mirror of
				https://github.com/ledgersmb/ledgersmb-docker.git
				synced 2025-10-21 19:50:29 -04:00 
			
		
		
		
	Compare commits
	
		
			60 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | f4dc5baa8d | ||
|  | f4e951bf5c | ||
|  | d37331758d | ||
|  | fc3a76576c | ||
|  | 21fd38d268 | ||
|  | b540438bca | ||
|  | 4c11eb8db5 | ||
|  | f475330713 | ||
|  | 8484d53f3a | ||
|  | ed3a48cf02 | ||
|  | 56da1eb464 | ||
|  | cc7e316845 | ||
|  | 2e703cf3b9 | ||
|  | 889fed85c9 | ||
|  | 3fd89bf933 | ||
|  | 2fd4d25b06 | ||
|  | 92483d9b69 | ||
|  | a7a1412cbd | ||
|  | 8974109e48 | ||
|  | 16b55ab3b4 | ||
|  | 0fabba4a66 | ||
|  | 6471736148 | ||
|  | c8368ce921 | ||
|  | 1806b8003b | ||
|  | d9163c1e65 | ||
|  | 9e88db52d9 | ||
|  | 230a7ddfae | ||
|  | 3a86482a97 | ||
|  | ae0cea34b3 | ||
|  | f37678c275 | ||
|  | b28f5b693b | ||
|  | 1f20ab08f1 | ||
|  | 34937fbd4f | ||
|  | c6968b5397 | ||
|  | 5168936493 | ||
|  | 49a448c732 | ||
|  | 27b3e40e72 | ||
|  | 6593d58698 | ||
|  | 5a7ec0a2ed | ||
|  | 236a25b767 | ||
|  | 943fa166e8 | ||
|  | a678ae39a0 | ||
|  | 3d12e4351d | ||
|  | ccd90f04a4 | ||
|  | 4d316f9019 | ||
|  | 71f876a253 | ||
|  | ab00872e02 | ||
|  | 483a1110ff | ||
|  | a2a625d193 | ||
|  | f10924cae9 | ||
|  | c13d20651c | ||
|  | 7771b8c03b | ||
|  | 1ba89cef50 | ||
|  | d7ad535199 | ||
|  | ac2553ea17 | ||
|  | 0205b40bd2 | ||
|  | 84130b47f3 | ||
|  | d27017e309 | ||
|  | f3420feb36 | ||
|  | 82445543de | 
							
								
								
