvbthien <89862334+dvbthien@users.noreply.github.com> * changed timeouts back to 10 minutes * fixed typo and set default writeTimeout 600s Leaving it at 0 may be also bad practice * removed whitespace * run `npm run format -- --check -w` --------- Co-authored-by: dvbthien <89862334+dvbthien@users.noreply.github.com> --- docs/docs/administration/reverse-proxy.md | 40 +++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/docs/docs/administration/reverse-proxy.md b/docs/docs/administration/reverse-proxy.md index 1d2488f119..c40fecbdc4 100644 --- a/docs/docs/administration/reverse-proxy.md +++ b/docs/docs/administration/reverse-proxy.md @@ -64,3 +64,43 @@ Below is an example config for Apache2 site configuration. ProxyPreserveHost On ``` + +### Traefik Proxy example config + +The example below is for Traefik version 3. + +The most important is to increase the `respondingTimeouts` of the entrypoint used by immich. In this example of entrypoint `websecure` for port `443`. Per default it's set to 60s which leeds to videos stop uploading after 1 minute (Error Code 499). With this config it will fail after 10 minutes which is in most cases enough. Increase it if needed. + +`traefik.yaml` + +```yaml +[...] +entryPoints: + websecure: + address: :443 + # this section needs to be added + transport: + respondingTimeouts: + readTimeout: 600s + idleTimeout: 600s + writeTimeout: 600s +``` + +The second part is in the `docker-compose.yml` file where immich is in. Add the Traefik specific labels like in the example. + +`docker-compose.yml` + +```yaml +services: + immich-server: + [...] + labels: + traefik.enable: true + # increase readingTimeouts for the entrypoint used here + traefik.http.routers.immich.entrypoints: websecure + traefik.http.routers.immich.rule: Host(`immich.your-domain.com`) + traefik.http.services.immich.loadbalancer.server.port: 3001 +``` + +Keep in mind, that Traefik needs to communicate with the network where immich is in, usually done +by adding the Traefik network to the `immich-server`.