How do I access my PhotoStructure Library on other computers?
PhotoStructure’s UI is web-based, and designed to work well with both mobile and desktop browsers.
PhotoStructure’s web service defaults to only being accessible to the computer running PhotoStructure. This prevents other computers on your local area network, or “LAN,” from viewing your library.
Note that the following instructions are intended for advanced users.
Configure đź”—
If you trust all computers on your LAN, you can set the
exposeNetworkWithoutAuth
library setting to true
.
If you’re using PhotoStructure for Docker, this setting is enabled by default.
For other editions of PhotoStructure, there are several ways to enable this setting: either
- Edit the system settings.toml, and add this line:
exposeNetworkWithoutAuth = true
-
Or, if you’re on Windows, follow these instructions to add a new
PS_EXPOSE_NETWORK_WITHOUT_AUTH
variable whose value is “true” -
Or, if you’re on macOS, open a terminal and run
launchctl setenv PS_EXPOSE_NETWORK_WITHOUT_AUTH true
. See this for more details.
Access your PhotoStructure library on your LAN đź”—
If you’re using macOS to run PhotoStructure, you can open the Sharing control panel on the mac that is running PhotoStructure, and then edit the hostname to be easy to type (like “mac”), you should then be able access your library on other apple devices in your LAN by using http://mac.local:1787 (replace “mac” with whatever you named your computer).
On other platforms, your library will be available at http://<ip address of the computer running PhotoStructure>:1787
. You may want to configure your router to
give the computer that runs PhotoStructure a “static IP address.” Consult your router’s manual for instructions.
If you’re running Windows, be sure to consult our Windows troubleshooting guide: you may need to adjust your firewall.
Accessing your library on the WAN đź”—
If you want to expose your library to the internet, you’ve got a couple options:
VPN: the most secure, but the least convenient for your relatives đź”—
Using a VPN (like tailscale) means that only the devices that you give access keys to can “see” your servers.
Unfortunately, this means each device needs to have custom software installed and configured, which can be a nonstarter for the less technically savvy friends and relatives.
HTTPS and basic auth via a reverse proxy: not as secure, but probably OK đź”—
Before 2013, running an “https” website was pretty costly: you had to buy an https:
certificate which could cost $1,000-$5,000 per year.
Thanks to Let’s Encrypt and
Cloudflare, you can now host a secure https:
website for free, but it takes a bit of setup.
You’ll still need software to manage https
certificates and user auth, which is handled by a “reverse proxy.”
There are a number of free options:
-
Caddy (setup instructions are in the next section )
Example Caddy configuration đź”—
Until PhotoStructure adds secure sharing of albums, you can use your reverse proxy to enforce “basic HTTP authentication”, which means your library is only viewable by people with a username and password that you share with them.
The following Caddyfile manages https certificates and enforces basic HTTP authentication. On Ubuntu, this file lives in /etc/caddy/Caddyfile
.
Be sure to replace:
EMAIL
with your full email address, like[email protected]
DOMAIN_NAME
with your external domain name, likephotos.example.com
127.0.0.1:1787
with the LAN IP address of the machine running PhotoStructure. If it’s the same host, 127.0.0.1 works.USER
with the username you want to access your library with, andHASH
with the result of runningcaddy hash-password
{
email EMAIL
}
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace the line below with your
# domain name.
DOMAIN_NAME
reverse_proxy 127.0.0.1:1787
# See https://caddyserver.com/docs/caddyfile/directives/basicauth
basicauth * {
USER HASH
}
The Caddy docs are great, by the way: https://caddyserver.com/docs/caddyfile
What if I don’t have a computer at home to host my library? đź”—
PhotoStructure runs well on “virtual private servers”, or VPSes, which can be as little as $5 a month.
PhotoStructure’s forum and website run on Digital Ocean VPSes: they call them “droplets.”
We recommend running their Ubuntu droplet, running some basic server hardening, and using the node edition of PhotoStructure for Servers.
If you haven’t used Digital Ocean before, sign up via this link for a $100 credit (note that the credit expires in 60 days!)
In the future đź”—
Future versions of PhotoStructure will add sharing and authorization
mechanisms,
at which point these instructions will no longer be relevant, and the
exposeNetworkWithoutAuth
setting will be deleted.