Docker Installation

Docker based installations allow to run the application in an isolated environment besides try out multiple versions without installing any package on the host system.

sysPass can be ran in Docker containers which has been compiled on top of latest Debian stable version (Stretch) and avoiding any package compilation.

Docker images can be got from Docker Hub and they are complied automatically from Docker source files on https://github.com/nuxsmin/docker-syspass

There are two ways for installing:

  • Using Docker Compose (recommended): deploys a fully working sysPass environment including application and database services.
  • Using Docker: deploys each service (application and database) separately.

Docker Compose

In order to deploy using this method, you need to issue the following steps:

  1. Install Docker engine from https://docs.docker.com/install/
  2. Install Docker Compose from https://docs.docker.com/compose/install/
  3. Download “docker-compose.yml” sysPass’ file from https://raw.githubusercontent.com/nuxsmin/docker-syspass/master/docker-compose.yml or use the following one:
version: '2'
services:
  app:
    container_name: syspass-app
    image: syspass/syspass:3.1.0 # Set this version tag to desired one
    restart: always
    # Will listen on ports 80 and 443 of the host
    ports:
      - "80:80"
      - "443:443"
    depends_on:
      - db
    volumes:
      - syspass-config:/var/www/html/sysPass/app/config
      - syspass-backup:/var/www/html/sysPass/app/backup
    # Set USE_SSL=no if you're using a LB or reverse proxy for SSL offloading
    environment:
      - USE_SSL=yes
  db:
    container_name: syspass-db
    restart: always
    image: mariadb:10.2
    # Set a secure password for MariaDB root user
    environment:
      - MYSQL_ROOT_PASSWORD=syspass
    # This ports will only be accesible internally
    expose:
      - "3306"
    volumes:
      - syspass-db:/var/lib/mysql

# Persistent volumes to be used across updates
volumes:
  syspass-config: {}
  syspass-backup: {}
  syspass-db: {}
  1. Run “docker-compose” tool for setting up the environment:
docker-compose -p syspass -f docker-compose.yml up -d

This will download the latest sysPass stable image and the database (MariaDB) one.

  1. Take a look to deployment’s logs:
docker-compose -p syspass -f docker-compose.yml logs -f

Note

Docker Compose will create an isolated network for all sysPass services making possible to use DNS resolution between containers. You can use “syspass-db” for setting up the database hostname in sysPass installation page.

It will create two fixed volumes for sysPass application, one for “…/app/config” directory and the other for “…/app/backup” directory. An additional fixed volume will be created for the database container’s data.

Warning

sysPass container will publish 80 and 443 host’s ports to the outside. You could change this behavior by tweaking the Docker Compose’s file.

Tip

You can disable HTTPS redirection by setting “USE_SSL=no” within “docker-compose.yml” file. This will offload the SSL encryption to a LB or reverse proxy.

Docker

By this way all the services need to be deployed manually. The following steps are needed:

  1. Install Docker engine from https://docs.docker.com/install/
  2. Create network for sysPass services:
docker network create syspass-net
  1. Create fixed volumes for sysPass services:
docker volume create syspass-app-config
docker volume create syspass-app-backup
docker volume create syspass-db-data
  1. Setup sysPass database container:
docker run --name syspass-db \
--network syspass-net \
--restart unless-stopped \
--env MYSQL_ROOT_PASSWORD=syspass \
--volume syspass-db-data:/var/lib/mysql \
--detach mariadb:10.2
  1. Setup sysPass application container:
docker run --name syspass-app \
--network syspass-net \
--publish 80:80 \
--restart unless-stopped \
--volume syspass-app-config:/var/www/html/sysPass/app/config \
--volume syspass-app-backup:/var/www/html/sysPass/app/backup \
--detach syspass/syspass:3.1.0
  1. Connection data will be displayed in application container’s console:
docker logs -f syspass-app

Tip

You can install sysPass extensions (plugins) by setting “COMPOSER_EXTENSIONS” environment variable when deploying the sysPass application container. Example: “–env COMPOSER_EXTENSIONS=’syspass/plugin-authenticator’”

Database Access

You can get access to the database using the following connection data:

  • User: root
  • Password: syspass
You may install other sysPass images from Docker Hub

Note

Please follow the installer steps in order to setup the sysPass application instance.

More information about how sysPass works on Application

Warning

It’s very advisable to take a look to security advices on Security