Docker Installation¶
Docker based installations allow to run the application in an isolated environment besides try out multiple versions without installing any package on the host system.
sysPass can be ran in Docker containers which has been compiled on top of latest Debian stable version (Stretch) and avoiding any package compilation.
Docker images can be got from Docker Hub and they are complied automatically from Docker source files on https://github.com/nuxsmin/docker-syspass
There are two ways for installing:
- Using Docker Compose (recommended): deploys a fully working sysPass environment including application and database services.
- Using Docker: deploys each service (application and database) separately.
Docker Compose¶
In order to deploy using this method, you need to issue the following steps:
- Install Docker engine from https://docs.docker.com/install/
- Install Docker Compose from https://docs.docker.com/compose/install/
- Download “docker-compose.yml” sysPass’ file from https://raw.githubusercontent.com/nuxsmin/docker-syspass/master/docker-compose.yml or use the following one:
version: '2'
services:
app:
container_name: syspass-app
image: syspass/syspass:3.1.0 # Set this version tag to desired one
restart: always
# Will listen on ports 80 and 443 of the host
ports:
- "80:80"
- "443:443"
depends_on:
- db
volumes:
- syspass-config:/var/www/html/sysPass/app/config
- syspass-backup:/var/www/html/sysPass/app/backup
# Set USE_SSL=no if you're using a LB or reverse proxy for SSL offloading
environment:
- USE_SSL=yes
db:
container_name: syspass-db
restart: always
image: mariadb:10.2
# Set a secure password for MariaDB root user
environment:
- MYSQL_ROOT_PASSWORD=syspass
# This ports will only be accesible internally
expose:
- "3306"
volumes:
- syspass-db:/var/lib/mysql
# Persistent volumes to be used across updates
volumes:
syspass-config: {}
syspass-backup: {}
syspass-db: {}
- Run “docker-compose” tool for setting up the environment:
docker-compose -p syspass -f docker-compose.yml up -d
This will download the latest sysPass stable image and the database (MariaDB) one.
- Take a look to deployment’s logs:
docker-compose -p syspass -f docker-compose.yml logs -f
Note
Docker Compose will create an isolated network for all sysPass services making possible to use DNS resolution between containers. You can use “syspass-db” for setting up the database hostname in sysPass installation page.
It will create two fixed volumes for sysPass application, one for “…/app/config” directory and the other for “…/app/backup” directory. An additional fixed volume will be created for the database container’s data.
Warning
sysPass container will publish 80 and 443 host’s ports to the outside. You could change this behavior by tweaking the Docker Compose’s file.
Tip
You can disable HTTPS redirection by setting “USE_SSL=no” within “docker-compose.yml” file. This will offload the SSL encryption to a LB or reverse proxy.
Docker¶
By this way all the services need to be deployed manually. The following steps are needed:
- Install Docker engine from https://docs.docker.com/install/
- Create network for sysPass services:
docker network create syspass-net
- Create fixed volumes for sysPass services:
docker volume create syspass-app-config
docker volume create syspass-app-backup
docker volume create syspass-db-data
- Setup sysPass database container:
docker run --name syspass-db \
--network syspass-net \
--restart unless-stopped \
--env MYSQL_ROOT_PASSWORD=syspass \
--volume syspass-db-data:/var/lib/mysql \
--detach mariadb:10.2
- Setup sysPass application container:
docker run --name syspass-app \
--network syspass-net \
--publish 80:80 \
--restart unless-stopped \
--volume syspass-app-config:/var/www/html/sysPass/app/config \
--volume syspass-app-backup:/var/www/html/sysPass/app/backup \
--detach syspass/syspass:3.1.0
- Connection data will be displayed in application container’s console:
docker logs -f syspass-app
Tip
You can install sysPass extensions (plugins) by setting “COMPOSER_EXTENSIONS” environment variable when deploying the sysPass application container. Example: “–env COMPOSER_EXTENSIONS=’syspass/plugin-authenticator’”
Database Access¶
You can get access to the database using the following connection data:
- User: root
- Password: syspass
Note
Please follow the installer steps in order to setup the sysPass application instance.
More information about how sysPass works on Application
Warning
It’s very advisable to take a look to security advices on Security