2021-07-31 15:54:48 +02:00
# Docker
2021-08-03 16:37:42 +02:00
[![Build status ](https://github.com/Bubka/2fauth/actions/workflows/ci.yml/badge.svg )](https://github.com/Bubka/2fauth/actions/workflows/ci.yml)
2021-08-01 21:04:56 +02:00
[![dockeri.co ](https://dockeri.co/image/2fauth/2fauth )](https://hub.docker.com/r/2fauth/2fauth)
2021-07-31 15:54:48 +02:00
You can run 2fauth in a single Docker container.
## Features
2021-08-01 21:06:54 +02:00
- [![Latest size ](https://img.shields.io/docker/image-size/2fauth/2fauth/latest?label=Image%20size )](https://hub.docker.com/r/2fauth/2fauth/tags)
2021-08-04 22:47:21 +02:00
- Compatible with: `amd64` , `386` , `arm64` , `arm/v6` and `arm/v7`
- Stores data in an Sqlite database file
2021-08-04 16:16:39 +02:00
- Runs without root as user with id `1000` and group id `1000`
2021-07-31 15:54:48 +02:00
## Setup
2021-08-04 22:47:21 +02:00
We assume your current directory is `/yourpath` .
1. Create a directory on your host:
2021-07-31 15:54:48 +02:00
```sh
2021-08-03 15:35:15 +02:00
mkdir 2fauth
2021-07-31 15:54:48 +02:00
```
2021-08-04 16:16:39 +02:00
1. **If your host is not Windows** : since the container runs without root as user `1000:1000` , you need to fix the ownership and permissions of that directory:
2021-07-31 15:54:48 +02:00
```sh
2021-08-04 16:16:39 +02:00
chown 1000:1000 2fauth
2021-07-31 15:54:48 +02:00
chmod 700 2fauth
```
2023-03-25 00:20:39 +01:00
💁 if you feel like using another ID, you can [build the image with build arguments ](#build-the-image-with-build-arguments ).
2021-08-04 16:23:19 +02:00
2021-07-31 15:54:48 +02:00
1. Run the container interactively:
```sh
docker run -it --rm -p 8000:8000/tcp \
2021-08-01 21:06:54 +02:00
-v /yourpath/2fauth:/2fauth 2fauth/2fauth
2022-05-13 10:49:44 +02:00
-e AUTHENTICATION_GUARD=web-guard #fix for issue #68
2021-07-31 15:54:48 +02:00
```
1. Access it at [http://localhost:8000 ](http://localhost:8000 )
You can stop it with `CTRL+C` .
- You can also run it in the background by replacing `-it --rm` with `-d` .
2022-05-11 22:47:21 +02:00
- You can set environment variables available (see the [.env.example ](../.env.example )) with `-e` , for example `-e APP_NAME=2FAuth` .
2021-07-31 15:54:48 +02:00
- You can also use the [docker-compose.yml ](docker-compose.yml ) with `docker-compose` and modify it as you wish.
### Use an existing SQLite file
If you already have an SQLite file, move it to `/yourpath/2fauth/database.sqlite` on your host before starting the container. Don't forget to fix its ownership and permissions if you run on *nix:
```sh
2021-08-04 22:47:21 +02:00
chown 1000:1000 /yourpath/2fauth/database.sqlite
2021-07-31 15:54:48 +02:00
chmod 700 /yourpath/2fauth/database.sqlite
```
The container will automagically pick it up.
2021-08-01 21:19:30 +02:00
## Update
2021-08-04 22:47:21 +02:00
⚠️ At the very least, backup your `database.sqlite` file to avoid bad surprises!
2021-08-01 21:19:30 +02:00
The Docker image `2fauth/2fauth` is built on every commit pushed to the `master` branch.
You can therefore pull the image with `docker pull 2fauth/2fauth` and restart the container to update it.
2021-08-04 22:47:21 +02:00
You can also use tagged images, see [Docker Hub tags ](https://hub.docker.com/r/2fauth/2fauth/tags?page=1&ordering=last_updated ) which are produced on Github releases.
