New dockerfile and docker-compose.yml, docs update

.dockerignore

@@ -0,0 +1,2 @@
+*
+!teampass-docker-start.sh

.gitignore

@@ -1,2 +1,3 @@
 *.bak
-.idea
+.idea
+volumes

Dockerfile

@@ -1,23 +1,28 @@
-FROM ubuntu:14.04
-MAINTAINER arthur@caranta.com
-RUN apt-get update && apt-get install -y git apache2 php5 libapache2-mod-php5 php5-mcrypt php5-mysqlnd php5-ldap php5-gd php5-curl
-ENV APACHE_RUN_USER www-data
-ENV APACHE_RUN_GROUP www-data
-ENV APACHE_LOG_DIR /var/log/apache2
+FROM richarvey/nginx-php-fpm:1.2.1
 
-ADD . /teampassinit
+# The location of the web files
+ARG VOL=/var/www/html
+ENV VOL ${VOL}
+VOLUME ${VOL}
 
-RUN php5enmod mcrypt
-RUN php5enmod mysql
-RUN php5enmod ldap
-RUN php5enmod curl
+# Configure nginx-php-fpm image to use this dir.
+ENV WEBROOT ${VOL}/www
 
-RUN perl -p -i -e "s/max_execution_time = 30/max_execution_time = 120/g" /etc/php5/apache2/php.ini
-RUN perl -p -i -e "s#Directory /var/www#Directory /teampass#g" /etc/apache2/apache2.conf
+RUN echo && \
+  # Install and configure missing PHP requirements
+  /usr/local/bin/docker-php-ext-configure bcmath && \
+  /usr/local/bin/docker-php-ext-install bcmath && \
+  apk add --no-cache openldap-dev && \
+  /usr/local/bin/docker-php-ext-configure ldap && \
+  /usr/local/bin/docker-php-ext-install ldap && \
+  apk del openldap-dev && \
+  echo "max_execution_time = 120" >> /usr/local/etc/php/conf.d/docker-vars.ini && \
+echo
 
-RUN mv /teampassinit/apache-default.conf /etc/apache2/sites-available/000-default.conf
-RUN mv /teampassinit/start.sh /start.sh && chmod a+x /start.sh
-EXPOSE 80
-VOLUME /teampass
+COPY teampass-docker-start.sh /teampass-docker-start.sh
 
-CMD /start.sh
+# Configure nginx-php-fpm image to pull our code.
+ENV REPO_URL https://github.com/nilsteampassnet/TeamPass.git
+
+ENTRYPOINT ["/bin/sh"]
+CMD ["/teampass-docker-start.sh"]

docker-compose.yml

@@ -1,20 +1,40 @@
-app:
-  build: .
-  restart: always
-  ports:
-    - "80:80"
-  links:
-    - db:db
-  volumes:
-    - /srv/teampass:/teampass
+version: "3"
+services:
+  nginx:
+    image: jwilder/nginx-proxy:alpine
+    restart: always
+    networks:
+      - frontend
+    ports:
+      - "443:443"
+    volumes:
+      - ./volumes/ssl:/etc/nginx/certs
+      - /var/run/docker.sock:/tmp/docker.sock:ro
 
-db:
-  restart: always
-  image: mysql/mysql-server:5.5
-  environment:
-    - MYSQL_ROOT_PASSWORD=mypass
-    - MYSQL_DATABASE=teampass
-    - MYSQL_PASSWORD=teampass
-    - MYSQL_USER=teampass
-  volumes:
-    - /srv/dbteampass:/var/lib/mysql
+  teampass:
+    image: teampass/teampass
+    restart: always
+    environment:
+      VIRTUAL_HOST: teampass.example.com
+    networks:
+      - frontend
+      - backend
+    volumes:
+      - ./volumes/teampass:/var/www/html
+
+  db:
+    restart: always
+    image: mysql/mysql-server:5.7
+    environment:
+      MYSQL_ROOT_PASSWORD: mypass
+      MYSQL_DATABASE: teampass
+      MYSQL_PASSWORD: teampass
+      MYSQL_USER: teampass
+    volumes:
+      - ./volumes/db:/var/lib/mysql
+    networks:
+      - backend
+
+networks:
+  frontend:
+  backend:

readme.md

@@ -2,84 +2,62 @@
 
 Teampass is a Collaborative Passwords Manager
 
-> Copyright (c) 2009-2017, [Nils Laumaillé] (Nils@TeamPass.net)
+> Copyright © 2009-2017, [Nils Laumaillé](Nils@TeamPass.net)
 
-## Licence Agreement
-
-Before installing and using TeamPass, you must accept its licence defined as GNU AFFERO GPL.
-
-This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version.
+<!-- MDTOC maxdepth:2 firsth1:0 numbering:0 flatten:0 bullets:1 updateOnSave:1 -->
 
-This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
-
-[Read Licence] (license.md)
+- [Requirements](#requirements)   
+- [Usage](#usage)   
+   - [With Docker](#with-docker)   
+   - [With Docker Compose](#with-docker-compose)   
+- [Update](#update)   
+- [Languages](#languages)   
+- [Licence Agreement](#licence-agreement)   
+- [Website](#website)   
+- [Bugs](#bugs)   
+- [Requests](#requests)   
 