									
										100
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										100
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -1,9 +1,60 @@ | |||||||
| FROM        debian:buster-slim |  | ||||||
| MAINTAINER  Freelock john@freelock.com |  | ||||||
|  |  | ||||||
| # Build time variables | # Build time variables | ||||||
| ARG LSMB_VERSION="1.8.7" |  | ||||||
|  | ARG SRCIMAGE=debian:bullseye-slim | ||||||
|  |  | ||||||
|  |  | ||||||
|  | FROM  $SRCIMAGE AS builder | ||||||
|  |  | ||||||
|  | ARG LSMB_VERSION="1.9.24" | ||||||
| ARG LSMB_DL_DIR="Releases" | ARG LSMB_DL_DIR="Releases" | ||||||
|  | ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" | ||||||
|  |  | ||||||
|  |  | ||||||
|  | RUN set -x ; \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get -y update && \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get -y upgrade && \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get -y install dh-make-perl libmodule-cpanfile-perl git wget && \ | ||||||
|  |   apt-file update | ||||||
|  |  | ||||||
|  | RUN set -x ; \ | ||||||
|  |   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "$ARTIFACT_LOCATION" && \ | ||||||
|  |   tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ | ||||||
|  |   rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ | ||||||
|  |   cd /srv/ledgersmb && \ | ||||||
|  |   ( ( for lib in $( cpanfile-dump --with-all-features --recommends --no-configure --no-build --no-test ) ; \ | ||||||
|  |     do \ | ||||||
|  |       if dh-make-perl locate "$lib" 2>/dev/null ; \ | ||||||
|  |       then  \ | ||||||
|  |         : \ | ||||||
|  |       else \ | ||||||
|  |         echo no : $lib ; \ | ||||||
|  |       fi ; \ | ||||||
|  |     done ) | grep -v dh-make-perl | grep -v 'not found' | grep -vi 'is in Perl ' | cut -d' ' -f4 | sort | uniq | tee /srv/derived-deps ) && \ | ||||||
|  |   cat /srv/derived-deps | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # | ||||||
|  | # | ||||||
|  | #  The real image build starts here | ||||||
|  | # | ||||||
|  | # | ||||||
|  |  | ||||||
|  |  | ||||||
|  | FROM  $SRCIMAGE | ||||||
|  | LABEL org.opencontainers.image.authors="LedgerSMB project <devel@lists.ledgersmb.org>" | ||||||
|  | LABEL org.opencontainers.image.title="LedgerSMB double-entry accounting web-application" | ||||||
|  | LABEL org.opencontainers.image.description="LedgerSMB is a full featured double-entry financial accounting and Enterprise\ | ||||||
|  |  Resource Planning system accessed via a web browser (Perl/JS with a PostgreSQL\ | ||||||
|  |  backend) which offers 'Accounts Receivable', 'Accounts Payable' and 'General\ | ||||||
|  |  Ledger' tracking as well as inventory control and fixed assets handling. The\ | ||||||
|  |  LedgerSMB client can be a web browser or a programmed API call. The goal of\ | ||||||
|  |  the LedgerSMB project is to bring high quality ERP and accounting capabilities\ | ||||||
|  |  to Small and Midsize Businesses." | ||||||
|  |  | ||||||
|  | ARG LSMB_VERSION="1.9.24" | ||||||
|  | ARG LSMB_DL_DIR="Releases" | ||||||
|  | ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" | ||||||
|  |  | ||||||
|  |  | ||||||
| # Install Perl, Tex, Starman, psql client, and all dependencies | # Install Perl, Tex, Starman, psql client, and all dependencies | ||||||
| # Without libclass-c3-xs-perl, performance is terribly slow... | # Without libclass-c3-xs-perl, performance is terribly slow... | ||||||
| @@ -13,7 +64,11 @@ ARG LSMB_DL_DIR="Releases" | |||||||
| # Install Locale::Codes Locale::Country Locale::Language from CPAN to suppress | # Install Locale::Codes Locale::Country Locale::Language from CPAN to suppress | ||||||
| # deprecation-as-core-module warning | # deprecation-as-core-module warning | ||||||
|  |  | ||||||
| RUN echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \ |  | ||||||
|  | COPY --from=builder /srv/derived-deps /tmp/derived-deps | ||||||
|  |  | ||||||
|  | RUN set -x ; \ | ||||||
|  |   echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \ | ||||||
|   mkdir -p /usr/share/man/man1/ && \ |   mkdir -p /usr/share/man/man1/ && \ | ||||||
|   mkdir -p /usr/share/man/man2/ && \ |   mkdir -p /usr/share/man/man2/ && \ | ||||||
|   mkdir -p /usr/share/man/man3/ && \ |   mkdir -p /usr/share/man/man3/ && \ | ||||||
| @@ -21,38 +76,14 @@ RUN echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> | |||||||
