version: '3' volumes: # data directory: here are the files stored (/var/lib/egroupware by default) data: driver_opts: type: none o: bind # to upgrade an existing non-docker installation most easy is to use the existing # data directory /var/lib/egroupware AND the host database see below #device: /var/lib/egroupware # otherwise data is stored in data subdirectory of the current directory device: $PWD/data # sources directory or document root mounted as /var/www inside the container sources: driver_opts: type: none o: bind # use this if you have an existing document root with an egroupware directory inside #device: /var/www # otherwise sources/document is stored in sources subdirectory of current directory device: $PWD/sources # sources for push server, swoolpush subdirectory of egroupware sources-push: driver_opts: type: none o: bind device: $PWD/sources/egroupware/swoolepush # volume to store config.inc.php file / token shared between egroupware and push container push-config: # collabora-config collabora-config: driver_opts: type: none o: bind # to upgrade an existing non-docker installation most easy is to use the existing # data directory /var/lib/egroupware AND the host database see below #device: /var/lib/egroupware/default/loolwsd # otherwise data is stored in data subdirectory of the current directory device: $PWD/data/default/loolwsd # for Mac and Windows, do NOT use a directory for the DB, as the Docker host is in a VM! db: sessions: # cache files from compose, npm and yarn (actually /root inside the container) cache: # store Rocket.Chat MongoDB on an (internal) Volume mongo: # directory to store MongoDB dumps rocketchat-dumps: driver_opts: type: none o: bind device: $PWD/data/default/rocketchat/dump rocketchat-uploads: driver_opts: type: none o: bind device: $PWD/data/default/rocketchat/uploads services: egroupware: # you can also use tags like: 7.4, 8.0 or 8.1 depending on the PHP version you want to use image: egroupware/development:latest # setting a default language for a new installation #environment: #- LANG=de volumes: - $PWD/sources:/var/www - $PWD/data:/var/lib/egroupware - $PWD/sessions:/var/lib/php/sessions - $PWD/cache:/root - $PWD/push-config:/var/lib/egroupware-push # if you want to use the host database: # 1. comment out the whole db service below AND # 2. set EGW_DB_HOST=localhost AND # 3. uncomment the next line and modify the host path (first one), it depends on your distro: # - RHEL/CentOS /var/lib/mysql/mysql.sock:/var/run/mysqld/mysqld.sock # - openSUSE/SLE /var/run/mysql/mysql.sock:/var/run/mysqld/mysqld.sock # - Debian/Ubuntu /var/run/mysqld:/var/run/mysqld #- /var/run/mysqld:/var/run/mysqld # private CA so egroupware can validate your certificate to talk to Collabora or Rocket.Chat # multiple certificates (eg. a chain) have to be single files in a directory, with one named private-ca.crt! #- /etc/egroupware-docker/private-ca.crt:/usr/local/share/ca-certificates/private-ca.crt:ro environment: # # MariaDB/MySQL host to use: for internal service use "db", for host database (socket bind-mounted into container) use "localhost" - EGW_DB_HOST=db # grant host is needed for NOT using localhost / unix domain socket for MySQL/MariaDB - EGW_DB_GRANT_HOST=172.% # for internal db service you should to specify a root password here AND in db service # a database "egroupware" with a random password is created for you on installation (password is stored in header.inc.php in data directory) #- EGW_DB_ROOT=root - EGW_DB_ROOT_PW=secret # alternativly you can specify an already existing database with full right by the given user! #- EGW_DB_NAME=egroupware #- EGW_DB_USER=egroupware #- EGW_DB_PASS= # # further post_install.php arguments can be passed as a single enviroment variable with space separated assignments # "= =" see https://github.com/EGroupware/egroupware/blob/master/doc/rpm-build/post_install.php#L17 # to configure eg. LDAP for authentication and account