diff --git a/.env.dev.docker b/.env.dev.docker new file mode 100644 index 000000000..7b9e2000c --- /dev/null +++ b/.env.dev.docker @@ -0,0 +1,166 @@ +# -------------------------------------------- +# REQUIRED: DB SETUP +# -------------------------------------------- +MYSQL_DATABASE=snipeit +MYSQL_USER=snipeit +MYSQL_PASSWORD=changeme1234 +MYSQL_ROOT_PASSWORD=changeme1234 +# -------------------------------------------- +# REQUIRED: BASIC APP SETTINGS +# -------------------------------------------- +APP_ENV=develop +APP_DEBUG=false +# please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here +APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ= +APP_URL=http://localhost:8000 +APP_TIMEZONE='UTC' +APP_LOCALE=en +MAX_RESULTS=500 + +# -------------------------------------------- +# REQUIRED: UPLOADED FILE STORAGE SETTINGS +# -------------------------------------------- +PRIVATE_FILESYSTEM_DISK=local +PUBLIC_FILESYSTEM_DISK=local_public + +# -------------------------------------------- +# REQUIRED: DATABASE SETTINGS +# -------------------------------------------- +DB_CONNECTION=mysql +DB_HOST=mariadb +DB_DATABASE=snipeit +DB_USERNAME=snipeit +DB_PASSWORD=changeme1234 +DB_PREFIX=null +DB_DUMP_PATH='/usr/bin' +DB_CHARSET=utf8mb4 +DB_COLLATION=utf8mb4_unicode_ci + +# -------------------------------------------- +# OPTIONAL: SSL DATABASE SETTINGS +# -------------------------------------------- +DB_SSL=false +DB_SSL_IS_PAAS=false +DB_SSL_KEY_PATH=null +DB_SSL_CERT_PATH=null +DB_SSL_CA_PATH=null +DB_SSL_CIPHER=null +DB_SSL_VERIFY_SERVER=null + +# -------------------------------------------- +# REQUIRED: OUTGOING MAIL SERVER SETTINGS +# -------------------------------------------- +MAIL_DRIVER=smtp +MAIL_HOST=mailhog +MAIL_PORT=1025 +MAIL_USERNAME=null +MAIL_PASSWORD=null +MAIL_ENCRYPTION=null +MAIL_FROM_ADDR=you@example.com +MAIL_FROM_NAME='Snipe-IT' +MAIL_REPLYTO_ADDR=you@example.com +MAIL_REPLYTO_NAME='Snipe-IT' +MAIL_AUTO_EMBED_METHOD='attachment' + +# -------------------------------------------- +# REQUIRED: IMAGE LIBRARY +# This should be gd or imagick +# -------------------------------------------- +IMAGE_LIB=gd + + +# -------------------------------------------- +# OPTIONAL: BACKUP SETTINGS +# -------------------------------------------- +MAIL_BACKUP_NOTIFICATION_DRIVER=null +MAIL_BACKUP_NOTIFICATION_ADDRESS=null +BACKUP_ENV=true + + +# -------------------------------------------- +# OPTIONAL: SESSION SETTINGS +# -------------------------------------------- +SESSION_LIFETIME=12000 +EXPIRE_ON_CLOSE=false +ENCRYPT=false +COOKIE_NAME=snipeit_session +COOKIE_DOMAIN=null +SECURE_COOKIES=false +API_TOKEN_EXPIRATION_YEARS=40 + +# -------------------------------------------- +# OPTIONAL: SECURITY HEADER SETTINGS +# -------------------------------------------- +APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1 +ALLOW_IFRAMING=false +REFERRER_POLICY=same-origin +ENABLE_CSP=false +CORS_ALLOWED_ORIGINS=null +ENABLE_HSTS=false + +# -------------------------------------------- +# OPTIONAL: CACHE SETTINGS +# -------------------------------------------- +CACHE_DRIVER=file +SESSION_DRIVER=file +QUEUE_DRIVER=sync +CACHE_PREFIX=snipeit + +# -------------------------------------------- +# OPTIONAL: REDIS SETTINGS +# -------------------------------------------- +REDIS_HOST=redis +REDIS_PASSWORD=null +REDIS_PORT=6379 + +# -------------------------------------------- +# OPTIONAL: MEMCACHED SETTINGS +# -------------------------------------------- +MEMCACHED_HOST=null +MEMCACHED_PORT=null + +# -------------------------------------------- +# OPTIONAL: PUBLIC S3 Settings +# -------------------------------------------- +PUBLIC_AWS_SECRET_ACCESS_KEY=null +PUBLIC_AWS_ACCESS_KEY_ID=null +PUBLIC_AWS_DEFAULT_REGION=null +PUBLIC_AWS_BUCKET=null +PUBLIC_AWS_URL=null +PUBLIC_AWS_BUCKET_ROOT=null + +# -------------------------------------------- +# OPTIONAL: PRIVATE S3 Settings +# -------------------------------------------- +PRIVATE_AWS_ACCESS_KEY_ID=null +PRIVATE_AWS_SECRET_ACCESS_KEY=null +PRIVATE_AWS_DEFAULT_REGION=null +PRIVATE_AWS_BUCKET=null +PRIVATE_AWS_URL=null +PRIVATE_AWS_BUCKET_ROOT=null + +# -------------------------------------------- +# OPTIONAL: AWS Settings +# -------------------------------------------- +AWS_ACCESS_KEY_ID=null +AWS_SECRET_ACCESS_KEY=null +AWS_DEFAULT_REGION=null + +# -------------------------------------------- +# OPTIONAL: LOGIN THROTTLING +# -------------------------------------------- +LOGIN_MAX_ATTEMPTS=5 +LOGIN_LOCKOUT_DURATION=60 +RESET_PASSWORD_LINK_EXPIRES=900 + +# -------------------------------------------- +# OPTIONAL: MISC +# -------------------------------------------- +LOG_CHANNEL=stderr +LOG_MAX_DAYS=10 +APP_LOCKED=false +APP_CIPHER=AES-256-CBC +APP_FORCE_TLS=false +GOOGLE_MAPS_API= +LDAP_MEM_LIM=500M +LDAP_TIME_LIM=600 diff --git a/.env.docker b/.env.docker index a1146ce67..35c10bfde 100644 --- a/.env.docker +++ b/.env.docker @@ -1,18 +1,18 @@ # -------------------------------------------- -# REQUIRED: DB SETUP +# REQUIRED: DOCKER SPECIFIC SETTINGS # -------------------------------------------- -MYSQL_DATABASE=snipeit -MYSQL_USER=snipeit -MYSQL_PASSWORD=changeme1234 -MYSQL_ROOT_PASSWORD=changeme1234 +APP_VERSION=v6.4.1 +APP_PORT=8000 + # -------------------------------------------- # REQUIRED: BASIC APP SETTINGS # -------------------------------------------- -APP_ENV=develop +APP_ENV=production APP_DEBUG=false -# please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here +# Please regenerate the APP_KEY value by calling `docker compose run --rm snipeit php artisan key:generate --show`. Copy paste the value here APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ= APP_URL=http://localhost:8000 +# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier APP_TIMEZONE='UTC' APP_LOCALE=en MAX_RESULTS=500 @@ -27,10 +27,12 @@ PUBLIC_FILESYSTEM_DISK=local_public # REQUIRED: DATABASE SETTINGS # -------------------------------------------- DB_CONNECTION=mysql -DB_HOST=mariadb +DB_HOST=db +DB_PORT='3306' DB_DATABASE=snipeit DB_USERNAME=snipeit DB_PASSWORD=changeme1234 +MYSQL_ROOT_PASSWORD=changeme1234 DB_PREFIX=null DB_DUMP_PATH='/usr/bin' DB_CHARSET=utf8mb4 @@ -62,13 +64,18 @@ MAIL_REPLYTO_ADDR=you@example.com MAIL_REPLYTO_NAME='Snipe-IT' MAIL_AUTO_EMBED_METHOD='attachment' +# -------------------------------------------- +# REQUIRED: DATA PROTECTION +# -------------------------------------------- +ALLOW_BACKUP_DELETE=false +ALLOW_DATA_PURGE=false + # -------------------------------------------- # REQUIRED: IMAGE LIBRARY # This should be gd or imagick # -------------------------------------------- IMAGE_LIB=gd - # -------------------------------------------- # OPTIONAL: BACKUP SETTINGS # -------------------------------------------- @@ -76,7 +83,6 @@ MAIL_BACKUP_NOTIFICATION_DRIVER=null MAIL_BACKUP_NOTIFICATION_ADDRESS=null BACKUP_ENV=true - # -------------------------------------------- # OPTIONAL: SESSION SETTINGS # -------------------------------------------- @@ -91,7 +97,7 @@ API_TOKEN_EXPIRATION_YEARS=40 # -------------------------------------------- # OPTIONAL: SECURITY HEADER SETTINGS # -------------------------------------------- -APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1 +APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1,172.0.0.0/8 ALLOW_IFRAMING=false REFERRER_POLICY=same-origin ENABLE_CSP=false @@ -109,7 +115,7 @@ CACHE_PREFIX=snipeit # -------------------------------------------- # OPTIONAL: REDIS SETTINGS # -------------------------------------------- -REDIS_HOST=redis +REDIS_HOST=null REDIS_PASSWORD=null REDIS_PORT=6379 diff --git a/dev.docker-compose.yml b/dev.docker-compose.yml new file mode 100644 index 000000000..15272ce5c --- /dev/null +++ b/dev.docker-compose.yml @@ -0,0 +1,50 @@ +version: '3' + +services: + snipeit: + build: + context: . + dockerfile: Dockerfile.alpine + container_name: snipeit + ports: + - "8000:80" + volumes: + - ./storage/logs:/var/www/html/storage/logs + depends_on: + - mariadb + - redis + env_file: + - .env.docker + networks: + - snipeit-backend + + mariadb: + image: mariadb:10.6.4-focal + volumes: + - db:/var/lib/mysql + env_file: + - .env.docker + networks: + - snipeit-backend + ports: + - "3306:3306" + + redis: + image: redis:6.2.5-buster + networks: + - snipeit-backend + + mailhog: + image: mailhog/mailhog:v1.0.1 + ports: + # - 1025:1025 + - "8025:8025" + networks: + - snipeit-backend + + +volumes: + db: {} + +networks: + snipeit-backend: {} diff --git a/docker-compose.yml b/docker-compose.yml index 15272ce5c..c7c1983a4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,50 +1,34 @@ -version: '3' +volumes: + db_data: + storage: services: - snipeit: - build: - context: . - dockerfile: Dockerfile.alpine - container_name: snipeit - ports: - - "8000:80" + app: + image: snipe/snipe-it:${APP_VERSION:-v6.4.1} + restart: always volumes: - - ./storage/logs:/var/www/html/storage/logs + - storage:/var/lib/snipeit + ports: + - "${APP_PORT:-8000}:80" depends_on: - - mariadb - - redis + db: + condition: service_healthy + restart: true env_file: - - .env.docker - networks: - - snipeit-backend + - .env - mariadb: + db: image: mariadb:10.6.4-focal + restart: always volumes: - - db:/var/lib/mysql - env_file: - - .env.docker - networks: - - snipeit-backend - ports: - - "3306:3306" - - redis: - image: redis:6.2.5-buster - networks: - - snipeit-backend - - mailhog: - image: mailhog/mailhog:v1.0.1 - ports: - # - 1025:1025 - - "8025:8025" - networks: - - snipeit-backend - - -volumes: - db: {} - -networks: - snipeit-backend: {} + - db_data:/var/lib/mysql + environment: + MYSQL_DATABASE: ${DB_DATABASE} + MYSQL_USER: ${DB_USERNAME} + MYSQL_PASSWORD: ${DB_PASSWORD} + MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} + healthcheck: + test: mysqladmin ping -h 127.0.0.1 -u $$MYSQL_USER --password=$$MYSQL_PASSWORD + interval: 5s + timeout: 1s + retries: 5