|   mkdir -p /usr/share/man/man5/ && \ |   mkdir -p /usr/share/man/man5/ && \ | ||||||
|   mkdir -p /usr/share/man/man6/ && \ |   mkdir -p /usr/share/man/man6/ && \ | ||||||
|   mkdir -p /usr/share/man/man7/ && \ |   mkdir -p /usr/share/man/man7/ && \ | ||||||
|  |   mkdir -p /usr/share/man/man8/ && \ | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -y update && \ |   DEBIAN_FRONTEND="noninteractive" apt-get -y update && \ | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -y upgrade && \ |   DEBIAN_FRONTEND="noninteractive" apt-get -y upgrade && \ | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -y install \ |   DEBIAN_FRONTEND="noninteractive" apt-get -y install \ | ||||||
|     wget ca-certificates gnupg \ |     wget ca-certificates gnupg \ | ||||||
|     libauthen-sasl-perl libcgi-emulate-psgi-perl libconfig-inifiles-perl \ |     $( cat /tmp/derived-deps ) \ | ||||||
|     libcookie-baker-perl libdbd-pg-perl libdbi-perl libdata-uuid-perl \ |     libclass-c3-xs-perl \ | ||||||
|     libdatetime-perl libdatetime-format-strptime-perl \ |     texlive-plain-generic texlive-latex-recommended texlive-fonts-recommended \ | ||||||
|     libemail-sender-perl libemail-stuffer-perl libfile-find-rule-perl \ |  | ||||||
|     libhtml-escape-perl libhttp-headers-fast-perl libio-stringy-perl \ |  | ||||||
|     libjson-maybexs-perl libcpanel-json-xs-perl libjson-pp-perl \ |  | ||||||
|     liblist-moreutils-perl \ |  | ||||||
|     liblocale-maketext-perl liblocale-maketext-lexicon-perl \ |  | ||||||
|     liblog-log4perl-perl libmime-types-perl \ |  | ||||||
|     libmath-bigint-gmp-perl libmodule-runtime-perl libmoo-perl \ |  | ||||||
|     libmoox-types-mooselike-perl libmoose-perl \ |  | ||||||
|     libmoosex-nonmoose-perl libnumber-format-perl \ |  | ||||||
|     libpgobject-perl libpgobject-simple-perl libpgobject-simple-role-perl \ |  | ||||||
|     libpgobject-type-bigfloat-perl libpgobject-type-datetime-perl \ |  | ||||||
|     libpgobject-type-bytestring-perl libpgobject-util-dbmethod-perl \ |  | ||||||
|     libpgobject-util-dbadmin-perl libplack-perl \ |  | ||||||
|     libplack-builder-conditionals-perl libplack-middleware-reverseproxy-perl \ |  | ||||||
|     libplack-request-withencoding-perl libscope-guard-perl \ |  | ||||||
|     libsession-storage-secure-perl libstring-random-perl \ |  | ||||||
|     libtemplate-perl libtext-csv-perl libtext-csv-xs-perl \ |  | ||||||
|     libtext-markdown-perl libtry-tiny-perl libversion-compare-perl \ |  | ||||||
|     libxml-libxml-perl libnamespace-autoclean-perl \ |  | ||||||
|     starman starlet libhttp-parser-xs-perl \ |  | ||||||
|     libtemplate-plugin-latex-perl libtex-encode-perl \ |  | ||||||
|     libxml-twig-perl libopenoffice-oodoc-perl \ |  | ||||||
|     libexcel-writer-xlsx-perl libspreadsheet-writeexcel-perl \ |  | ||||||
|     libclass-c3-xs-perl liblocale-codes-perl \ |  | ||||||
|     texlive-latex-recommended texlive-fonts-recommended \ |  | ||||||
|     texlive-xetex fonts-liberation \ |     texlive-xetex fonts-liberation \ | ||||||
|     lsb-release && \ |     lsb-release && \ | ||||||
|   echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \ |   echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \ | ||||||
| @@ -60,10 +91,9 @@ RUN echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> | |||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -y update && \ |   DEBIAN_FRONTEND="noninteractive" apt-get -y update && \ | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -y install postgresql-client && \ |   DEBIAN_FRONTEND="noninteractive" apt-get -y install postgresql-client && \ | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \ |   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \ | ||||||
|   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" && \ |   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "$ARTIFACT_LOCATION" && \ | ||||||
|   tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ |   tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ | ||||||
|   rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ |   rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ | ||||||
|   cpanm --reinstall --notest Locale::Country Locale::Codes Locale::Language && \ |  | ||||||
|   cpanm --notest \ |   cpanm --notest \ | ||||||
|     --with-feature=starman \ |     --with-feature=starman \ | ||||||
|     --with-feature=latex-pdf-ps \ |     --with-feature=latex-pdf-ps \ | ||||||
|   | |||||||
							