2021-08-01 21:19:45 +02:00
## Build the image
You can build the image from the `master` branch with `docker` and `git` using:
```sh
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git
```
2021-08-04 16:22:26 +02:00
### Build the image for a specific release
You can build a [specific release ](https://github.com/Bubka/2FAuth/releases ) by appending the release tag with `#<release-tag>` to the command. For example:
```sh
2022-03-31 10:07:36 +02:00
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git#v3.0.0
2021-08-04 16:22:26 +02:00
```
### Build the image for a specific commit
You can build a specific commit (see [master's commits ](https://github.com/Bubka/2FAuth/commits/master )) by appending the commit hash with `#<commit-hash>` to the command. For example:
2021-08-01 21:19:45 +02:00
```sh
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git#fba9e29bd4e3bb697296bb0bde60ae869537528b
```
2021-08-04 16:23:19 +02:00
### Build the image with build arguments
There are the following build arguments you can use to customize the image using `--build-arg key=value` :
| Build argument | Default | Description |
| --- | --- | --- |
| `UID` | 1000 | The UID of the user to run the container as |
| `GID` | 1000 | The GID of the user to run the container as |
| `DEBIAN_VERSION` | `buster-slim` | The Debian version to use |
2023-03-25 00:20:39 +01:00
| `PHP_VERSION` | `8.1-buster` | The PHP version to use to get composer dependencies |
2022-07-22 16:28:11 +02:00
| `COMPOSER_VERSION` | `2.3` | The version of composer to use |
2021-08-04 16:23:19 +02:00
| `SUPERVISORD_VERSION` | `v0.7.3` | The version of supervisord to use |
| `VERSION` | `unknown` | The version of the image |
| `CREATED` | `an unknown date` | The date of the image build time |
| `COMMIT` | `unknown` | The commit hash of the Git commit used |
2022-07-22 16:28:11 +02:00
#### Mail settings
2022-05-13 10:49:44 +02:00
2022-08-07 01:19:17 +02:00
> Refer your email provider documentation to configure your mail settings
2023-03-25 00:20:39 +01:00
>
2022-08-07 01:19:17 +02:00
> Set a value for every available setting to avoid issue
| Build argument | Recommendation | Description |
2022-05-13 10:49:44 +02:00
| --- | --- | --- |
2022-08-07 01:19:17 +02:00
| MAIL_DRIVER | SMTP | The driver type |
| MAIL_HOST | smtp.yourdomain.com | The SMTP hostname |
| MAIL_PORT | 587 | The corresponding SMTP port (587 with STARTTLS) or (465 with SSL recommended) |
| MAIL_USERNAME | 2fauth@yourdomain.com | The SMTP username |
| MAIL_PASSWORD | password1234 | The SMTP password |
| MAIL_ENCRYPTION | TLS | The encrytion type (TLS -> STARTTLS) or SSL |
| MAIL_FROM_NAME | 2FAuth | The sender name |
| MAIL_FROM_ADDRESS | 2fauth@yourdomain.com | The sender adress |
2022-05-13 10:49:44 +02:00
Example:
2022-07-22 16:28:11 +02:00
```text
2022-08-07 01:19:17 +02:00
-e MAIL_DRIVER=SMTP
2022-05-13 10:49:44 +02:00
-e MAIL_HOST=smtp.example.com
2022-08-07 01:19:17 +02:00
-e MAIL_PORT=587 # STARTTLS
2022-05-13 10:49:44 +02:00
-e MAIL_USERNAME=2fauth@example.com
-e MAIL_PASSWORD=password1234
2022-08-07 01:19:17 +02:00
-e MAIL_ENCRYPTION=TLS # STARTTLS
-e MAIL_FROM_NAME=2FAuth
-e MAIL_FROM_ADDRESS=2fauth@example.com
2022-05-13 10:49:44 +02:00
```
2021-07-31 15:54:48 +02:00
## Implementation details
2021-08-04 22:47:21 +02:00
- The final Docker image is based on `alpine:3.14` with minimal packages installed
- The container runs [`supervisord` ](https://github.com/ochinchina/supervisord ) to handle both an Nginx server and a PHP-FPM server together
2021-07-31 15:54:48 +02:00
- The `/srv` directory holds the repository data and PHP code.
- The `/2fauth` directory is targeted for the container end users.
2021-08-04 22:47:21 +02:00
- By default the container logs the Nginx logs and the PHP-FPM logs. The application logs (if any) can be found in `/2fauth/storage/logs` .