-## Website
-
-Visit [Teampass.net](http://www.teampass.net/)
-
-## Bugs
-
-For bugs discovery, please report in [Github Issues] (https://github.com/nilsteampassnet/TeamPass/issues)
-
-## Requests
-
-For requests, please report in [UserEcho] (https://teamPass.userecho.com)
+<!-- /MDTOC -->
 
 ## Requirements
 
-* Apache 2.0,
-* MySQL 5.1,
-* PHP 5.5.0 (or higher),
+* MySQL 5.1 or higher,
+* PHP 5.5.0 or higher,
 * PHP extensions:
-** mcrypt
-** openssl
-** ldap (if used)
-** mbstring
-** bcmath
-** iconv
-** xml
-** gd
-** openssl
-** curl
+  * mcrypt
+  * openssl
+  * ldap (if used)
+  * mbstring
+  * bcmath
+  * iconv
+  * xml
+  * gd
+  * openssl
+  * curl
 * Function 'mysqli_fetch_all'
 
-## Installation
+## Usage
+
+* Read [installation related pages](https://teampass.readthedocs.io)
+* Once uploaded, launch Teampass in a browser and follow instructions.
 
-* Read [installation related pages] (https://teampass.readthedocs.io)
-* Once uploaded, launch install/install.php and follow instructions.
+### With Docker
+The Docker image provided will create a Teampass installation in its `/var/www/html/` directory, which you should mount as a volume to keep persistent. **SSL is not provided** if you use this image without a proxy in front of it. See the included [Docker Compose file](docker-compose.yml) for an example setup.
 
-### Docker Installation/Use
-*Currently SSL is not provided in this setup, it is advised to use something like HAproxy to add SSL support*
+**Note:** Use `/var/www/html/sk` as your "Absolute path to saltkey" during installation.
 
-Two ways to provide Docker install
-In both cases, the Teampass will be persistent IF you keep the data volume intact between runs and the database content (of course)
 
-#### Docker Compose
-* using the provided docker compose file, that you will edit to match your setup (ports/volumes/mysql passwords etc), then build the Teampass image :
-```docker-compose build```
-* and run the compose app
-```docker-compose up -d```
-* the first time Teampass is launched, you will be prompted to configured it :
- * for the ''Absolute path to saltkey'', please use ```/teampass/sk```
- * for the database setup :
-  * the host is ''db''
-  * the other credentials are the ones you provided in your docker-compose file
+### With Docker Compose
+The included [docker-compose.yml](docker-compose.yml) file is an example setup, using virtual host-based reverse proxy routing to provide SSL. If you want to use the Compose file as-is, you will need to provide an SSL certificate with a CN matching the `teampass` service's `VIRTUAL_HOST` variable. See the documentation for the [jwilder/nginx-proxy](https://github.com/jwilder/nginx-proxy) image for details.
 
-#### Simple Docker container
-* In this scenario, it is assumed you have a mysql database ready to be used.
-* First build the Teampass container :
-```docker build -t teampass .```
-* Then simply run the Teampass container with a volume to store the data :
-```docker run -d -p 80:80 -v /srv/teampass:/teampass --name teampass teampass```
-* The first launch, you will be prompted to configure Teampass :
- * for the ''Absolute path to saltkey'', please use ```/teampass/sk```
- * for the database, please provide your own database parameters
 
+**Note:** The database's hostname is `db`. You can find the database's credentials in the environment variables of the `db` service.
+
+**Note:** Use `/var/www/html/sk` as your "Absolute path to saltkey" during installation.
 
 ## Update
 
-* Read [upgrade related pages] (https://teampass.readthedocs.io)
+* Read [upgrade related pages](https://teampass.readthedocs.io)
 * Once uploaded, launch install/upgrade.php and follow instructions.
 
 ## Languages
@@ -106,4 +84,26 @@ Teampass is translated in next languages:
 * UKRAINIAN
 * VIETNAMESE
 
-Languages strings are managed at [POEditor.com] (https://poeditor.com/projects/view?id=16418).
+Languages strings are managed at [POEditor.com](https://poeditor.com/projects/view?id=16418).
+
+## Licence Agreement
+
+Before installing and using TeamPass, you must accept its licence defined as GNU AFFERO GPL.
+
+This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version.
+
+This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+[Read Licence](license.md)
+
+## Website
+
+Visit [Teampass.net](http://www.teampass.net/)
+
+## Bugs
+
+For bugs discovery, please report in [Github Issues](https://github.com/nilsteampassnet/TeamPass/issues)
+
+## Requests
+
+For requests, please report in [UserEcho](https://teamPass.userecho.com)

teampass-docker-start.sh

@@ -0,0 +1,21 @@
+#!/bin/sh
+if [ ! -d ${VOL}/www ];
+then
+	echo "Initial setup..."
+	git clone $REPO_URL ${VOL}/www
+	mkdir ${VOL}/sk
+	chown -Rf nginx:nginx ${VOL}
+fi
+
+if [ -f ${VOL}/www/includes/config/settings.php ] ;
+then
+	echo "Teampass is ready."
+	rm -rf ${VOL}/www/install
+else
+	echo "Teampass is not configured yet. Open it in a web browser to run the install process."
+	echo "Use ${VOL}/sk for the absolute path of your saltkey."
+	echo "When setup is complete, restart this image to remove the install directory."
+fi
+
+# Pass off to the image's script
+exec /start.sh