Applications AWS

PhotoPrism on AWS User Guide

| Product: PhotoPrism

PhotoPrism on AWS User Guide

PhotoPrism is an AI-powered, open source, self-hosted application for browsing, organising and sharing your photo and video collection. It uses on-device machine learning to automatically tag your pictures by their content and location, recognise faces, and group similar shots, so you can find any photo in an instant with powerful search. It handles RAW files, live photos and videos, and presents everything in a fast, modern web interface with maps, calendars and albums.

This cloudimg Amazon Machine Image ships PhotoPrism 260601 (June 2026) fully installed and managed by systemd, served through an nginx reverse proxy on port 80, and secure by default: a unique administrator password is generated for every instance on first boot, before the application starts, and the photo index ships empty.

PhotoPrism sign-in

What you get

  • PhotoPrism 260601, run from the official upstream container image (photoprism/photoprism:260601) and managed as a systemd service. The image bundles the TensorFlow model, ffmpeg, libheif and the RAW converters for automatic tagging, face recognition and format conversion, and runs entirely on the CPU — no GPU required.
  • nginx reverse proxy on port 80, forwarding to the application on loopback 127.0.0.1:2342 — the application is never exposed directly.
  • Secure first boot — a fresh administrator password is generated per instance and written to a root-only file, and the photo index ships empty.
  • Dedicated data volume — your original photos, the SQLite index database, the thumbnail cache and sidecar files live on a separate, independently resizable EBS volume mounted at /var/lib/photoprism, kept off the operating-system disk.
  • 24/7 cloudimg support.

Architecture at a glance

PhotoPrism is officially a Docker-first deployment — the upstream image bundles the machine-learning model and all the media tooling that a bare-metal install would otherwise require you to assemble by hand. This AMI runs that official, version-pinned image as a systemd-managed Docker container:

  • photoprism.service runs the container, bound to loopback 127.0.0.1:2342.
  • nginx.service reverse-proxies port 80 to the container, with the WebSocket upgrade headers PhotoPrism needs and a large upload limit for big photos and videos.
  • photoprism-firstboot.service runs before the application on the very first boot, generates the per-instance administrator password, resolves the instance's public IP for the site URL, and writes the credentials to a root-only file.

The originals and the storage tree (index database, thumbnails, sidecar files) live under /var/lib/photoprism on a dedicated EBS data volume.

Connecting to your instance

SSH in as the default login user for your AMI's operating system, using the EC2 key pair you launched it with:

OS variant SSH login user
Ubuntu 24.04 ubuntu 
ssh -i /path/to/your-key.pem ubuntu@<instance-public-ip>

First sign-in

The administrator user is admin, and a unique password was generated for your instance on first boot. Retrieve it over SSH:

sudo cat /root/photoprism-credentials.txt

This prints the per-instance credentials, for example:

PHOTOPRISM_URL=http://<instance-public-ip>/
PHOTOPRISM_ADMIN_USER=admin
PHOTOPRISM_ADMIN_PASSWORD=<unique-per-instance-password>

Browse to http://<instance-public-ip>/ and sign in as admin with that password.

PhotoPrism photo library

Tip: PhotoPrism derives links from its site URL, which firstboot set to your instance's public IP. If you put the instance behind a load balancer or a custom domain, update PHOTOPRISM_SITE_URL in /etc/photoprism/photoprism.env and restart the service (see Enabling HTTPS below).

Adding and indexing photos

There are two ways to get photos into PhotoPrism:

  1. Upload through the web interface. Click the upload button in the top toolbar and drag in your photos and videos. PhotoPrism imports, generates thumbnails, and indexes them automatically.
  2. Copy files into the originals folder, then index. Copy your media onto the instance under the originals directory and start an index from the library menu:

bash sudo install -d -o photoprism -g photoprism /var/lib/photoprism/originals/MyPhotos # ... copy your files into /var/lib/photoprism/originals/MyPhotos ... sudo chown -R photoprism:photoprism /var/lib/photoprism/originals

Then in the web interface open Library → Index and start indexing. PhotoPrism reads every file under originals/, extracts EXIF metadata, generates thumbnails, classifies the content with TensorFlow and detects faces.

