Skip to content

RENCI-NRIG/teampass-docker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

volumes/ssl

volumes/ssl

 
 

.env

.env

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

docker-compose.yml

docker-compose.yml

 
 

Repository files navigation

TeamPass

What is TeamPass?

  • TeamPass is a Passwords Manager dedicated for managing passwords in a collaborative way by sharing them among team members. Teampass offers a large set of features permitting to manage your passwords and related data in an organized way in respect to the access rights defined for each users. Teampass is an Open-Source free to use product distributed in respect with OpenSource GNU GPL-3.0.

TL;DR

The following will deploy TeamPass to localhost using the default configuration as found in the .env file.

mkdir -p \
  volumes/teampass \
  volumes/php/session \
  volumes/db
docker-compose up -d

From your browser, navigate to https://localhost:443 and configure your TeamPass deployment.

Start page

Enjoy!

Setup and Configuration

Setup

Create local directories to persist the data being generated by the TeamPass services.

mkdir -p \
  volumes/teampass \
  volumes/php/session \
  volumes/db

Configure

Configuration is done via the .env file. It is pre-populated with sane defaults for development evaluation on localhost using self signed SSL certificates.

File .env:

# TeamPass
VIRTUAL_HOST=localhost                   # Hostname being deployed to
LOCAL_TEAMPASS_HOME=./volumes/teampass   # Local TeamPass data directory
LOCAL_PHP_SESSION=./volumes/php/session  # Local PHP session directory

# MySQL Database
MYSQL_ROOT_PASSWORD=mypass               # MySQL root password
MYSQL_DATABASE=teampass                  # MySQL TeamPass database name
MYSQL_PASSWORD=teampass                  # MySQL TeamPass user
MYSQL_USER=teampass                      # MySQL TeamPass user password
LOCAL_DB_DATA=./volumes/db               # Local MySQL data directory

# Nginx
HTTPS_PORT=443                           # HTTPS port to serve TeamPass on
LOCAL_SSL_CERTS=./volumes/ssl            # Local SSL certificate directory
LOCAL_DOCKER_SOCK=-/var/run/docker.sock  # Local docker socket

NOTE: The contents of LOCAL_SSL_CERTS should contain the certificates and private keys for any virtual hosts in use. The certificate and keys should be named after the virtual host with a .crt and .key extension. For example, a container with VIRTUAL_HOST=foo.bar.com should have a foo.bar.com.crt and foo.bar.com.key file in the certs directory.

SSL - certificates for development

A development SSL certificate pair is included in this repository.

  • localhost.crt - public certificate
  • localhost.key - private key

Since this certificate is not reckognized by any CA, do not use this for anything beyond local development (Never use in production)

The certificate pair was generated as follows:

openssl req -newkey rsa:4096 -days 3650 -nodes -x509 \
  -subj "/C=US/ST=North Carolina/L=Chapel Hill/O=Local/OU=Development/CN=local.dev/emailAddress=email@local.dev" \
  -keyout localhost.key \
  -out localhost.crt

Deploy

Once the environment is configured, the user can bring all the services up using docker compose.

docker-compose up -d

The user should observe three running containers

$ docker-compose ps
  Name                Command                  State                  Ports
---------------------------------------------------------------------------------------
db         /entrypoint.sh mysqld            Up (healthy)   3306/tcp, 33060/tcp
nginx      /app/docker-entrypoint.sh  ...   Up             0.0.0.0:443->443/tcp, 80/tcp
teampass   /bin/sh /teampass-docker-s ...   Up             443/tcp, 80/tcp, 9000/tcp

From your browser, navigate to the location defined by $VIRTUAL_HOST:$HTTPS_PORT and configure your TeamPass deployment. From the example this is https://localhost:443.

Welcome page

Welcome

TeamPass Configuration

Starting from the configuration Welcome page, follow the prompts using the values as set from the .env file as they apply to each section. This generally follows the format of filling in the prompts, pressing the Launch button, and the pressing the Next button.

The following example uses the default settings as found in the .env file.

Server checks

  • Absolute path to teampass folder: /var/www/html
  • Full URL to teampass: https://localhost

Server checks

Database connection

  • Host: db
  • DataBase name: teampass
  • Login: teampass
  • Password: teampass
  • Port: 3306

Database connection

Preparation

Per the documentation, use /var/www/html/sk for the absolute path of your saltkey

  • Table prefix: teampass_
  • Absolute path to SaltKey: /var/www/html/sk
  • Administrator password: adminpass

Preparation

Tables creation

Press the Launch button to generate tables

Tables creation

Finalization

Press the Launch button to finalize installation

Finalization

Resume

Resume

Press the Move to home page link and sign in

  • Account: admin
  • Password: adminpass

Home page

Refer to the documentation to learn about all configuration options

Done

Enjoy!

Clean up

The following commands will stop all compose services, remove them from the system, prune the associated volumes and networks, and purge the local files associated with TeamPass. The final removal command may require sudo rights depending on the permissions of the user making the call.

docker-compose stop && docker-compose rm -f
docker volume prune -f
docker network prune -f
rm -rf \
  volumes/teampass \
  volumes/php \
  volumes/db

References

About

TeamPass is a Passwords Manager dedicated for managing passwords in a collaborative way by sharing them among team members

Topics

mysql docker nginx teampass

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published