From 5f83381cd85c0575cd239cded4dd4a86fcc4e348 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Zettergren?= Date: Mon, 15 Jan 2018 15:52:14 +0100 Subject: [PATCH 01/11] Fix bug in how the email 'client' is edited. We must match the entire row to make sure to search/replace the correct place when other values collide with the specified default. In this instance, if EMAIL_AUTH is false, both username and password gets specified to 'null', which was previously included in seds range for searching-and-replacing 'null' occurances to EMAIL_CLIENT. --- bin/docker-entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/docker-entrypoint.sh b/bin/docker-entrypoint.sh index b7a52b6..89ccd41 100755 --- a/bin/docker-entrypoint.sh +++ b/bin/docker-entrypoint.sh @@ -132,7 +132,7 @@ email_setup() { sed -i "0,/"$default_password"/s:"$default_password":'${EMAIL_PASSWORD:-email_password}':" $email_config fi if [ -n "$EMAIL_CLIENT" ] ; then - sed -i "0,/"$default_client"/s:"$default_client":'$EMAIL_CLIENT':" $email_config + sed -i "0,/'client'/s:'client' => $default_client:'client' => '$EMAIL_CLIENT':" $email_config fi sed -i "0,/tls/s:false:${EMAIL_TLS:-false}:" $email_config From 492ce3bec70259852988896eb39a7995d6167d4f Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Tue, 16 Jan 2018 19:17:31 +0100 Subject: [PATCH 02/11] initial issue template --- ISSUE_TEMPLATE.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 ISSUE_TEMPLATE.md diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md new file mode 100644 index 0000000..0a1e7b3 --- /dev/null +++ b/ISSUE_TEMPLATE.md @@ -0,0 +1,28 @@ +## IMPORTANT :hand: :point_up: Please read + +Only use github issues for bugs. + +We will be more than happy to help you on the community forum for: +- feature requests: https://community.passbolt.com/c/backlog +- issues related to installations: https://community.passbolt.com/c/installation-issues +- general questions: https://community.passbolt.com/c/uncategorized + +If you still want to report a bug please take a look first on the other open/closed tickets to avoid duplicating issues. + +### How to provide a good issue report: +- Provide all the information you can collect about your problem +- Provide log outputs from (some examples follow): + - /var/www/passbolt/tmp/logs/error.log + - /var/log/nginx/error.log + - curl -vvvLk http://passboltdomain + - Any other sources you might think will help to solve the problem + +### What you did :memo: +Explain what you did, steps to reproduce your issue, here. + +### What happened :collision: :clipboard: +Provide information such as log outputs in this section showing what is +happening. + +### What you expected to happen +Explain what is the expected behaviour. From ef3da2c60e90cf4b0b7abc220d361293aa5cede5 Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Wed, 28 Mar 2018 20:39:33 +0200 Subject: [PATCH 03/11] migrated docker image to debian based php-fpm image --- Dockerfile | 121 ++++++++++++++++++++++++++--------------------------- 1 file changed, 60 insertions(+), 61 deletions(-) diff --git a/Dockerfile b/Dockerfile index 162c763..5f345ca 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,73 +1,72 @@ -FROM alpine:3.6 +FROM php:5-fpm LABEL maintainer="diego@passbolt.com" -ENV PASSBOLT_VERSION 1.6.9 +ENV PASSBOLT_VERSION 1.6.10 ENV PASSBOLT_URL https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz -ARG BASE_PHP_DEPS="php5-curl \ - php5-common \ - php5-gd \ - php5-intl \ - php5-json \ - php5-mcrypt \ - php5-mysql \ - php5-xsl \ - php5-fpm \ - php5-phar \ - php5-posix \ - php5-xml \ - php5-openssl \ - php5-zlib \ - php5-ctype \ - php5-pdo \ - php5-pdo_mysql \ - php5-pear" +ARG PHP_EXTENSIONS="gd \ + intl \ + pdo_mysql \ + mcrypt \ + xsl" -ARG PHP_GNUPG_DEPS="php5-dev \ - make \ - gcc \ - g++ \ - libc-dev \ - pkgconfig \ - re2c \ - gpgme-dev \ - autoconf \ - zlib-dev \ - file" +ARG PECL_PASSBOLT_EXTENSIONS="gnupg \ + redis" -RUN apk add --no-cache $BASE_PHP_DEPS \ - sed \ - coreutils \ - tar \ - bash \ - curl \ - nginx \ - gpgme \ - gnupg1 \ - recode \ - libxml2 \ - openssl \ - libpcre32 \ - mysql-client \ - ca-certificates +ARG PASSBOLT_DEV_PACKAGES="libgpgme11-dev \ + libpng-dev \ + libxslt1-dev \ + libmcrypt-dev \ + unzip \ + git" -RUN apk add --no-cache $PHP_GNUPG_DEPS \ - && ln -s /usr/bin/php5 /usr/bin/php \ - && ln -s /usr/bin/phpize5 /usr/bin/phpize \ - && sed -i "s/ -n / /" $(which pecl) \ - && pecl install gnupg \ - && pecl install redis \ - && echo "extension=gnupg.so" > /etc/php5/conf.d/gnupg.ini \ - && echo "extension=redis.so" > /etc/php5/conf.d/redis.ini \ - && apk del $PHP_GNUPG_DEPS \ - && curl -sS https://getcomposer.org/installer | php \ +ENV PECL_BASE_URL="https://pecl.php.net/get" +ENV PHP_EXT_DIR="/usr/src/php/ext" + +WORKDIR /var/www/passbolt +RUN apt-get update \ + && apt-get -y install --no-install-recommends $PASSBOLT_DEV_PACKAGES \ + nginx \ + gnupg \ + libgpgme11 \ + libmcrypt4 \ + libicu-dev \ + mysql-client \ + supervisor \ + netcat \ + cron \ + && mkdir /home/www-data \ + && chown -R www-data:www-data /home/www-data \ + && usermod -d /home/www-data www-data \ + && docker-php-source extract \ + && for i in $PECL_PASSBOLT_EXTENSIONS; do \ + mkdir $PHP_EXT_DIR/$i; \ + curl -sSL $PECL_BASE_URL/$i | tar zxf - -C $PHP_EXT_DIR/$i --strip-components 1; \ + done \ + && docker-php-ext-install -j4 $PHP_EXTENSIONS $PECL_PASSBOLT_EXTENSIONS \ + && docker-php-ext-enable $PHP_EXTENSIONS $PECL_PASSBOLT_EXTENSIONS \ + && docker-php-source delete \ + && EXPECTED_SIGNATURE=$(curl -s https://composer.github.io/installer.sig) \ + && php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" \ + && ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', 'composer-setup.php');") \ + && if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]; then \ + >&2 echo 'ERROR: Invalid installer signature'; \ + rm composer-setup.php; \ + exit 1; \ + fi \ + && php composer-setup.php \ && mv composer.phar /usr/local/bin/composer \ - && mkdir /var/www/passbolt \ - && curl -sSL $PASSBOLT_URL | tar zxf - -C /var/www/passbolt --strip-components 1 \ - && chown -R nginx:nginx /var/www/passbolt \ - && chmod -R +w /var/www/passbolt/app/tmp \ - && chmod +w /var/www/passbolt/app/webroot/img/public + && curl -sSL $PASSBOLT_URL | tar zxf - -C . --strip-components 1 \ + && composer install -n --no-dev --optimize-autoloader \ + && chown -R www-data:www-data . \ + && chmod 775 $(find /var/www/passbolt/app/tmp -type d) \ + && chmod 664 $(find /var/www/passbolt/app/tmp -type f) \ + && chmod 775 $(find /var/www/passbolt/app/webroot/img/public -type d) \ + && chmod 664 $(find /var/www/passbolt/app/webroot/img/public -type f) \ + && rm /etc/nginx/sites-enabled/default \ + && apt-get purge -y --auto-remove $PASSBOLT_DEV_PACKAGES \ + && rm -rf /var/lib/apt/lists/* COPY conf/passbolt.conf /etc/nginx/conf.d/default.conf COPY bin/docker-entrypoint.sh /docker-entrypoint.sh From 530c93007ad22be592f8756a70278cbe5911e5a6 Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Wed, 28 Mar 2018 20:43:05 +0200 Subject: [PATCH 04/11] fix gpg2 key creation, fix su invocations, removed check_permissions. Fixes #89 --- bin/docker-entrypoint.sh | 60 +++++++++++----------------------------- 1 file changed, 16 insertions(+), 44 deletions(-) diff --git a/bin/docker-entrypoint.sh b/bin/docker-entrypoint.sh index 89ccd41..769c549 100755 --- a/bin/docker-entrypoint.sh +++ b/bin/docker-entrypoint.sh @@ -14,7 +14,7 @@ ssl_key='/etc/ssl/certs/certificate.key' ssl_cert='/etc/ssl/certs/certificate.crt' gpg_gen_key() { - su -m -c "$gpg --batch --gen-key < $gpg_private_key" -ls /bin/bash nginx - su -m -c "$gpg --armor --export $KEY_EMAIL > $gpg_public_key" -ls /bin/bash nginx + su -c "$gpg --armor --export-secret-keys $KEY_EMAIL > $gpg_private_key" -ls /bin/bash www-data + su -c "$gpg --armor --export $KEY_EMAIL > $gpg_public_key" -ls /bin/bash www-data } gpg_import_key() { - local key_id=$(su -m -c "gpg --with-colons $gpg_private_key | grep sec |cut -f5 -d:" -ls /bin/bash nginx) + local key_id=$(su -c "gpg --with-colons $gpg_private_key | grep sec |cut -f5 -d:" -ls /bin/bash www-data) - su -m -c "$gpg --batch --import $gpg_public_key" -ls /bin/bash nginx - su -m -c "gpg -K $key_id" -ls /bin/bash nginx || su -m -c "$gpg --batch --import $gpg_private_key" -ls /bin/bash nginx + su -c "$gpg --batch --import $gpg_public_key" -ls /bin/bash www-data + su -c "gpg -K $key_id" -ls /bin/bash www-data || su -c "$gpg --batch --import $gpg_private_key" -ls /bin/bash www-data } core_setup() { @@ -84,11 +85,9 @@ app_setup() { local default_public_key='unsecure.key' local default_private_key='unsecure_private.key' local default_fingerprint='2FC8945833C51946E937F9FED47B0811573EE67E' - local gpg_home='/var/lib/nginx/.gnupg' - local auto_fingerprint=$(su -m -c "$gpg --fingerprint |grep fingerprint| awk '{for(i=4;i<=NF;++i)printf \$i}'" -ls /bin/bash nginx) + local auto_fingerprint=$(su -c "$gpg --fingerprint |grep fingerprint| awk '{for(i=4;i<=NF;++i)printf \$i}'" -ls /bin/bash www-data) cp $app_config{.default,} - sed -i s:$default_home:$gpg_home:g $app_config sed -i s:$default_public_key:serverkey.asc:g $app_config sed -i s:$default_private_key:serverkey.private.asc:g $app_config sed -i s:$default_fingerprint:${FINGERPRINT:-$auto_fingerprint}:g $app_config @@ -153,41 +152,19 @@ install() { tables=$(mysql -u ${database_user:-passbolt} -h $database_host -P ${database_port:-3306} -p -BN -e "SHOW TABLES FROM ${database_name:-passbolt}" -p${database_pass:-P4ssb0lt} |wc -l) if [ $tables -eq 0 ]; then - su -c "/var/www/passbolt/app/Console/cake install --send-anonymous-statistics true --no-admin" -ls /bin/bash nginx + su -c "/var/www/passbolt/app/Console/cake install --send-anonymous-statistics true --no-admin" -ls /bin/bash www-data else echo "Enjoy! ☮" fi } -php_fpm_setup() { - sed -i '/^user\s/ s:nobody:nginx:g' /etc/php5/php-fpm.conf - sed -i '/^group\s/ s:nobody:nginx:g' /etc/php5/php-fpm.conf - cp /etc/php5/php-fpm.conf /etc/php5/fpm.d/www.conf - sed -i '/^include\s/ s:^:#:' /etc/php5/fpm.d/www.conf -} - -check_permissions() { - chown -R nginx:nginx /var/www/passbolt - chmod -R +w /var/www/passbolt/app/tmp - chmod +w /var/www/passbolt/app/webroot/img/public -} - email_cron_job() { - local root_crontab='/etc/crontabs/root' - local cron_task_dir='/etc/periodic/1min' - local cron_task='/etc/periodic/1min/email_queue_processing' - local process_email="/var/www/passbolt/app/Console/cake EmailQueue.sender --quiet" + cron_task='/etc/cron.d/passbolt_email' + echo "* * * * * su -c \"/var/www/passbolt/app/Console/cake EmailQueue.sender\" -s /bin/bash www-data >> /var/log/cron.log 2>&1" >> $cron_task - mkdir -p $cron_task_dir + crontab /etc/cron.d/passbolt_email - if ! grep $cron_task_dir $root_crontab > /dev/null; then - echo "* * * * * run-parts $cron_task_dir" >> $root_crontab - fi - echo "#!/bin/sh" > $cron_task - chmod +x $cron_task - echo "su -c \"$process_email\" -ls /bin/bash nginx" >> $cron_task - - crond -f -c /etc/crontabs & + cron -f -l & } if [ ! -f $gpg_private_key ] && [ ! -L $gpg_private_key ] || \ @@ -218,15 +195,10 @@ if [ ! -f $ssl_key ] && [ ! -L $ssl_key ] && \ gen_ssl_cert fi -check_permissions - -php_fpm_setup - install -php-fpm5 +php-fpm & email_cron_job -nginx -g "pid /tmp/nginx.pid; daemon off;" - +nginx -g "daemon off;" From f8f6e4191606242793cfd6673ba599a1f189c725 Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Wed, 28 Mar 2018 21:12:15 +0200 Subject: [PATCH 05/11] update changelog 1.6.10 --- CHANGELOG.