								
								
									
										115
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										115
									
								
								README.md
									
									
									
									
									
								
							| @@ -4,11 +4,13 @@ Dockerfile for LedgerSMB Docker image | |||||||
|  |  | ||||||
| # Supported tags | # Supported tags | ||||||
|  |  | ||||||
| - `1.8` - Preview version for the 1.8 branch | - `1.10`, `1.10.x`, `latest` - Latest official release from the 1.10 branch | ||||||
| - `1.7`, `1.7.x`, `latest` - Latest official release from 1.7 branch | - `1.9`, `1.9.x` - Latest official release from the 1.9 branch | ||||||
| - `1.6`, `1.6.x` - Latest official release from 1.6 branch  | - `1.8`, `1.8.31` - Last official release from the 1.8 branch (End-of-Life) | ||||||
| - `1.5`, `1.5.30` - Last official release from 1.5 branch | - `1.7`, `1.7.41` - Last official release from the 1.7 branch (End-of-Life) | ||||||
| - `1.4`, `1.4.42` - Last official release from 1.4 branch | - `1.6`, `1.6.33` - Last official release from the 1.6 branch (End-of-Life) | ||||||
|  | - `1.5`, `1.5.30` - Last official release from the 1.5 branch (End-of-Life) | ||||||
|  | - `1.4`, `1.4.42` - Last official release from the 1.4 branch (End-of-Life) | ||||||
| - `master` - Master branch from git, unstable | - `master` - Master branch from git, unstable | ||||||
|  |  | ||||||
| Containers supporting the development process are provided | Containers supporting the development process are provided | ||||||
| @@ -45,7 +47,7 @@ could require additional setup of a mail service or CUPS printer service. | |||||||
| This image can be installed either automatically with the Docker compose file | This image can be installed either automatically with the Docker compose file | ||||||
| or manually with docker only. | or manually with docker only. | ||||||
|  |  | ||||||
| ## Docker-Compose installation and start | ## Docker-Compose: Installation and start | ||||||
|  |  | ||||||
| This image provides `docker-compose.yml` which can be used to pull related | This image provides `docker-compose.yml` which can be used to pull related | ||||||
| images, install them, establish an internal network for their communications, | images, install them, establish an internal network for their communications, | ||||||
| @@ -55,15 +57,27 @@ variables, are: | |||||||
|  |  | ||||||
| ```plain | ```plain | ||||||
|  $ docker-compose pull |  $ docker-compose pull | ||||||
|  $ docker-compose up |  $ docker-compose up -d | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | Or use the following to set a different password and/or parallel processing | ||||||
|  | capacity (so called 'workers'): | ||||||
|  |  | ||||||
|  | ```plain | ||||||
|  |  $ docker-compose pull | ||||||
|  |  $ POSTGRES_PASSWORD=def \ | ||||||
|  |    LSMB_WORKERS=10 \ | ||||||
|  |    docker-compose up -d | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| This will set up two containers: (1) a PostgreSQL container with persistent | This will set up two containers: (1) a PostgreSQL container with persistent | ||||||
| storage which is retained between container updates and (2) a LedgerSMB | storage which is retained between container updates and (2) a LedgerSMB | ||||||
| container configured to connect to the PostgreSQL container as its database | container configured to connect to the PostgreSQL container as its database | ||||||
| server. | server. Your LedgerSMB installation should now be accessible through | ||||||
|  | [http://localhost:5762/](http://localhost:5762/). | ||||||
|  |  | ||||||
| The database username and password are: | The default number of workers is 5. The default database username and password | ||||||
|  | are: | ||||||
|  |  | ||||||
| ```plain | ```plain | ||||||
|    username: postgres |    username: postgres | ||||||
