What is TeamPass?
- TeamPass is a Passwords Manager dedicated for managing passwords in a collaborative way by sharing them among team members. Teampass offers a large set of features permitting to manage your passwords and related data in an organized way in respect to the access rights defined for each users. Teampass is an Open-Source free to use product distributed in respect with OpenSource GNU GPL-3.0.
The following will deploy TeamPass to localhost using the default configuration as found in the .env file.
mkdir -p \
volumes/teampass \
volumes/php/session \
volumes/db
docker-compose up -d
From your browser, navigate to https://localhost:443 and configure your TeamPass deployment.
Enjoy!
Create local directories to persist the data being generated by the TeamPass services.
mkdir -p \
volumes/teampass \
volumes/php/session \
volumes/db
Configuration is done via the .env file. It is pre-populated with sane defaults for development evaluation on localhost using self signed SSL certificates.
File .env
:
# TeamPass
VIRTUAL_HOST=localhost # Hostname being deployed to
LOCAL_TEAMPASS_HOME=./volumes/teampass # Local TeamPass data directory
LOCAL_PHP_SESSION=./volumes/php/session # Local PHP session directory
# MySQL Database
MYSQL_ROOT_PASSWORD=mypass # MySQL root password
MYSQL_DATABASE=teampass # MySQL TeamPass database name
MYSQL_PASSWORD=teampass # MySQL TeamPass user
MYSQL_USER=teampass # MySQL TeamPass user password
LOCAL_DB_DATA=./volumes/db # Local MySQL data directory
# Nginx
HTTPS_PORT=443 # HTTPS port to serve TeamPass on
LOCAL_SSL_CERTS=./volumes/ssl # Local SSL certificate directory
LOCAL_DOCKER_SOCK=-/var/run/docker.sock # Local docker socket
NOTE: The contents of LOCAL_SSL_CERTS
should contain the certificates and private keys for any virtual hosts in use. The certificate and keys should be named after the virtual host with a .crt
and .key
extension. For example, a container with VIRTUAL_HOST=foo.bar.com
should have a foo.bar.com.crt
and foo.bar.com.key
file in the certs directory.
SSL - certificates for development
A development SSL certificate pair is included in this repository.
localhost.crt
- public certificatelocalhost.key
- private key
Since this certificate is not reckognized by any CA, do not use this for anything beyond local development (Never use in production)
The certificate pair was generated as follows:
openssl req -newkey rsa:4096 -days 3650 -nodes -x509 \
-subj "/C=US/ST=North Carolina/L=Chapel Hill/O=Local/OU=Development/CN=local.dev/emailAddress=email@local.dev" \
-keyout localhost.key \
-out localhost.crt
Once the environment is configured, the user can bring all the services up using docker compose.
docker-compose up -d
The user should observe three running containers
$ docker-compose ps
Name Command State Ports
---------------------------------------------------------------------------------------
db /entrypoint.sh mysqld Up (healthy) 3306/tcp, 33060/tcp
nginx /app/docker-entrypoint.sh ... Up 0.0.0.0:443->443/tcp, 80/tcp
teampass /bin/sh /teampass-docker-s ... Up 443/tcp, 80/tcp, 9000/tcp
From your browser, navigate to the location defined by $VIRTUAL_HOST:$HTTPS_PORT and configure your TeamPass deployment. From the example this is https://localhost:443.
Starting from the configuration Welcome page, follow the prompts using the values as set from the .env
file as they apply to each section. This generally follows the format of filling in the prompts, pressing the Launch button, and the pressing the Next button.
The following example uses the default settings as found in the .env
file.
- Absolute path to teampass folder: /var/www/html
- Full URL to teampass: https://localhost
- Host: db
- DataBase name: teampass
- Login: teampass
- Password: teampass
- Port: 3306
Per the documentation, use /var/www/html/sk
for the absolute path of your saltkey
- Table prefix: teampass_
- Absolute path to SaltKey: /var/www/html/sk
- Administrator password: adminpass
Press the Launch button to generate tables
Press the Launch button to finalize installation
Press the Move to home page link and sign in
- Account: admin
- Password: adminpass
Refer to the documentation to learn about all configuration options
Enjoy!
The following commands will stop all compose services, remove them from the system, prune the associated volumes and networks, and purge the local files associated with TeamPass. The final removal command may require sudo rights depending on the permissions of the user making the call.
docker-compose stop && docker-compose rm -f
docker volume prune -f
docker network prune -f
rm -rf \
volumes/teampass \
volumes/php \
volumes/db
- TeamPass Documentation: https://teampass.readthedocs.org/
- TeamPass Main site: https://teampass.net
- GitHub: https://github.com/nilsteampassnet/TeamPass
- DockerHub: https://hub.docker.com/r/teampass/teampass
- jwilder/nginx-proxy: https://github.com/jwilder/nginx-proxy