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1abb5c7..46a042a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,23 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/). -## [Unreleased](https://github.com/passbolt/passbolt_docker/compare/v1.6.9-1...HEAD) +## [Unreleased](https://github.com/passbolt/passbolt_docker/compare/v1.6.10...HEAD) + +## [1.6.10](https://github.com/passbolt/passbolt_docker/compare/v1.6.9-1...v1.6.10) - 2018-03-28 + +### Fixed + +- chown fails with Docker Secrets, can't start container [#89](https://github.com/passbolt/passbolt_docker/pull/89) + +### Changed + +The container base image has been migrated from alpine to debian. The reason behind this change +is that we have detected slower performance in alpine based images. Changing the image introduced a few changes +in the structure of the container: +- Bigger images +- www user is now www-data user +- cron jobs are managed as crontabs in /var/spool/cron/crontabs/root +- Permissions check on the passbolt base dir has been removed as it was a big performance penalty on startup times. ## [1.6.9-1](https://github.com/passbolt/passbolt_docker/compare/v1.6.9...v1.6.9-1) - 2018-01-15 From f6fcd998006e8ebeb59777d4b9149ae8a3fef57d Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Wed, 28 Mar 2018 21:15:16 +0200 Subject: [PATCH 06/11] note on version tags --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 46a042a..4190197 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ in the structure of the container: - www user is now www-data user - cron jobs are managed as crontabs in /var/spool/cron/crontabs/root - Permissions check on the passbolt base dir has been removed as it was a big performance penalty on startup times. +- Docker hub tags will now follow the PASSBOLT_VERSION-debian pattern ## [1.6.9-1](https://github.com/passbolt/passbolt_docker/compare/v1.6.9...v1.6.9-1) - 2018-01-15 From 73712370fcda3b87fb19e5ffc94b14a9bc08b819 Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Mon, 9 Apr 2018 14:05:52 +0200 Subject: [PATCH 07/11] version bump to 2.0.0 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ae6d0b7..999c0b1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM php:7-fpm LABEL maintainer="diego@passbolt.com" -ARG PASSBOLT_VERSION="2.0.0-rc2" +ARG PASSBOLT_VERSION="2.0.0" ARG PASSBOLT_URL="https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz" ARG PHP_EXTENSIONS="gd \ From 3a96d723d5d789a6cc6829732fc2a116c251d7a6 Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Mon, 9 Apr 2018 14:05:58 +0200 Subject: [PATCH 08/11] readme updates --- README.md | 71 ++++++++++++++++++++++++++----------------------------- 1 file changed, 34 insertions(+), 37 deletions(-) diff --git a/README.md b/README.md index 69114b5..0aa11e1 100644 --- a/README.md +++ b/README.md @@ -15,10 +15,6 @@ [![license](https://img.shields.io/github/license/passbolt/passbolt_docker.svg?style=flat-square)](https://github.com/passbolt/passbolt_docker/LICENSE) [![Twitter Follow](https://img.shields.io/twitter/follow/passbolt.svg?style=social&label=Follow)](https://twitter.com/passbolt) -# Warning - -This is a work in progress branch use at your own risk. - # What is passbolt? Passbolt is a free and open source password manager that allows team members to @@ -70,40 +66,41 @@ available browsing `https://yourdomain.com` Passbolt docker image provides several environment variables to configure different aspects: -``` -* APP_FULL_BASE_URL: Passbolt base url (Example https://yourdomain.com) -* DATASOURCES_DEFAULT_HOST: database hostname (default: localhost) -* DATASOURCES_DEFAULT_PORT: database port (default: 3306) -* DATASOURCES_DEFAULT_USERNAME: database username (default: my_app) -* DATASOURCES_DEFAULT_PASSWORD: database password (default: secret) -* DATASOURCES_DEFAULT_DATABASE: database name (default: my_app) -* EMAIL_TRANSPORT_DEFAULT_CLASS_NAME: Email classname (default: Smtp) -* EMAIL_DEFAULT_FROM: from email address (default: contact@mydomain.local) -* EMAIL_DEFAULT_TRANSPORT: sets transport method (default: default) -* EMAIL_TRANSPORT_DEFAULT_HOST: server hostname (default: localhost) -* EMAIL_TRANSPORT_DEFAULT_PORT: server port (default: 25) -* EMAIL_TRANSPORT_DEFAULT_TIMEOUT: timeout (default: 30) -* EMAIL_TRANSPORT_DEFAULT_USERNAME: username for email server auth (default: null) -* EMAIL_TRANSPORT_DEFAULT_PASSWORD: password for email server auth (default: null) -* EMAIL_TRANSPORT_DEFAULT_CLIENT: client (default: null) -* EMAIL_TRANSPORT_DEFAULT_TLS: set tls (default: null) -* EMAIL_TRANSPORT_DEFAULT_URL: set url (default: null) -* GNUPGHOME: Path to gnupghome directory (default: web_user_home_directory/.gnupg ) -* PASSBOLT_KEY_LENGTH: gpg desired key length (default: 2048) -* PASSBOLT_SUBKEY_LENGTH: gpg desired subkey length (default: 2048) -* PASSBOLT_KEY_NAME: key owner name (default: Passbolt default user) -* PASSBOLT_KEY_EMAIL: key owner email address (default: passbolt@yourdomain.com) -* PASSBOLT_KEY_EXPIRATION: key expiration date (default: 0, never expires) -* PASSBOLT_GPG_SERVER_KEY_FINGERPRINT: GnuPG fingerprint -* PASSBOLT_GPG_SERVER_KEY_PUBLIC: Path to GnuPG public server key (default: to /var/www/passbolt/config/gpg/serverkey.asc) -* PASSBOLT_GPG_SERVER_KEY_PRIVATE: Path to GnuPG private server key (default: to /var/www/passbolt/config/gpg/serverkey_private.asc) -* PASSBOLT_REGISTRATION_PUBLIC: Defines if users can register (default: to false) -* PASSBOLT_SSL_FORCE: Redirects http to https from passbolt (default: to true) -* PASSBOLT_SECURITY_SET_HEADERS: Send CSP Headers from passbolt (default: to true) -* SECURITY_SALT: A random number user in security hashing methods. -``` +| Variable name | Description | Default value | +| ----------------------------------- | -------------------------------- | ------------------- | +| APP_FULL_BASE_URL | Passbolt base url | false | +| DATASOURCES_DEFAULT_HOST | Database hostname | localhost | +| DATASOURCES_DEFAULT_PORT | Database port | 3306 | +| DATASOURCES_DEFAULT_USERNAME | Database username | '' | +| DATASOURCES_DEFAULT_PASSWORD | Database password | '' | +| DATASOURCES_DEFAULT_DATABASE | Database name | '' | +| EMAIL_TRANSPORT_DEFAULT_CLASS_NAME | Email classname | Smtp | +| EMAIL_DEFAULT_FROM | From email address | you@localhost | +| EMAIL_DEFAULT_TRANSPORT | Sets transport method | default | +| EMAIL_TRANSPORT_DEFAULT_HOST | Server hostname | localhost | +| EMAIL_TRANSPORT_DEFAULT_PORT | Server port | 25 | +| EMAIL_TRANSPORT_DEFAULT_TIMEOUT | Timeout | 30 | +| EMAIL_TRANSPORT_DEFAULT_USERNAME | Username for email server auth | null | +| EMAIL_TRANSPORT_DEFAULT_PASSWORD | Password for email server auth | null | +| EMAIL_TRANSPORT_DEFAULT_CLIENT | Client | null | +| EMAIL_TRANSPORT_DEFAULT_TLS | Set tls | null | +| EMAIL_TRANSPORT_DEFAULT_URL | Set url | null | +| GNUPGHOME | path to gnupghome directory | /home/www-data/.gnupg | +| PASSBOLT_KEY_LENGTH | Gpg desired key length | 2048 | +| PASSBOLT_SUBKEY_LENGTH | Gpg desired subkey length | 2048 | +| PASSBOLT_KEY_NAME | Key owner name | Passbolt default user | +| PASSBOLT_KEY_EMAIL | Key owner email address | passbolt@yourdomain.com | +| PASSBOLT_KEY_EXPIRATION | Key expiration date | 0, never expires | +| PASSBOLT_GPG_SERVER_KEY_FINGERPRINT | GnuPG fingerprint | null | +| PASSBOLT_GPG_SERVER_KEY_PUBLIC | Path to GnuPG public server key | /var/www/passbolt/config/gpg/serverkey.asc | +| PASSBOLT_GPG_SERVER_KEY_PRIVATE | Path to GnuPG private server key | /var/www/passbolt/config/gpg/serverkey_private.asc | +| PASSBOLT_REGISTRATION_PUBLIC | Defines if users can register | false | +| PASSBOLT_SSL_FORCE | Redirects http to https | true | +| PASSBOLT_SECURITY_SET_HEADERS | Send CSP Headers | true | +| SECURITY_SALT | CakePHP security salt | __SALT__ | -For more env variables supported please check [default.php](https://github.com/passbolt/passbolt_api/blob/develop/config/default.php) +For more env variables supported please check [default.php](https://github.com/passbolt/passbolt_api/blob/master/config/default.php) +For more env variables supported please check [app.default.php](https://github.com/passbolt/passbolt_api/blob/master/config/app.default.php) ### Configuration files From c067087f04288ef10d14dd8185a6852c3f7b8bc4 Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Mon, 9 Apr 2018 14:16:49 +0200 Subject: [PATCH 09/11] updated docker-compose version --- docker-compose.yml | 4 +++- env/passbolt.env | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 56177fd..abfc99f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,13 +10,15 @@ services: - 3306 passbolt: - image: passbolt/passbolt:develop-debian + image: passbolt/passbolt:2.0.0-debian tty: true depends_on: - db env_file: - env/passbolt.env volumes: + - gpg_volume:/var/www/passbolt/config/gpg + - images_volume:/var/www/passbolt/webroot/img/public - ./scripts/wait-for.sh:/usr/bin/wait-for.sh tmpfs: - /run diff --git a/env/passbolt.env b/env/passbolt.env index c5cffef..1f0ec57 100644 --- a/env/passbolt.env +++ b/env/passbolt.env @@ -8,5 +8,5 @@ DATASOURCES_DEFAULT_PASSWORD=P4ssb0lt DATASOURCES_DEFAULT_DATABASE=passbolt DATASOURCES_DEFAULT_PORT=3306 -# Misc +# Registration PASSBOLT_REGISTRATION_PUBLIC=true From f3b6ff5553761b97ef80238aa8e2661acf77e2c3 Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Mon, 9 Apr 2018 14:27:20 +0200 Subject: [PATCH 10/11] v2.0.0 release notes --- CHANGELOG.md | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d841c1b..cc50049 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,22 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/). -## [Unreleased](https://github.com/passbolt/passbolt_docker/compare/v2.0.0-rc2...HEAD) +## [Unreleased](https://github.com/passbolt/passbolt_docker/compare/v2.0.0...HEAD) + +## [2.0.0](https://github.com/passbolt/passbolt_docker/compare/v2.0.0-rc2...v2.0.0) - 2018-04-09 + +### Changed + +- Base image switched to php:7-fpm (debian based) due performance issues with passbolt and alpine based images +- Web user is now www-data +- Supervisor provides better logging to stdout +- Upload max filesize increased to 5M for avatar uploads +- README documentation updated +- Composer file loads images directory in passbolt container as a docker volume + +### Added + +- Added composer installer signature check according to official composer docs [#91](https://github.com/passbolt/passbolt_docker/pull/91) ## [2.0.0-rc2](https://github.com/passbolt/passbolt_docker/compare/v2.0.0-rc1...v2.0.0-rc2) - 2018-02-20 From 161bf82a7d685d771c743790531cf8ed102a9d81 Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Mon, 9 Apr 2018 14:41:03 +0200 Subject: [PATCH 11/11] dockerignore --- .dockerignore | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..91fc136 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,12 @@ +spec +.git +.github +.editorconfig +.gitignore +Gemfile +Gemfile.lock +Rakefile +*.md +*.yml +scripts +env