| @@ -71,7 +85,7 @@ The database username and password are: | |||||||
| ``` | ``` | ||||||
|  |  | ||||||
| From here, follow the steps as detailed in the instructions for | From here, follow the steps as detailed in the instructions for | ||||||
| [preparing for first use](https://ledgersmb.org/content/preparing-ledgersmb-17-first-use). | [preparing for first use](https://ledgersmb.org/content/preparing-ledgersmb-19-first-use). | ||||||
|  |  | ||||||
| ## Manual installation | ## Manual installation | ||||||
|  |  | ||||||
| @@ -94,7 +108,7 @@ like `POSTGRES_HOST` above. | |||||||
|  |  | ||||||
| # Set up LedgerSMB | # Set up LedgerSMB | ||||||
|  |  | ||||||
|  * Visit http://myledger:5762/setup.pl. |  * Visit http://localhost:5762/setup.pl. | ||||||
|  * Log in with the "postgres" user and the password `abc` as given above - |  * Log in with the "postgres" user and the password `abc` as given above - | ||||||
|    or with the credentials of your own database server in case of a manual |    or with the credentials of your own database server in case of a manual | ||||||
|    setup - and provide the name of a company (= database name) you want to |    setup - and provide the name of a company (= database name) you want to | ||||||
| @@ -110,9 +124,13 @@ Visit http://localhost:5762/login.pl to log in and get started. | |||||||
|  |  | ||||||
| No persistant data is stored in the LedgerSMB container. | No persistant data is stored in the LedgerSMB container. | ||||||
|  |  | ||||||
| All LedgerSMB data is stored in Postgres, so you can stop/destroy/run a | All LedgerSMB data is stored in PostgreSQL, so you can stop/destroy/run a | ||||||
| new LedgerSMB container as often as you want. | new LedgerSMB container as often as you want. | ||||||
|  |  | ||||||
|  | In case of the Docker Compose setup, all PostgreSQL data is stored on the | ||||||
|  | Docker volume with the name ending in `_pgdata`. This volume is not destroyed | ||||||
|  | when updating the containers; only explicit removal destroys the data. | ||||||
|  |  | ||||||
| # Environment Variables | # Environment Variables | ||||||
|  |  | ||||||
| The LedgerSMB image uses several environment variables. They are all optional. | The LedgerSMB image uses several environment variables. They are all optional. | ||||||
| @@ -148,30 +166,6 @@ affect the performance experience of users. | |||||||
|  |  | ||||||
| ## Mail configuration | ## Mail configuration | ||||||
|  |  | ||||||
| ### Before 1.8.0 |  | ||||||
|  |  | ||||||
| These variables are used to set outgoing SMTP defaults. |  | ||||||
|  |  | ||||||
| * `SSMTP_ROOT` (config: `Root` -- DEPRECATED) |  | ||||||
| * `SSMTP_MAILHUB` (config: `Mailhub`) |  | ||||||
| * `SSMTP_HOSTNAME` (config: `Hostname`) |  | ||||||
| * `SSMTP_USE_STARTTLS` (config: `UseSTARTTLS`) |  | ||||||
| * `SSMTP_AUTH_USER` (config: `AuthUser`) |  | ||||||
| * `SSMTP_AUTH_PASS` (config: `AuthPass`) |  | ||||||
| * `SSMTP_AUTH_METHOD` (config: `AuthMethod` -- DEPRECATED) |  | ||||||
| * `SSMTP_FROMLINE_OVERRIDE` (config: `FromLineOverride` -- DEPRECATED) |  | ||||||
|  |  | ||||||
| `SSMTP_MAILHUB` defaults to the default docker0 interface, so if your host is |  | ||||||
| already configured to relay mail, this should relay successfully with only |  | ||||||
| the root and hostname set. |  | ||||||
|  |  | ||||||
| Use the other environment variables to relay mail through a different host. |  | ||||||
| Use the [ssmtp.conf man |  | ||||||
| page](https://www.systutorials.com/docs/linux/man/5-ssmtp.conf/) to look up |  | ||||||
| the meaning and function of each of the mail configuration keys. |  | ||||||
|  |  | ||||||
| ### 1.8.0 and higher (under development) |  | ||||||
|  |  | ||||||
| As of 1.8.0, the image is based on Debian Buster instead of Debian Stretch; | As of 1.8.0, the image is based on Debian Buster instead of Debian Stretch; | ||||||