When indexing completes, your photos appear in the library, automatically labelled by their content (for example landscape, animal, architecture) and searchable by those labels, by date, by place and by the people PhotoPrism recognises.

Browsing, searching and photo details

Open any photo to see its details — title, date, location, camera metadata and the labels that machine learning assigned to it. You can edit the title and caption, correct the date and location, and manage the labels and recognised people from the tabs at the top of the detail view.

A PhotoPrism photo detail view

The search bar understands natural queries such as mountain, dog, 2024 italy or label:portrait, combining the automatic labels, places, dates and people into a single fast search across your whole library.

Organising photos into albums

Group related photos into albums from the Albums section. Create an album, then add photos to it from the library by selecting them and choosing Add to album. Albums can be marked as favourites and shared.

PhotoPrism albums

PhotoPrism also builds smart views automatically — Places plots your photos on a map from their GPS metadata, Calendar groups them by month, People gathers the faces it recognises, and Labels lists everything its machine-learning model has tagged.

Managing the service

The application and the reverse proxy are managed with systemctl:

# Service health
systemctl is-active photoprism.service nginx.service

active
active

# The container that runs PhotoPrism
sudo docker ps --format 'table {{.Image}}\t{{.Status}}\t{{.Ports}}'

IMAGE                          STATUS          PORTS
photoprism/photoprism:260601   Up 16 minutes   127.0.0.1:2342->2342/tcp, 2442-2443/tcp

# Unauthenticated health endpoint, proxied through nginx on port 80
curl -s http://127.0.0.1/api/v1/status

{"status":"operational"}

Restart PhotoPrism after a configuration change with sudo systemctl restart photoprism.service. Configuration lives in /etc/photoprism/photoprism.env; your data lives under /var/lib/photoprism.

Backups

PhotoPrism keeps everything that matters under /var/lib/photoprism:

  • originals/ — your original photos and videos.
  • storage/ — the SQLite index database, the thumbnail cache and the YAML sidecar files that mirror each photo's metadata.

To back up, stop the service briefly and archive the data directory, or snapshot the EBS data volume:

sudo systemctl stop photoprism.service
sudo tar czf /tmp/photoprism-backup.tgz -C /var/lib/photoprism .
sudo systemctl start photoprism.service

Because the data sits on its own EBS volume, an EBS snapshot of that volume is the simplest production backup — schedule it with Amazon Data Lifecycle Manager.

Switching to MariaDB

SQLite is the default index and is fine for personal and small team libraries. For very large libraries or higher concurrency, point PhotoPrism at MariaDB by editing /etc/photoprism/photoprism.env:

PHOTOPRISM_DATABASE_DRIVER=mysql
PHOTOPRISM_DATABASE_SERVER=<host>:3306
PHOTOPRISM_DATABASE_NAME=photoprism
PHOTOPRISM_DATABASE_USER=photoprism
PHOTOPRISM_DATABASE_PASSWORD=<password>

Then restart the service. See the PhotoPrism database documentation for migrating an existing SQLite library.

Enabling HTTPS

The image serves plain HTTP on port 80 so you can terminate TLS where it suits your architecture:

  • At a load balancer or CloudFront — terminate TLS upstream and forward HTTP to the instance. Set PHOTOPRISM_SITE_URL in /etc/photoprism/photoprism.env to your public https:// URL and restart the service so generated links use it.
  • On the instance with Let's Encrypt — point a DNS name at the instance, then:

bash sudo apt-get update && sudo apt-get install -y certbot python3-certbot-nginx sudo certbot --nginx -d your-domain.example.com

certbot obtains a certificate and reconfigures nginx for HTTPS automatically. Update PHOTOPRISM_SITE_URL to the https:// URL and restart PhotoPrism.

Support

This image is backed by 24/7 cloudimg technical support by email and chat — covering PhotoPrism deployment, indexing and import configuration, face recognition, backups, switching to MariaDB, TLS termination and scaling.

All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.