storage use #- EGW_POST_INSTALL='account-auth=ldap,ldap ldap_base=ou=egroupware,dc=example,dc=org ldap_host=tls://ldap.example.org ldap_admin=cn=admin,$base ldap_admin_pw=secret ldap_context=cn=users,$base ldap_group_context=cn=groups,$base' # # extra non-default apps (need to start with EGW_EXTRA_APP!) # # EPL apps (need extra credentials!) #- EGW_EXTRA_APPS_EPL=https://github.com/EGroupwareGmbH/epl.git https://github.com/EGroupwareGmbH/esyncpro.git https://github.com/EGroupwareGmbH/policy.git https://github.com/EGroupwareGmbH/webauthn.git # old Wiki #- EGW_EXTRA_APP_WIKI=https://github.com/EGroupware/wiki.git # old API and eTemplate(1), required for upgrades from before 14.3 #- EGW_EXTRA_APP_OLDAPI=https://github.com/EGroupware/phpgwapi.git https://github.com/EGroupware/etemplate.git # # XDEBUG_REMOTE_HOST need to be set, Docker Desktop can use host.docker.internal or Linux the docker0 interface 172.17.0.1 - XDEBUG_REMOTE_HOST=host.docker.internal restart: always depends_on: - db container_name: egroupware # set the ip-address of your docker host AND your official DNS name so EGroupware # can access Rocket.Chat or Collabora without the need to go over your firewall #extra_hosts: #- "my.host.name:ip-address" nginx: image: nginx:stable-alpine volumes: - $PWD/sources:/var/www:ro # to add a certificate create a certificate.pem containing (in that order) # 1. private key # 2. public key # 3. (optional) chain certificates # uncomment to the next line # ./certificate.pem:/etc/ssl/private/certificate.pem # AND uncomment the three lines starting with "listen 443", "ssl_certificate", "ssl_certificate_key" in nginx.conf - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro ports: # if no webserver is running on the host, change (first) number to 80 and 443 - "80:80" - "443:443" depends_on: - egroupware - push - collabora-key #- rocketchat container_name: egroupware-nginx restart: always # run an own MariaDB:10.6 (you can use EGroupware's database backup and restore to add your existing database) db: image: mariadb:10.6 environment: #- MYSQL_ROOT=root - MYSQL_ROOT_PASSWORD=secret #- MARIADB_AUTO_UPGRADE=true volumes: #for WSL2 no $PWD/ here! otherwhise connection is denied - db:/var/lib/mysql # to add an own persistent configuration #- ./mariadb.cnf:/etc/mysql/mariadb.conf.d/egroupware.cnf container_name: egroupware-db restart: always # make mysql also available on the host #ports: #- "3306:3306" # push server using phpswoole push: image: phpswoole/swoole:latest-alpine command: - /var/www/server.php volumes: # push server needs this source - $PWD/sources/egroupware/swoolepush:/var/www - $PWD/sessions:/var/lib/php/sessions - $PWD/push-config:/var/lib/egroupware-push container_name: egroupware-push restart: always depends_on: - egroupware # automatic updates of all containers daily at 4am # see https://containrrr.github.io/watchtower for more information watchtower: image: containrrr/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock # For automatic EPL Updates (not necessary for CE!) you need to pass docker # credentials into watchtower after running: docker login download.egroupware.org #- /root/.docker/config.json:/config.json:ro environment: - WATCHTOWER_CLEANUP=true # delete old image after update to not fill up the disk # for email notifications add your email and mail-server here #- WATCHTOWER_NOTIFICATIONS=email #- WATCHTOWER_NOTIFICATIONS_LEVEL=info # possible values: panic, fatal, error, warn, info or debug #- WATCHTOWER_NOTIFICATION_EMAIL_FROM="watchtower@my-domain.com" #- WATCHTOWER_NOTIFICATION_EMAIL_TO="me@my-domain.com" #- WATCHTOWER_NOTIFICATION_EMAIL_SERVER="mail.my-domain.com" # if you give your MX here, you need no user/password #- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=25 #- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER="watchtower@my-domain.com" #- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD="secret" command: --schedule "0 