| with Buster, the `ssmtp` program has been removed from Debian, this image | with Buster, the `ssmtp` program has been removed from Debian, this image | ||||||
| had to change strategy. The main application always came with built-in e-mail | had to change strategy. The main application always came with built-in e-mail | ||||||
| @@ -187,7 +181,51 @@ The following parameters are now supported to set mail preferences: | |||||||
| * `LSMB_MAIL_SMTPPASS` | * `LSMB_MAIL_SMTPPASS` | ||||||
| * `LSMB_MAIL_SMTPAUTHMECH` | * `LSMB_MAIL_SMTPAUTHMECH` | ||||||
|  |  | ||||||
|  | # Advanced setup | ||||||
|  |  | ||||||
|  | ## Docker Compose with reverse proxy | ||||||
|  |  | ||||||
|  | The `docker-compose-reverseproxy.yml` file shows a docker-compose setup | ||||||
|  | which adds an Nginx reverse proxy configuration on top of the base | ||||||
|  | `docker-compose.yml` configuration file. If the content of this repository | ||||||
|  | is cloned into the current directory (`git clone https://github.com/ledgersmb/ledgersmb-docker.git ; cd ledgersmb-docker`), it can be used as: | ||||||
|  |  | ||||||
|  | ```plain | ||||||
|  |  $ docker-compose \ | ||||||
|  |     -f docker-compose.yml \ | ||||||
|  |     -f docker-compose-reverseproxy.yml \ | ||||||
|  |        up -d | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | This setup can be used in combination with an image which runs the | ||||||
|  | Certbot certificate renewal process *and* Nginx to do TLS termination. The | ||||||
|  | default reverse proxy is mostly an example; it publishes on | ||||||
|  | [http://localhost:8080/](http://localhost:8080/). | ||||||
|  |  | ||||||
|  | An example of such an image can be found at | ||||||
|  | [https://github.com/jonasalfredsson/docker-nginx-certbot](https://github.com/jonasalfredsson/docker-nginx-certbot), | ||||||
|  | which is published on Docker Hub as | ||||||
|  | [jonasal/nginx-certbot](https://hub.docker.com/r/jonasal/nginx-certbot). | ||||||
|  |  | ||||||
|  | **Upgrade note** When upgrading this setup, please remove the volume ending | ||||||
|  | in `_lsmbdata` before starting the upgraded containers. Without that, the | ||||||
|  | webcontent won't be upgraded! E.g.: | ||||||
|  |  | ||||||
|  | ```plain | ||||||
|  |   $ docker-compose \ | ||||||
|  |       -f docker-compose.yml \ | ||||||
|  |       -f docker-compose-reverseproxy.yml \ | ||||||
|  |         rm -s -f -v && \ | ||||||
|  |     docker volume rm ledgersmb-docker_lsmbdata && \ | ||||||
|  |     docker-compose \ | ||||||
|  |       -f docker-compose.yml \ | ||||||
|  |       -f docker-compose-reverseproxy.yml \ | ||||||
|  |         pull && \ | ||||||
|  |     docker-compose \ | ||||||
|  |       -f docker-compose.yml \ | ||||||
|  |       -f docker-compose-reverseproxy.yml \ | ||||||
|  |         up -d | ||||||
|  | ``` | ||||||
|  |  | ||||||
| # Troubleshooting/Developing | # Troubleshooting/Developing | ||||||
|  |  | ||||||
| @@ -204,9 +242,8 @@ please contact us on the [mailing list](http://ledgersmb.org/topic/support/maili | |||||||
| or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). | or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). | ||||||
|  |  | ||||||
| You can also reach some of the official LedgerSMB maintainers via the | You can also reach some of the official LedgerSMB maintainers via the | ||||||
| `#ledgersmb` IRC channel on [Freenode](https://freenode.net), or on the | [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). | ||||||
| bridged [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). | The [Element](https://app.element.io/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. | ||||||
| The [Riot.im](https://riot.im/app/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. |  | ||||||
|  |  | ||||||
|  |  | ||||||
| ## Contributing | ## Contributing | ||||||
|   | |||||||
							
								
								
									
										33
									
								
								docker-compose-reverseproxy.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								docker-compose-reverseproxy.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,33 @@ | |||||||
|  | # Use this docker-compose file as: | ||||||
|  | # | ||||||
|  | #  docker-compose -f docker-compose.yml -f docker-compose-reverseproxy.yml up -d | ||||||
|  | # | ||||||
|  | # | ||||||
|  | # This command creates one | ||||||
|  | # compose 'project' consisting of three containers | ||||||
|  | # | ||||||
|  | #  1. The PostgreSQL data  container | ||||||
|  | #  2. The LedgerSMB application container | ||||||
|  | #  3. The Nginx reverse proxy container | ||||||
|  | # | ||||||
|  | # In addition to publishing LedgerSMB on port 5762 on localhost, | ||||||
|  | # this project also publishes Nginx's reverse proxied content on | ||||||
|  | # port 8080 on localhost | ||||||
|  |  | ||||||
|  | version: "3.2" | ||||||
|  | services: | ||||||
|  |   proxy: | ||||||
|  |     depends_on: | ||||||
|  |       - lsmb | ||||||
|  |     image: nginx:1-alpine | ||||||
|  |     volumes: | ||||||
|  |       - "lsmbdata:/srv/ledgersmb" | ||||||
|  |       - "./nginx.conf:/etc/nginx/nginx.conf" | ||||||
|  |     ports: | ||||||
|  |       - "8080:8080" | ||||||
|  |   lsmb: | ||||||
|  |     volumes: | ||||||
|  |       - "lsmbdata:/srv/ledgersmb" | ||||||
|  |  | ||||||
|  | volumes: | ||||||
|  |   lsmbdata: | ||||||
| @@ -16,10 +16,10 @@ services: | |||||||
|   # because that allows us to use the default hostname ("postgres") |   # because that allows us to use the default hostname ("postgres") | ||||||
|   # from the LedgerSMB configuration |   # from the LedgerSMB configuration | ||||||
|   postgres: |   postgres: | ||||||
|     image: postgres:9.6-alpine |     image: postgres:12-alpine | ||||||
|     environment: |     environment: | ||||||
|       # Replace the password below for a secure setup |       # Replace the password below for a secure setup | ||||||
|       POSTGRES_PASSWORD: abc |       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-abc} | ||||||
|       PGDATA: /var/lib/postgresql/data/pgdata |       PGDATA: /var/lib/postgresql/data/pgdata | ||||||
|     networks: |     networks: | ||||||
|       - internal |       - internal | ||||||
| @@ -28,18 +28,18 @@ services: | |||||||
|   lsmb: |   lsmb: | ||||||
|     depends_on: |     depends_on: | ||||||
|       - postgres |       - postgres | ||||||
|     image: ledgersmb/ledgersmb:1.8 |     image: ghcr.io/ledgersmb/ledgersmb:1.9 | ||||||
|     networks: |     networks: | ||||||
|       - internal |       - internal | ||||||
|       - default |       - default | ||||||
|     # Uncomment the 'ports' section to map the LedgerSMB container port (5762) |     # Comment the 'ports' section to disable mapping the LedgerSMB container port (5762) | ||||||
|     #  to the host's port of the same number, thus making LedgerSMB |     #  to the host's port of the same number, thus making LedgerSMB | ||||||
|     #  available on http://<host-dns-or-ip>:5762/ |     #  available on http://<host-dns-or-ip>:5762/ | ||||||
|     #     SECURITY NOTE: Do this for evaluation purposes only! |     #     SECURITY NOTE: Do this for evaluation purposes only! | ||||||
|     #       In production, be sure to use SSL/TLS to protect user's passwords |     #       In production, be sure to use SSL/TLS to protect user's passwords | ||||||
|     #       and other sensitive data |     #       and other sensitive data | ||||||
|     # ports: |     ports: | ||||||
|     #   - "5762:5762" |       - "5762:5762" | ||||||
|     environment: |     environment: | ||||||
|       # The LSMB_WORKERS environment variable lets you select the number |       # The LSMB_WORKERS environment variable lets you select the number | ||||||
|       # of processes serving HTTP requests. The default number of 2 workers |       # of processes serving HTTP requests. The default number of 2 workers | ||||||
| @@ -47,17 +47,26 @@ services: | |||||||
|       # improve the performance experience, increase memory and the |       # improve the performance experience, increase memory and the | ||||||
|       # number of workers |       # number of workers | ||||||
|       # |       # | ||||||
|       LSMB_WORKERS: 2 |       LSMB_WORKERS: ${LSMB_WORKERS:-5} | ||||||
|       # |       # | ||||||
|       # |       # | ||||||
|       # SSMTP_ROOT: |  | ||||||
|       # SSMTP_HOSTNAME: |       # LSMB_MAIL_SMTPHOST: | ||||||
|       # SSMTP_MAILHUB: |       # LSMB_MAIL_SMTPPORT: | ||||||
|       # SSMTP_AUTH_USER: |       # LSMB_MAIL_SMTPTLS: | ||||||
|       # SSMTP_AUTH_PASS: |       # LSMB_MAIL_SMTPSENDER_HOSTNAME: | ||||||
|       # SSMTP_AUTH_METHOD: |       # LSMB_MAIL_SMTPUSER: | ||||||
|       # SSMTP_USE_STARTTLS: |       # LSMB_MAIL_SMTPPASS: | ||||||
|       # SSMTP_FROMLINE_OVERRIDE: |       # LSMB_MAIL_SMTPAUTHMECH: | ||||||
|  |       # | ||||||
|  |       # | ||||||
|  |       # The PROXY_IP environment variable lets you set the IP address | ||||||
|  |       # (range) of the reverse proxy used for TLS termination, which forwards | ||||||
|  |       # its requests to this container. When this reverse proxy runs on the | ||||||
|  |       # Docker host, the default below applies. In case the reverse proxy is | ||||||
|  |       # hosted in a separate container, this setting needs to be adjusted. | ||||||
|  |       # | ||||||
|  |       # PROXY_IP: 172.17.0.1/12 | ||||||
|  |  | ||||||
| # having the dbdata volume is required to persist our | # having the dbdata volume is required to persist our | ||||||
| # data between PostgreSQL container updates; without | # data between PostgreSQL container updates; without | ||||||
|   | |||||||
							
								
								