0 4 * * *" container_name: egroupware-watchtower restart: always # Collabora Online Office collabora-key: image: "quay.io/egroupware/collabora-key:stable" #image: collabora/code:latest volumes: # $PWD/collabora-config:/etc/loolwsd # support for Collabora/CODE 21.11+ - $PWD/data/default/loolwsd:/etc/coolwsd restart: always container_name: collabora-key # set the ip-address of your docker host AND your official DNS name so Collabora # can access EGroupware without the need to go over your firewall #extra_hosts: #- "my.host.name:ip-address" depends_on: - collabora-init # initialise the collabora-config volume collabora-init: image: "quay.io/egroupware/collabora-key:latest" command: bash -c "test -f /tmp/coolwsd/coolwsd.xml || (cp -p /etc/coolwsd/* /tmp/coolwsd && cd /tmp/coolwsd && ln -s coolwsd.xml loolwsd.xml && chown -R 33:33 /tmp/coolwsd)" volumes: - $PWD/data/default/loolwsd:/tmp/coolwsd # Rocket.Chat server #rocketchat: # image: quay.io/egroupware/rocket.chat:stable6 # command: > # sh -c # "while true; do # node main.js && # s=$$? && break || s=$$?; # echo \"Could not reach MongoDB. Waiting 5 secs ...\"; # sleep 5; # done; (exit $$s)" # restart: unless-stopped # volumes: # - $PWD/data/default/rocketchat/uploads:/app/uploads # # if EGroupware uses a certificate from a private CA, OAuth authentication will fail, you need to: # # - have the CA certificate stored at /etc/egroupware-docker/private-ca.crt # # - uncomment the next 2 lines about the private CA: # # - /etc/egroupware-docker/private-ca.crt:/usr/local/share/ca-certificates/private-ca.crt:ro # environment: # # - NODE_EXTRA_CA_CERTS=/usr/local/share/ca-certificates/private-ca.crt # # IMPORTANT: change ROOT_URL to your actual url eg. https://domain.com/rocketchat # - ROOT_URL=http://localhost/rocketchat # - PORT=3000 # - MONGO_URL=mongodb://mongo:27017/rocketchat?replicaSet=rs0&directConnection=true # - MONGO_OPLOG_URL=mongodb://mongo:27017/local?replicaSet=rs0&directConnection=true # # - HTTP_PROXY=http://proxy.domain.com # # - HTTPS_PROXY=http://proxy.domain.com # depends_on: # - mongo # container_name: rocketchat # # set the ip-address of your docker host AND your official DNS name so Rocket.Chat # # can access EGroupware without the need to go over your firewall # #extra_hosts: # #- "my.host.name:ip-address" # MongoDB for Rocket.Chat #mongo: # image: mongo:5.0 # restart: unless-stopped # volumes: # - mongo:/data/db # - $PWD/data/default/rocketchat/dump:/dump # command: mongod --oplogSize 128 --replSet rs0 --storageEngine=wiredTiger # container_name: rocketchat-mongo # this container's job is just run the command to initialize the replica set. # it will run the command and remove himself (it will not stay running) #mongo-init-replica: # image: mongo:5.0 # command: > # bash -c # "for (( ; ; )); do # mongo mongo/rocketchat --eval \" # rs.initiate({ # _id: 'rs0', # members: [ { _id: 0, host: 'localhost:27017' } ]})\" && # s=$$? && break || s=$$?; # echo \"Could not reach MongoDB. Waiting 5 secs ...\"; # sleep 5; # done; (exit $$s)" # depends_on: # - mongo # phpMyAdmin phpmyadmin: restart: unless-stopped image: phpmyadmin container_name: phpmyadmin hostname: phpmyadmin # pre 20.1 installs run MariaDB on the host and need to pass the socket (to use egroupware user and it's password only valid on localhost) #volumes: # - /var/run/mysqld/mysqld.sock:/tmp/mysql.sock environment: # PMA_HOST: use localhost, if you use a socket (pre 20.1 install) or db for 20.1+ installations - PMA_HOST=db # phpMyAdmin needs the full URL incl. protocol, domain, path and a trailing slash! - PMA_ABSOLUTE_URI=http://localhost/phpmyadmin/ # Portainer: Docker GUI (needs to be enabled in nginx.conf too!) # portainer: # image: portainer/portainer # command: -H unix:///var/run/docker.sock # restart: always # ports: # - 9000:9000 # - 8000:8000 # volumes: # - /var/run/docker.sock:/var/run/docker.sock # - portainer_data:/data # container_name: portainer