									
										81
									
								
								nginx.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										81
									
								
								nginx.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,81 @@ | |||||||
|  | # This is a full (minimal) nginx configuration file | ||||||
|  |  | ||||||
|  | error_log /dev/stderr info; | ||||||
|  | pid /tmp/nginx.pid; | ||||||
|  | worker_processes 1; | ||||||
|  |  | ||||||
|  | events { | ||||||
|  |    worker_connections 1024; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | http { | ||||||
|  |    client_body_temp_path /tmp/client_body; | ||||||
|  |    proxy_temp_path /tmp/proxy_temp; | ||||||
|  |    fastcgi_temp_path /tmp/fastcgi_temp; | ||||||
|  |    scgi_temp_path /tmp/scgi_temp; | ||||||
|  |    uwsgi_temp_path /tmp/uwsgi_temp; | ||||||
|  |  | ||||||
|  |    sendfile on; | ||||||
|  |    tcp_nopush on; | ||||||
|  |    tcp_nodelay on; | ||||||
|  |    keepalive_timeout 65; | ||||||
|  |    types_hash_max_size 2048; | ||||||
|  |    include /etc/nginx/mime.types; | ||||||
|  |    default_type application/octet-stream; | ||||||
|  |  | ||||||
|  |    access_log /dev/stdout; | ||||||
|  |    error_log /dev/stderr info; | ||||||
|  |  | ||||||
|  |    gzip off; | ||||||
|  |    gzip_static on; | ||||||
|  |  | ||||||
|  |    server { | ||||||
|  |       listen 8080 default_server; | ||||||
|  |       listen [::]:8080 default_server ipv6only=on; | ||||||
|  |  | ||||||
|  |       root /srv/ledgersmb/UI; | ||||||
|  |  | ||||||
|  |       access_log /dev/stdout; | ||||||
|  |       error_log /dev/stderr info; | ||||||
|  |  | ||||||
|  |       # Don't log status polls | ||||||
|  |       location /nginx_status { | ||||||
|  |                stub_status on; | ||||||
|  |                access_log off; | ||||||
|  |                allow 127.0.0.1; | ||||||
|  |                allow ::1; | ||||||
|  |                deny all; | ||||||
|  |       } | ||||||
|  |  | ||||||
|  |       # Configuration files don't exist | ||||||
|  |       location ^~ \.conf$ { | ||||||
|  |          return 404; | ||||||
|  |       } | ||||||
|  |  | ||||||
|  |       # 'Hidden' files don't exist | ||||||
|  |       location ~ /\. { | ||||||
|  |          return 404; | ||||||
|  |       } | ||||||
|  |  | ||||||
|  |       location = / { | ||||||
|  |          return 301 /login.pl; | ||||||
|  |       } | ||||||
|  |  | ||||||
|  |       # JS & CSS | ||||||
|  |       location ~* \.(js|css)$ { | ||||||
|  |          add_header Pragma "public"; | ||||||
|  |          add_header Cache-Control "public, must-revalidate, proxy-revalidate"; # Production | ||||||
|  |          expires     7d; # Indicate that the resource can be cached for 1 week # Production | ||||||
|  |          try_files $uri =404; | ||||||
|  |       } | ||||||
|  |  | ||||||
|  |       location / { | ||||||
|  |          proxy_set_header        Host $host; | ||||||
|  |          proxy_set_header        X-Real-IP $remote_addr; | ||||||
|  |          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for; | ||||||
|  |          proxy_set_header        X-Forwarded-Proto $scheme; | ||||||
|  |          proxy_read_timeout      300; | ||||||
|  |          proxy_pass              http://lsmb:5762; | ||||||
|  |       } | ||||||
|  |    } | ||||||
|  | } | ||||||
							
								
								
									
										4
									
								
								start.sh
									
									
									
									
									
								
							
							
						
						
									
										4
									
								
								start.sh
									
									
									
									
									
								
							| @@ -85,6 +85,8 @@ ${LSMB_MAIL_SMTPHOST:+smtphost=$LSMB_MAIL_SMTPHOST | |||||||
| }${LSMB_MAIL_SMTPPASS:+smtppass=$LSMB_MAIL_SMTPPASS | }${LSMB_MAIL_SMTPPASS:+smtppass=$LSMB_MAIL_SMTPPASS | ||||||
| }${LSMB_MAIL_SMTPAUTHMECH:+smtpauthmech=$LSMB_MAIL_SMTPAUTHMECH | }${LSMB_MAIL_SMTPAUTHMECH:+smtpauthmech=$LSMB_MAIL_SMTPAUTHMECH | ||||||
| } | } | ||||||
|  | [proxy] | ||||||
|  | ip=${PROXY_IP:-172.17.0.1/12} | ||||||
| EOF | EOF | ||||||
|   export LSMB_CONFIG_FILE='/tmp/ledgersmb.conf' |   export LSMB_CONFIG_FILE='/tmp/ledgersmb.conf' | ||||||
| fi | fi | ||||||
| @@ -100,6 +102,6 @@ echo '--------- LEDGERSMB CONFIGURATION --- END' | |||||||
|  |  | ||||||
| # ':5762:' suppresses an uninitialized variable warning in starman | # ':5762:' suppresses an uninitialized variable warning in starman | ||||||
| # the last colon means "don't connect using tls"; without it, there's a warning | # the last colon means "don't connect using tls"; without it, there's a warning | ||||||
| exec starman --listen :5762: --max-workers ${LSMB_WORKERS:-5} \ | exec starman --listen :5762: --workers ${LSMB_WORKERS:-5} \ | ||||||
|              -I lib -I old/lib \ |              -I lib -I old/lib \ | ||||||
|              --preload-app bin/ledgersmb-server.psgi |              --preload-app bin/ledgersmb-server.psgi | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user